webkit 1.0.1-4ubuntu0.1 source package in Ubuntu
Changelog
webkit (1.0.1-4ubuntu0.1) jaunty-security; urgency=low * SECURITY UPDATE: remote code execution via document with a SVGPathList data structure containing a negative index. - WebCore/svg/SVGList.h: make sure index is valid. - http://trac.webkit.org/changeset/43590 - http://trac.webkit.org/changeset/43795 - CVE-2009-0945 * SECURITY UPDATE: denial of service or arbitrary code execution via JavaScript garbage collector allocation failures. - JavaScriptCore/kjs/collector.cpp: make sure numBlocks is valid. - http://trac.webkit.org/changeset/41854 - CVE-2009-1687 * SECURITY UPDATE: denial of service or arbitrary code execution via use-after-free. - WebCore/html/HTMLParser.{cpp,h}: Fix incorrect handling of the head element. - http://trac.webkit.org/changeset/42532 - CVE-2009-1690 * SECURITY UPDATE: denial of service or arbitrary code execution via attr function call with a large numerical argument. - WebCore/css/{CSSParser,CSSPrimitiveValue}.cpp: fix attr handling. - http://trac.webkit.org/changeset/42081 - CVE-2009-1698 * SECURITY UPDATE: denial of service or arbitrary code execution via Attr DOM objects improper memory initialization. - WebCore/css/CSSStyleSelector.cpp, WebCore/dom/{Attribute.h, MappedAttribute.h,NamedMappedAttrMap.cpp,StyledElement.cpp}, WebCore/html/HTMLInputElement.cpp, WebCore/svg/{SVGStyledElement, SVGForeignObjectElement}.cpp: introduce and use isMappedAttribute(). - http://trac.webkit.org/changeset/36918 - CVE-2009-1711 * SECURITY UPDATE: arbitrary code execution via remote loading of local java applets. - WebCore/html/HTMLAppletElement.cpp, WebCore/loader/FrameLoader.cpp: Use same rule for loading java applets as webkit does for images. - http://trac.webkit.org/changeset/41568 - CVE-2009-1712 * SECURITY UPDATE: denial of service or arbitrary code execution via numeric character references. - WebCore/html/HTMLTokenizer.cpp: increase size of checkBuffer() - http://trac.webkit.org/changeset/44799 - CVE-2009-1725 -- Marc Deslauriers <email address hidden> Tue, 22 Sep 2009 08:47:11 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Jaunty
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
webkit_1.0.1.orig.tar.gz | 12.8 MiB | 9601ed57978e7f1221f770c24933d2037fdb93e4b412716d842b993507f0b856 |
webkit_1.0.1-4ubuntu0.1.diff.gz | 30.2 KiB | 048be85c43dd0963ccb338957230a196011ef960b3b693a885ee0a072aa8fed5 |
webkit_1.0.1-4ubuntu0.1.dsc | 1.5 KiB | b2abaee513b736a2166bd08c82fcfdcb351ad8d0b49c3abab5fa774e26084ea9 |
Available diffs
Binary packages built by this source
- libwebkit-1.0-1: No summary available for libwebkit-1.0-1 in ubuntu jaunty.
No description available for libwebkit-1.0-1 in ubuntu jaunty.
- libwebkit-1.0-1-dbg: No summary available for libwebkit-1.0-1-dbg in ubuntu jaunty.
No description available for libwebkit-1.0-1-dbg in ubuntu jaunty.
- libwebkit-dev: No summary available for libwebkit-dev in ubuntu jaunty.
No description available for libwebkit-dev in ubuntu jaunty.