AVG-967 log

Package webkit2gtk
Status Fixed
Severity Critical
Type multiple issues
Affected 2.24.1-1
Fixed 2.24.2-1
Current 2.26.2-2 [extra]
Ticket None
Created Tue May 28 13:35:53 2019
Issue Severity Remote Type Description
CVE-2019-8615 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8607 High Yes Information disclosure
An out-of-bounds read has been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may result in the disclosure of process memory.
CVE-2019-8595 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.
Date Advisory Package Description
28 May 2019 ASA-201905-10 webkit2gtk multiple issues
References
https://webkitgtk.org/security/WSA-2019-0003.html