Register | Log in

epiphany-browser

Intuitive GNOME web browser

Choose email to subscribe with

general

source: epiphany-browser (main)
version: 42.4-1
maintainer: Debian GNOME Maintainers (archive) (DMD)
uploaders: Michael Biebl [DMD] – Jeremy Bicha [DMD] – Sebastien Bacher [DMD] – Laurent Bigonville [DMD]
arch: all any
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.22.7-1
oldstable: 3.32.1.2-3~deb10u1
stable: 3.38.2-1+deb11u2
stable-sec: 3.38.2-1+deb11u1
testing: 42.3-1
unstable: 42.4-1
exp: 43~beta-1

versioned links

3.22.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.32.1.2-3~deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.38.2-1+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.38.2-1+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
42.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
42.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
43~beta-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

epiphany-browser (241 bugs: 0, 203, 38, 0)
epiphany-browser-data (6 bugs: 0, 6, 0, 0)

action needed

5 security issues in buster high

There are 5 open security issues in buster.

1 important issue:

CVE-2022-29536: In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.

4 issues postponed or untriaged:

CVE-2021-45085: (needs triaging) XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list.
CVE-2021-45086: (needs triaging) XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.
CVE-2021-45087: (needs triaging) XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title.
CVE-2021-45088: (needs triaging) XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.

Created: 2022-07-04 Last update: 2022-08-06 09:01

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2022-29536: In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.

Created: 2022-07-04 Last update: 2022-08-06 09:01

lintian reports 3 errors and 11 warnings high

Lintian reports 3 errors and 11 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-10-13 Last update: 2022-07-30 12:12

4 bugs tagged patch in the BTS normal

The BTS contains patches fixing 4 bugs (5 if counting merged bugs), consider including or untagging them.

Created: 2022-07-27 Last update: 2022-08-08 04:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.5.1).

Created: 2021-08-18 Last update: 2022-08-06 05:42

testing migrations

excuses:
- Migration status for epiphany-browser (42.3-1 to 42.4-1): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Too young, only 2 of 5 days old
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/e/epiphany-browser.html
- ∙ ∙ autopkgtest for libreoffice/blocked-on-ci-infra: armel: Ignored failure, i386: Ignored failure, ppc64el: Ignored failure, s390x: Ignored failure
- Not considered

news

[2022-08-05] Accepted epiphany-browser 43~beta-1 (source) into experimental (Jeremy Bicha)
[2022-08-05] Accepted epiphany-browser 42.4-1 (source) into unstable (Jeremy Bicha)
[2022-07-16] epiphany-browser 42.3-1 MIGRATED to testing (Debian testing watch)
[2022-07-16] epiphany-browser 42.3-1 MIGRATED to testing (Debian testing watch)
[2022-07-11] Accepted epiphany-browser 42.3-1 (source) into unstable (Jeremy Bicha)
[2022-05-24] epiphany-browser 42.2-1 MIGRATED to testing (Debian testing watch)
[2022-04-21] Accepted epiphany-browser 42.2-1 (source) into unstable (Jeremy Bicha)
[2022-04-18] epiphany-browser 42.1-1 MIGRATED to testing (Debian testing watch)
[2022-04-12] Accepted epiphany-browser 42.1-1 (source) into unstable (Jeremy Bicha)
[2022-03-23] Accepted epiphany-browser 42.0-2 (source) into unstable (Jeremy Bicha)
[2022-03-17] Accepted epiphany-browser 42.0-1 (source) into experimental (Jeremy Bicha)
[2022-03-16] Accepted epiphany-browser 3.38.2-1+deb11u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Alberto Garcia)
[2022-03-16] epiphany-browser 42~beta-1 MIGRATED to testing (Debian testing watch)
[2022-03-15] Accepted epiphany-browser 42~beta-2 (source) into experimental (Jeremy Bicha)
[2022-02-22] Accepted epiphany-browser 42~beta-1 (source) into unstable (Jeremy Bicha)
[2022-02-19] epiphany-browser 41.3-2 MIGRATED to testing (Debian testing watch)
[2022-02-13] Accepted epiphany-browser 41.3-2 (source) into unstable (Simon McVittie)
[2022-01-22] Accepted epiphany-browser 3.38.2-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Alberto Garcia)
[2022-01-12] Accepted epiphany-browser 3.38.2-1+deb11u1 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Alberto Garcia)
[2021-12-27] epiphany-browser 41.3-1 MIGRATED to testing (Debian testing watch)
[2021-12-22] epiphany-browser 41.2-1 MIGRATED to testing (Debian testing watch)
[2021-12-21] Accepted epiphany-browser 41.3-1 (source) into unstable (Jeremy Bicha)
[2021-12-20] Accepted epiphany-browser 41.2-1 (source) into unstable (Jeremy Bicha)
[2021-09-29] epiphany-browser 41.0-2 MIGRATED to testing (Debian testing watch)
[2021-09-23] Accepted epiphany-browser 41.0-2 (source) into unstable (Jeremy Bicha)
[2021-09-17] Accepted epiphany-browser 41.0-1 (source) into experimental (Jeremy Bicha)
[2021-09-11] Accepted epiphany-browser 41~rc-1 (source) into experimental (Jeremy Bicha)
[2021-08-27] Accepted epiphany-browser 41~beta-1 (source) into experimental (Jeremy Bicha)
[2021-08-26] epiphany-browser 40.3-2 MIGRATED to testing (Debian testing watch)
[2021-08-21] Accepted epiphany-browser 40.3-2 (source) into unstable (Jeremy Bicha)

1
2

bugs [bug history graph]

all: 262 270
RC: 0
I&N: 219 224
M&W: 43 46
F&P: 0
patch: 4 5

links

homepage
lintian (3, 11)
buildd: logs, exp, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (-, 87)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 42.4-1
117 bugs (1 patch)

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing