* SECURITY UPDATE: Fix memory corruption in ephy_string_shorten()
- CVE-2022-29536 (LP: #1969851)
* SECURITY UPDATE: Multiple XSS issues (LP: #1955362)
- CVE-2021-45085 XSS exploit possible from the Most Visited page
- CVE-2021-45086 XSS exploit possible with a PDF's suggested filename
- CVE-2021-45087 XSS exploit possible in View Source or Reader Mode
- CVE-2021-45087 XSS exploit possible via error pages
This bug was fixed in the package epiphany-browser - 3.36.4-0ubuntu2
---------------
epiphany-browser (3.36.4-0ubuntu2) focal-security; urgency=medium
* SECURITY UPDATE: Fix memory corruption in ephy_string_ shorten( )
- CVE-2022-29536 (LP: #1969851)
* SECURITY UPDATE: Multiple XSS issues (LP: #1955362)
- CVE-2021-45085 XSS exploit possible from the Most Visited page
- CVE-2021-45086 XSS exploit possible with a PDF's suggested filename
- CVE-2021-45087 XSS exploit possible in View Source or Reader Mode
- CVE-2021-45087 XSS exploit possible via error pages
-- Jeremy Bicha <email address hidden> Sun, 31 Jul 2022 16:32:14 -0400