[3.7] webkit2gtk: Multiple vulnerabilities (CVE-2017-7156, CVE-2017-13856, CVE-2017-13866, CVE-2017-13870)
CVE-2017-7156
Versions affected: WebKitGTK+ before 2.18.4.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-13856
Versions affected: WebKitGTK+ before 2.18.4.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption
issues were addressed with improved memory handling.
CVE-2017-13866
Versions affected: WebKitGTK+ before 2.18.4.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-13870
Versions affected: WebKitGTK+ before 2.18.4.
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.
Description: Multiple memory corruption issues were addressed with
improved memory handling.
References:
https://webkitgtk.org/security/WSA-2017-0010.html
http://openwall.com/lists/oss-security/2017/12/19/6
(from redmine: issue id 8334, created on 2017-12-20, closed on 2017-12-28)
- Relations:
- parent #8332 (closed)
- Changesets:
- Revision 07f89546 by Natanael Copa on 2017-12-26T14:24:10Z:
community/webkit2gtk: security upgrade to 2.18.4
CVE-2017-7156
CVE-2017-7157
CVE-2017-13856
CVE-2017-13866
CVE-2017-13870
fixes #8334