Package: release.debian.org Control: affects -1 + src:epiphany-browser X-Debbugs-Cc: epiphany-brow...@packages.debian.org User: release.debian....@packages.debian.org Usertags: unblock
Please allow epiphany-browser 48.2-1 to migrate faster than 10 days. [ Reason ] This package update includes regular bug fixes for the stable 48.x series. It also includes the epiphany-brower part of the security fix for https://security-tracker.debian.org/tracker/CVE-2025-3839 https://gitlab.gnome.org/GNOME/epiphany/-/blob/48.1/NEWS https://gitlab.gnome.org/GNOME/epiphany/-/compare/48.0...48.1 [ Impact ] The security update adds hardening to mitigate the impact of the recent vulnerability in the 'yelp' package https://blogs.gnome.org/mcatanzaro/2025/04/15/dangerous-arbitrary-file-read-vulnerability-in-yelp-cve-2025-3155/ [ Tests ] I manually tested epiphany-browser and verified that epiphany-browser now prompts what app to open a specific mimetype. My manual testing is part of why this is an unblock request for 48.2 instead of 48.1 (although I was not the only person to report the regression in 48.1). [ Risks ] Not a key package, but is recommended by phosh-core and is part of task-junior-desktop-blend [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [N/A] attach debdiff against the package in testing Thank you, Jeremy Bícha
