webkit2gtk3-2.38.5-1.el8.4.ML.1
エラータID: AXSA:2023-6191:14
リリース日:
2023/06/30 Friday - 07:04
題名:
webkit2gtk3-2.38.5-1.el8.4.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- WebKitGTK には、入力チェック処理の不備に起因するメモリ
領域の範囲外読み取りの問題があるため、リモートの攻撃者に
より、細工された Web コンテンツを介して、情報の漏洩を可能
とする脆弱性が存在します。(CVE-2023-28204)
- WebKitGTK には、メモリ領域の解放後利用の問題があるため、
リモートの攻撃者により、細工された Web コンテンツを介して、
任意のコードの実行を可能とする脆弱性が存在します。
(CVE-2023-32373)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-28204
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
CVE-2023-32373
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
追加情報:
N/A
ダウンロード:
SRPMS
- webkit2gtk3-2.38.5-1.el8.4.ML.1.src.rpm
MD5: 970cd2eb7c86fd4501990cfb6ead1eaf
SHA-256: ef78ba0324918c4eb37373313ae933981cfdba228368362480b03ec1741e6bf6
Size: 31.53 MB
Asianux Server 8 for x86_64
- webkit2gtk3-2.38.5-1.el8.4.ML.1.i686.rpm
MD5: 6bbbe3315b266ba2167585c009b64ae9
SHA-256: 6a1163d8161b173bb473b06cef323e22cb2a4a4346721bde9a5b9d32785dc291
Size: 23.37 MB - webkit2gtk3-2.38.5-1.el8.4.ML.1.x86_64.rpm
MD5: ab98b1a0fe0179a64df6a7f536f06446
SHA-256: 79db867e7024d06e6b6338b9c06fea87e2269633abfac20fb60264141c8a63ed
Size: 21.46 MB - webkit2gtk3-devel-2.38.5-1.el8.4.ML.1.i686.rpm
MD5: c1c32a98fea4ee40c68ab8884fbfd708
SHA-256: 4979321bf7578948727203a9f6048aa757ea0dd9a5526f6ab8c1b6b11b9c1220
Size: 296.29 kB - webkit2gtk3-devel-2.38.5-1.el8.4.ML.1.x86_64.rpm
MD5: d9427cbd2ebcf2df71d789bc22eadceb
SHA-256: 61c3f5158cfd60b0ef327717a8e6ca048ddf058f4c404ecc7c4845b616c465de
Size: 291.98 kB - webkit2gtk3-jsc-2.38.5-1.el8.4.ML.1.i686.rpm
MD5: 16869172ab2d4f32d93ad30f3dd71ede
SHA-256: 70f8f16066fe53bfeb5643edaa554abec9c46b944f7e33d09301342f936ee167
Size: 3.83 MB - webkit2gtk3-jsc-2.38.5-1.el8.4.ML.1.x86_64.rpm
MD5: 8bd5603904dc82e51d2ef8267bb5a75b
SHA-256: ec6bca10881d4dde40ccfd83f490819abeef017ec137db79eb89c87555e50521
Size: 7.06 MB - webkit2gtk3-jsc-devel-2.38.5-1.el8.4.ML.1.i686.rpm
MD5: 492be981aedd781588739ca7c6318f7f
SHA-256: 8f5c472d8283eab9c96011a791835d92263426d616de67bb842ee995805fedc2
Size: 165.68 kB - webkit2gtk3-jsc-devel-2.38.5-1.el8.4.ML.1.x86_64.rpm
MD5: 84b658da61ec686b0ec498c34ef96a52
SHA-256: c8ec71d875a7598c5695aeb599093c2e3e800ec62424d68bb0bd3855b806d424
Size: 156.65 kB