AVG-2790 - log back

AVG-2790 edited at 14 Oct 2022 18:15:52
Advisory qualified
- Yes
+ No
AVG-2790 edited at 29 Jul 2022 19:49:45
Status
- Vulnerable
+ Fixed
Fixed
+ 2.36.5-1
Advisory qualified
- No
+ Yes
AVG-2790 created at 28 Jul 2022 21:19:07
Packages
+ webkit2gtk
Issues
+ CVE-2022-32792
+ CVE-2022-32816
Status
+ Vulnerable
Severity
+ Critical
Affected
+ 2.36.4-2
Fixed
Ticket
Advisory qualified
+ No
References
+ https://webkitgtk.org/security/WSA-2022-0007.html
Notes
+ Our WebKit2GTK and WPE WebKit versions are not affected by the 'CVE-2022-2294' vulnerability because our packages are not built using the 'USE_LIBWEBRTC' CMake option.