6122 – [Anolis OS 23] Bugfix for CVE-2023-32439

Bug 6122 - [Anolis OS 23] Bugfix for CVE-2023-32439

Summary: [Anolis OS 23] Bugfix for CVE-2023-32439

Status:	RESOLVED FIXED

Alias:	None

Product:	Anolis OS 23
Classification:	Anolis OS
Component:	BaseOS Packages (show other bugs)	BaseOS Packages
Sub Component:
Version:	unspecified
Hardware:	All Linux

Importance:	P2-High S2-major
Target Milestone:	---
Assignee:	xuchunmei
QA Contact:	bolong_tbl

URL:
Whiteboard:
Keywords:	CVE

Depends on:
Blocks:

Reported:	2023-08-08 09:55 UTC by 小龙
Modified:	2023-08-08 09:58 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description 小龙 admin

2023-08-08 09:55:31 UTC

Description:
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, Safari 16.5.1, macOS Ventura 13.4.1, iOS 15.7.7 and iPadOS 15.7.7. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Broken commit info:

Bugfix commit info:

Comment 1 happy_orange alibaba_cloud_group

2023-08-08 09:57:55 UTC

webkitgtk 中已经修复：
修复的代码链接：
https://gitee.com/src-anolis-os/webkitgtk/pulls/8

Comment 2 小龙 admin

2023-08-08 09:58:25 UTC

PR: 
https://gitee.com/src-anolis-os/webkitgtk/pulls/8