{"id":"MGASA-2022-0382","summary":"Updated epiphany packages fix security vulnerability","details":"In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can\ntrigger a client buffer overflow (in ephy_string_shorten in the UI\nprocess) via a long page title. The issue occurs because the number of\nbytes for a UTF-8 ellipsis character is not properly considered.\n(CVE-2022-29536)\n","modified":"2026-02-04T03:42:49.855984Z","published":"2022-10-23T22:48:35Z","related":["CVE-2022-29536"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0382.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30365"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GLLDMY4JYDZTMZSCPSY23K5YW3SQYUR6/"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-5561-1"},{"type":"REPORT","url":"https://www.debian.org/security/2022/dsa-5208"}],"affected":[{"package":{"name":"epiphany","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/epiphany?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.38.2-1.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0382.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}