Ubuntu
epiphany-browser package

  1. Bug #1955362
  2. Comment #6

Comment 6 for bug 1955362

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package epiphany-browser - 3.36.4-0ubuntu2

---------------
epiphany-browser (3.36.4-0ubuntu2) focal-security; urgency=medium

  * SECURITY UPDATE: Fix memory corruption in ephy_string_shorten()
    - CVE-2022-29536 (LP: #1969851)
  * SECURITY UPDATE: Multiple XSS issues (LP: #1955362)
    - CVE-2021-45085 XSS exploit possible from the Most Visited page
    - CVE-2021-45086 XSS exploit possible with a PDF's suggested filename
    - CVE-2021-45087 XSS exploit possible in View Source or Reader Mode
    - CVE-2021-45087 XSS exploit possible via error pages

 -- Jeremy Bicha <email address hidden> Sun, 31 Jul 2022 16:32:14 -0400