Summary: | <net-libs/webkit-gtk-2.22.5: multiple vulnerabilities (WSA-2018-0009) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://webkitgtk.org/security/WSA-2018-0009.html | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 672108 | ||
Bug Blocks: |
Description
GLSAMaker/CVETool Bot
2019-01-06 17:15:19 UTC
CVE-2018-4437 Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before 2.22.3. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4438 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Processing maliciously crafted web content may lead to arbitrary code execution. A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2018-4441 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. CVE-2018-4442 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. CVE-2018-4443 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. CVE-2018-4464 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. stabling done in dependent bug, cleanup done Arches and Maintainer(s), Thank you for your work. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201903-12 at https://security.gentoo.org/glsa/201903-12 by GLSA coordinator Aaron Bauman (b-man). |