Summary: | <net-libs/webkit-gtk-{2.4.8,2.4.8-r200}: Security fixes (CVE-2014-{1344,1384,1385,1386,1387,1388,1389,1390}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Pacho Ramos <pacho> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 536898 | ||
Bug Blocks: |
Description
Pacho Ramos
2015-01-10 17:22:50 UTC
CVE-2014-1390 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1390): WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. CVE-2014-1389 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1389): WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. CVE-2014-1388 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1388): WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. CVE-2014-1387 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1387): WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. CVE-2014-1386 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1386): WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. CVE-2014-1385 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1385): WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. CVE-2014-1384 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1384): WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. CVE-2014-1344 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1344): WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. +*webkit-gtk-2.4.8 (14 Jan 2015) +*webkit-gtk-2.4.8-r200 (14 Jan 2015) + + 14 Jan 2015; Pacho Ramos <pacho@gentoo.org> +webkit-gtk-2.4.8-r200.ebuild, + +webkit-gtk-2.4.8.ebuild: + Version bump + That two versions should be stabilized Arches, please test and mark stable: =net-libs/webkit-gtk-2.4.8 =net-libs/webkit-gtk-2.4.8-r200 Target keywords : "amd64 x86" amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. just cleaned Arches and Maintainer(s), Thank you for your work. GLSA Vote: No New GLSA Request filed. This issue was resolved and addressed in GLSA 201601-02 at https://security.gentoo.org/glsa/201601-02 by GLSA coordinator Kristian Fiskerstrand (K_F). |