Launchpad.net

CVE 2018-12016

libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.

Related bugs and status

CVE-2018-12016 (Candidate) is related to these bugs:

Bug #1773028: CVE-2018-11396 epiphany crash fix

		In	Importance	Status
1773028	CVE-2018-11396 epiphany crash fix	epiphany-browser (Ubuntu)	High	Fix Released
1773028	CVE-2018-11396 epiphany crash fix	epiphany-browser (Ubuntu Bionic)	High	Fix Released
1773028	CVE-2018-11396 epiphany crash fix	Epiphany Browser	Critical	Fix Released
1773028	CVE-2018-11396 epiphany crash fix	epiphany-browser (Debian)	Unknown	Fix Released

Bug #1815602: [SRU] Update epiphany-browser to 3.28.5 in Bionic

Summary				In	Importance	Status
	1815602	[SRU] Update epiphany-browser to 3.28.5 in Bionic		epiphany-browser (Ubuntu)	High	Fix Released
	1815602	[SRU] Update epiphany-browser to 3.28.5 in Bionic		epiphany-browser (Ubuntu Bionic)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/ldp...