Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 658376 (CVE-2018-11396, CVE-2018-12016) - <www-client/epiphany-3.26.7: denial of service in ephy-session.c
Summary: <www-client/epiphany-3.26.7: denial of service in ephy-session.c
Status: RESOLVED FIXED
Alias: CVE-2018-11396, CVE-2018-12016
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://bug795740.bugzilla-attachment...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-06-18 06:00 UTC by Florian Schuhmacher
Modified: 2018-11-24 22:24 UTC (History)
1 user (show)

See Also:
Package list:
www-client/epiphany-3.26.7
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Schuhmacher 2018-06-18 06:00:55 UTC 
A flaw was found in ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.

Gentoo Security Scout
Florian Schuhmacher
Comment 1 Mart Raudsepp gentoo-dev 2018-08-05 08:19:04 UTC 
Fix is backported to 3.26.7, I guess lets just use that instead of backporting to 3.24.
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2018-08-06 22:21:20 UTC 
x86 stable
Comment 3 Agostino Sarubbo gentoo-dev 2018-08-07 08:50:26 UTC 
amd64 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 4 Larry the Git Cow gentoo-dev 2018-10-06 18:39:13 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=80954e9697477e00ac3c4734ac6cc2f5bc36c4ec

commit 80954e9697477e00ac3c4734ac6cc2f5bc36c4ec
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2018-10-06 18:38:58 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2018-10-06 18:38:58 +0000

    www-client/epiphany: security cleanup
    
    Bug: https://bugs.gentoo.org/658376
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>
    Package-Manager: Portage-2.3.49, Repoman-2.3.11

 www-client/epiphany/Manifest                       |  1 -
 www-client/epiphany/epiphany-3.24.5.ebuild         | 75 ----------------------
 .../files/epiphany-3.14.0-unittest-2.patch         | 45 -------------
 .../files/epiphany-3.16.0-unittest-1.patch         | 30 ---------
 4 files changed, 151 deletions(-)
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2018-11-24 22:24:53 UTC 
tree is clean