oss-sec mailing list archives
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006
From: Salvatore Bonaccorso <carnil () debian org>
Date: Sun, 31 Oct 2021 15:50:22 +0100
Hi, On Thu, Oct 28, 2021 at 06:24:24AM +0200, Salvatore Bonaccorso wrote:
Hi Samuel, On Wed, Oct 27, 2021 at 04:40:55PM +0200, Samuel Groß wrote:Hi! I don't know what happened to CVE-2021-30851 as these CVEs are allocated by Apple usually. I think the CVE would correspond to this issue though: https://bugs.webkit.org/show_bug.cgi?id=227988I pinged now product-security () apple com as well on this (as Apple Inc is the responsible CNA for the CVE).
I did not got a reply but apparently the CVE entry got re-populated at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30851 and now reads as "A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution." Regards, Salvatore
Current thread:
- WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Carlos Alberto Lopez Perez (Oct 26)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso (Oct 26)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Francis Perron (Oct 27)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Alberto Garcia (Oct 27)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Samuel Groß (Oct 27)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso (Oct 27)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso (Oct 31)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Francis Perron (Oct 27)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso (Oct 26)