Summary: | <net-libs/webkit-gtk-1.2.6: Multiple vulnerabilities (CVE-2010-{1791,3812,3813,4197,4198,4204,4206)} | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Pacho Ramos <pacho> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 351284, 351561 | ||
Bug Blocks: | |||
Attachments: |
Description
Pacho Ramos
2011-01-04 21:56:21 UTC
webkit-gtk-1.2.6 just committed, looks to work ok for me (under Gnome 2.32) (In reply to comment #1) > webkit-gtk-1.2.6 just committed, looks to work ok for me (under Gnome 2.32) > Thanks, Pacho. We're still stabilizing =net-libs/webkit-gtk-1.2.5 in bug 281819; can we stabilize this instead? <-- CVE-2010-1791, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1791 Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. CVE-2010-3812, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3812 Integer overflow in the wholeText method in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects. CVE-2010-3813, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3813 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to bypass the DNS prefetching setting via an HTML LINK element, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality. CVE-2010-4197, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4197 Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. CVE-2010-4198, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4198 Google Chrome before 7.0.517.44 does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document. CVE-2010-4204, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4204 Google Chrome before 7.0.517.44 accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2010-4206, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4206 Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds array index during processing of an SVG document, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. I would stabilize this but, since I have only tested this a bit with epiphany (as I use chromium mainly), I would wait a bit for other gnome team member opinion (In reply to comment #2) > (In reply to comment #1) > > webkit-gtk-1.2.6 just committed, looks to work ok for me (under Gnome 2.32) > > > > Thanks, Pacho. We're still stabilizing =net-libs/webkit-gtk-1.2.5 in bug > 281819; can we stabilize this instead? > I would say "go ahead" ;-) (In reply to comment #4) > > I would say "go ahead" ;-) > Great, thank you. Arches, please test and mark stable: =net-libs/webkit-gtk-1.2.6 Target keywords : "alpha amd64 arm ia64 ppc sparc x86" amd64 done x86 stable I am unable to build and test webkit-gtk-1.2.6 on SPARC:
(...)
checking for style of include used by make... GNU
checking for sparc-unknown-linux-gnu-gcc... sparc-unknown-linux-gnu-gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... configure: error: in `/var/tmp/portage/net-libs/webkit-gtk-1.2.6/work/webkit-1.2.6':
configure: error: cannot run C compiled programs.
If you meant to cross compile, use `--host'.
See `config.log' for more details.
!!! Please attach the following file when seeking support:
!!! /var/tmp/portage/net-libs/webkit-gtk-1.2.6/work/webkit-1.2.6/config.log
* ERROR: net-libs/webkit-gtk-1.2.6 failed:
* econf failed
*
* Call stack:
* ebuild.sh, line 56: Called src_configure
* environment, line 3269: Called econf '--disable-introspection' '--disable-web_sockets' '--disable-coverage' '--disable-debug' '--enable-video' '--disable-introspection' '--enable-jit'
* ebuild.sh, line 552: Called die
* The specific snippet of code:
* die "econf failed"
*
* If you need support, post the output of 'emerge --info =net-libs/webkit-gtk-1.2.6',
* the complete build log and the output of 'emerge -pqv =net-libs/webkit-gtk-1.2.6'.
* The complete build log is located at '/var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/build.log'.
* The ebuild environment file is located at '/var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/environment'.
* S: '/var/tmp/portage/net-libs/webkit-gtk-1.2.6/work/webkit-1.2.6'
>>> Failed to emerge net-libs/webkit-gtk-1.2.6, Log file:
Would you like me to add the logs to this report or file a new bug report?
Fortunately webkit-gtk-1.2.5 is OK on SPARC.
ppc stable Created attachment 259664 [details]
(SPARC) emerge --info =net-libs/webkit-gtk-1.2.6
Created attachment 259666 [details]
(SPARC) emerge -pqv =net-libs/webkit-gtk-1.2.6'
Created attachment 259668 [details]
(SPARC) /var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/build.log
Created attachment 259670 [details]
(SPARC) /var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/environment
@Alex, this is not how you should handle bug reports wrt current stabilization, see what amd64 team did, open a new bug and make it block this one. Otherwise this bug will get bloated with problems unrelated to security issues. (In reply to comment #14) > @Alex, this is not how you should handle bug reports wrt current stabilization, > see what amd64 team did, open a new bug and make it block this one. Otherwise > this bug will get bloated with problems unrelated to security issues. OK, next time I shall do so. Sorry about this, folks. Please add bug 351561 to the bug dependency. arm stable alpha/ia64/sparc stable Added to existing GLSA request. This issue was resolved and addressed in GLSA 201412-09 at http://security.gentoo.org/glsa/glsa-201412-09.xml by GLSA coordinator Sean Amoss (ackle). |