+*webkit-gtk-1.2.6 (04 Jan 2011) + + 04 Jan 2011; Pacho Ramos <pacho@gentoo.org> + -files/webkit-gtk-1.1.15.2-unaligned.patch, -webkit-gtk-1.1.15.4.ebuild, + -files/webkit-gtk-1.1.15.4-darwin-quartz.patch, + -files/webkit-gtk-1.1.15.4-icu44.patch, +webkit-gtk-1.2.6.ebuild, + metadata.xml: + Version bump: Fixes crashes with newer libpng (>= 1.4), security fixes + CVE-2010-4198 CVE-2010-4197 CVE-2010-4204 CVE-2010-4206 CVE-2010-1791 + CVE-2010-3812 CVE-2010-3813. Also makes JIT support optional as it causes + problems with hardened (bug #338213). Remove old. + Reproducible: Always
webkit-gtk-1.2.6 just committed, looks to work ok for me (under Gnome 2.32)
(In reply to comment #1) > webkit-gtk-1.2.6 just committed, looks to work ok for me (under Gnome 2.32) > Thanks, Pacho. We're still stabilizing =net-libs/webkit-gtk-1.2.5 in bug 281819; can we stabilize this instead? <-- CVE-2010-1791, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1791 Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. CVE-2010-3812, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3812 Integer overflow in the wholeText method in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects. CVE-2010-3813, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3813 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to bypass the DNS prefetching setting via an HTML LINK element, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality. CVE-2010-4197, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4197 Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. CVE-2010-4198, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4198 Google Chrome before 7.0.517.44 does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document. CVE-2010-4204, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4204 Google Chrome before 7.0.517.44 accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2010-4206, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4206 Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds array index during processing of an SVG document, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
I would stabilize this but, since I have only tested this a bit with epiphany (as I use chromium mainly), I would wait a bit for other gnome team member opinion
(In reply to comment #2) > (In reply to comment #1) > > webkit-gtk-1.2.6 just committed, looks to work ok for me (under Gnome 2.32) > > > > Thanks, Pacho. We're still stabilizing =net-libs/webkit-gtk-1.2.5 in bug > 281819; can we stabilize this instead? > I would say "go ahead" ;-)
(In reply to comment #4) > > I would say "go ahead" ;-) > Great, thank you. Arches, please test and mark stable: =net-libs/webkit-gtk-1.2.6 Target keywords : "alpha amd64 arm ia64 ppc sparc x86"
amd64 done
x86 stable
I am unable to build and test webkit-gtk-1.2.6 on SPARC: (...) checking for style of include used by make... GNU checking for sparc-unknown-linux-gnu-gcc... sparc-unknown-linux-gnu-gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... configure: error: in `/var/tmp/portage/net-libs/webkit-gtk-1.2.6/work/webkit-1.2.6': configure: error: cannot run C compiled programs. If you meant to cross compile, use `--host'. See `config.log' for more details. !!! Please attach the following file when seeking support: !!! /var/tmp/portage/net-libs/webkit-gtk-1.2.6/work/webkit-1.2.6/config.log * ERROR: net-libs/webkit-gtk-1.2.6 failed: * econf failed * * Call stack: * ebuild.sh, line 56: Called src_configure * environment, line 3269: Called econf '--disable-introspection' '--disable-web_sockets' '--disable-coverage' '--disable-debug' '--enable-video' '--disable-introspection' '--enable-jit' * ebuild.sh, line 552: Called die * The specific snippet of code: * die "econf failed" * * If you need support, post the output of 'emerge --info =net-libs/webkit-gtk-1.2.6', * the complete build log and the output of 'emerge -pqv =net-libs/webkit-gtk-1.2.6'. * The complete build log is located at '/var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/environment'. * S: '/var/tmp/portage/net-libs/webkit-gtk-1.2.6/work/webkit-1.2.6' >>> Failed to emerge net-libs/webkit-gtk-1.2.6, Log file: Would you like me to add the logs to this report or file a new bug report? Fortunately webkit-gtk-1.2.5 is OK on SPARC.
ppc stable
Created attachment 259664 [details] (SPARC) emerge --info =net-libs/webkit-gtk-1.2.6
Created attachment 259666 [details] (SPARC) emerge -pqv =net-libs/webkit-gtk-1.2.6'
Created attachment 259668 [details] (SPARC) /var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/build.log
Created attachment 259670 [details] (SPARC) /var/tmp/portage/net-libs/webkit-gtk-1.2.6/temp/environment
@Alex, this is not how you should handle bug reports wrt current stabilization, see what amd64 team did, open a new bug and make it block this one. Otherwise this bug will get bloated with problems unrelated to security issues.
(In reply to comment #14) > @Alex, this is not how you should handle bug reports wrt current stabilization, > see what amd64 team did, open a new bug and make it block this one. Otherwise > this bug will get bloated with problems unrelated to security issues. OK, next time I shall do so. Sorry about this, folks.
Please add bug 351561 to the bug dependency.
arm stable
alpha/ia64/sparc stable
Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201412-09 at http://security.gentoo.org/glsa/glsa-201412-09.xml by GLSA coordinator Sean Amoss (ackle).