281821 – dev-qt/qtwebkit: "numeric character references" ACE (CVE-2009-1725)

Bug 281821 - dev-qt/qtwebkit: "numeric character references" ACE (CVE-2009-1725)

Summary: dev-qt/qtwebkit: "numeric character references" ACE (CVE-2009-1725)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://support.apple.com/kb/HT3666
Whiteboard:	B2 [glsa]
Keywords:

Depends on:
Blocks:	CVE-2009-1725
	Show dependency tree

Reported:	2009-08-17 16:23 UTC by Alex Legler (RETIRED)
Modified:	2013-09-12 22:15 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alex Legler (RETIRED) archtester

2009-08-17 16:23:42 UTC

+++ This bug was initially created as a clone of Bug #281818 +++

CVE-2009-1725 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1725):
  WebKit in Apple Safari before 4.0.2 does not properly handle numeric
  character references, which allows remote attackers to execute
  arbitrary code or cause a denial of service (memory corruption and
  application crash) via a crafted HTML document.

Comment 1 Alex Legler (RETIRED) archtester

2009-08-17 16:27:46 UTC

All versions in the tree are affected, see the blocker for a patch.

Comment 2 Ben de Groot (RETIRED) gentoo-dev

2009-08-17 20:22:42 UTC

I've added the patch to qt-webkit-4.4.2-r2, 4.5.1-r1 and 4.5.2-r1. 

Arches please test and mark as stable:
- x11-libs/qt-webkit-4.4.2-r2 
- x11-libs/qt-webkit-4.5.1-r1

(For those arches who haven't stabled 4.5.1 yet, please mark the rest of Qt 4.5.1 as stable too, so we can remove 4.4.2. If it's not too much trouble...)

Comment 3 Christian Faulhammer (RETIRED) gentoo-dev

2009-08-18 08:08:50 UTC

x86 stable

Comment 4 Jeroen Roovers (RETIRED) gentoo-dev

2009-08-18 13:04:25 UTC

Stable for HPPA.

Comment 5 nixnut (RETIRED) gentoo-dev

2009-08-23 09:39:25 UTC

ppc stable

Comment 6 Tobias Klausmann (RETIRED) gentoo-dev

2009-08-25 18:15:24 UTC

Stable on alpha.

Comment 7 Raúl Porcel (RETIRED) gentoo-dev

2009-08-31 14:14:29 UTC

arm/ia64 stable

Comment 8 Markus Meier gentoo-dev

2009-09-11 19:49:52 UTC

amd64 stable

Comment 9 Stefan Behte (RETIRED) gentoo-dev

2009-11-06 23:31:15 UTC

ppc64: *ping* :)

Comment 10 Ben de Groot (RETIRED) gentoo-dev

2009-11-07 00:52:20 UTC

Please don't bother with the versions mentioned in this bug anymore. Move on to 4.5.3 immediately (bug 290922).

Comment 11 Joe Jezak (RETIRED) gentoo-dev

2009-11-10 13:43:07 UTC

ppc64 marked stable.

Comment 12 Ben de Groot (RETIRED) gentoo-dev

2009-11-10 14:58:17 UTC

Security: you could issue a joint GLSA for this bug and bug 283810, once hppa has marked 4.5.3 stable, which I've been told would probably be today. The advice would then be to upgrade to >=4.5.3 which has both issues fixed. Tho I don't know what your policy is on cases like this.

Comment 13 Tim Sammut (RETIRED) gentoo-dev

2010-11-20 23:21:35 UTC

GLSA request filed.

Comment 14 Johannes Huber (RETIRED) gentoo-dev

2012-03-28 11:03:58 UTC

Thanks all. Affected version gone from tree. Removing qt from cc.

Comment 15 Chris Reffett (RETIRED) gentoo-dev

2013-09-12 22:15:25 UTC

No GLSA for you.