+++ This bug was initially created as a clone of Bug #281818 +++ CVE-2009-1725 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1725): WebKit in Apple Safari before 4.0.2 does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
All versions (1.1.7, 1.1.8, 1.1.10, r40220) except r46193 are vulnerable.
See blocker for a patch.
webkit-gtk-1.2.5 has the fix from the blocker bug.
(In reply to comment #3) > webkit-gtk-1.2.5 has the fix from the blocker bug. > @gnome, are we ok to stabilize webkit-gtk-1.2.5?
afaik nothing is holding it. you can go ahead.
(In reply to comment #5) > afaik nothing is holding it. you can go ahead. > Great, thanks. Arches, please test and mark stable: =net-libs/webkit-gtk-1.2.5 Target keywords : "alpha amd64 arm ia64 ppc sparc x86"
Created attachment 257904 [details] build.log with test failures Looks OK on x86 but tests do weird things like starting a kded. Is this expected?
test do weird things indeed, see all currently open bugs against webkit-gtk, you'll see there are other issues, but they are not specific to 1.2.5 and we did not figure out how to fix all of them yet.
Last time I asked upstream about a failing test, they told me tests were checked by them before any release to verify they run ok, then, my suggestion is to try to compile webkit-gtk manually and run tests and, if they still fail, report to upstream. If not... we will need to investigate a bit more ;-)
(In reply to comment #9) > Last time I asked upstream about a failing test, they told me tests were > checked by them before any release to verify they run ok, then, my suggestion > is to try to compile webkit-gtk manually and run tests and, if they still fail, > report to upstream. If not... we will need to investigate a bit more ;-) Yep, also fails for vanilla. x86 stable.
amd64 stable emerge --info Portage 2.1.9.25 (default/linux/amd64/10.0/desktop/kde, gcc-4.4.4, glibc-2.11.2-r3, 2.6.36-gentoo-r5 x86_64) ================================================================= System uname: Linux-2.6.36-gentoo-r5-x86_64-AMD_Phenom-tm-_9650_Quad-Core_Processor-with-gentoo-1.12.14 Timestamp of tree: Sat, 25 Dec 2010 11:30:01 +0000 app-shells/bash: 4.1_p7 dev-java/java-config: 2.1.11-r1 dev-lang/python: 2.6.5-r3, 3.1.2-r4 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 1.12.14-r1 sys-apps/sandbox: 2.4 sys-devel/autoconf: 2.13, 2.65-r1 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.4.4-r2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 sys-devel/make: 3.81-r2 virtual/os-headers: 2.6.30-r1 (sys-kernel/linux-headers) ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -pipe -march=native" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests binpkg-logs collision-protect distlocks fixlafiles fixpackages multilib-strict news parallel-fetch protect-owned sandbox sfperms strict test unknown-features-warn unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.cc.uoc.gr/mirrors/linux/gentoo/ rsync://mirrors.rit.edu/gentoo/ http://mirror.datapipe.net/gentoo" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X a52 aac acl acpi alsa amd64 berkdb bluetooth branding bzip2 cairo cdr cli consolekit cracklib crypt cups cxx dbus device-mapper dri dts dvd dvdr emboss encode esd exif extras fam firefox flac fortran gd gdu gif gnutls gpm gtk hardcoded-tables iconv ipv6 jpeg kde kdrive lcms ldap libnotify mad mikmod mmx mmxext mng modules mp3 mp4 mpeg mudflap multilib mysql ncurses nls nptl nptlonly ogg opengl openmp oss pam pango pcre pdf perl png policykit ppds pppd python qt3support qt4 readline reports samba sdl semantic-desktop session sip spell sql sqlite sse sse2 ssl ssse3 startup-notification svg sysfs tcpd threads tiff truetype unicode usb vorbis wav webkit x264 xcb xml xorg xulrunner xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nvidia vesa fbdev" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
alpha/arm/ia64/sparc stable
amd64 done. Thanks Blain
(In reply to comment #10) > (In reply to comment #9) > > Last time I asked upstream about a failing test, they told me tests were > > checked by them before any release to verify they run ok, then, my suggestion > > is to try to compile webkit-gtk manually and run tests and, if they still fail, > > report to upstream. If not... we will need to investigate a bit more ;-) > > Yep, also fails for vanilla. x86 stable. > In that case, feel free to open a bug report here and provide a link to upstream bug report for allowing us to track. Thanks again :-)
*** Bug 340529 has been marked as a duplicate of this bug. ***
From our ChangeLog. *webkit-gtk-1.2.5 (11 Oct 2010) 11 Oct 2010; Pacho Ramos <pacho@gentoo.org> -webkit-gtk-1.2.1.ebuild, -files/webkit-gtk-1.2.1-icu-4.4.patch, +webkit-gtk-1.2.5.ebuild, metadata.xml: Version bump: fixes for CVE-2010-1780 CVE-2010-3113 CVE-2010-1814 CVE-2010-1812 CVE-2010-1815 CVE-2010-3115 CVE-2010-1807 CVE-2010-3114 CVE-2010-3116 CVE-2010-3257 CVE-2010-3259 CVE-2010-1781 CVE-2010-1782 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 CVE-2010-2648 CVE-2010-2647. We'll need to look at these CVEs before writing a GLSA.
ppc done
Thanks, everyone. GLSA with 271861.
No GLSA for you.
