Format: 1.8
Date: Tue, 22 Sep 2009 08:47:11 -0400
Source: webkit
Binary: libwebkit-1.0-1 libwebkit-dev libwebkit-1.0-1-dbg
Architecture: armel
Version: 1.0.1-4ubuntu0.1
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu/armel Build Daemon <buildd@imbe.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libwebkit-1.0-1 - Web content engine library for Gtk+
 libwebkit-1.0-1-dbg - Web content engine library for Gtk+ - Debugging symbols
 libwebkit-dev - Web content engine library for Gtk+ - Development files
Changes: 
 webkit (1.0.1-4ubuntu0.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: remote code execution via document with a SVGPathList
     data structure containing a negative index.
     - WebCore/svg/SVGList.h: make sure index is valid.
     - http://trac.webkit.org/changeset/43590
     - http://trac.webkit.org/changeset/43795
     - CVE-2009-0945
   * SECURITY UPDATE: denial of service or arbitrary code execution via
     JavaScript garbage collector allocation failures.
     - JavaScriptCore/kjs/collector.cpp: make sure numBlocks is valid.
     - http://trac.webkit.org/changeset/41854
     - CVE-2009-1687
   * SECURITY UPDATE: denial of service or arbitrary code execution via
     use-after-free.
     - WebCore/html/HTMLParser.{cpp,h}: Fix incorrect handling of the head
       element.
     - http://trac.webkit.org/changeset/42532
     - CVE-2009-1690
   * SECURITY UPDATE: denial of service or arbitrary code execution via
     attr function call with a large numerical argument.
     - WebCore/css/{CSSParser,CSSPrimitiveValue}.cpp: fix attr handling.
     - http://trac.webkit.org/changeset/42081
     - CVE-2009-1698
   * SECURITY UPDATE: denial of service or arbitrary code execution via
     Attr DOM objects improper memory initialization.
     - WebCore/css/CSSStyleSelector.cpp, WebCore/dom/{Attribute.h,
       MappedAttribute.h,NamedMappedAttrMap.cpp,StyledElement.cpp},
       WebCore/html/HTMLInputElement.cpp, WebCore/svg/{SVGStyledElement,
       SVGForeignObjectElement}.cpp: introduce and use isMappedAttribute().
     - http://trac.webkit.org/changeset/36918
     - CVE-2009-1711
   * SECURITY UPDATE: arbitrary code execution via remote loading of
     local java applets.
     - WebCore/html/HTMLAppletElement.cpp, WebCore/loader/FrameLoader.cpp:
       Use same rule for loading java applets as webkit does for images.
     - http://trac.webkit.org/changeset/41568
     - CVE-2009-1712
   * SECURITY UPDATE: denial of service or arbitrary code execution via
     numeric character references.
     - WebCore/html/HTMLTokenizer.cpp: increase size of checkBuffer()
     - http://trac.webkit.org/changeset/44799
     - CVE-2009-1725
Checksums-Sha1: 
 26ea38ad6d81e9cca8ecf00d27fc914853ed68a1 2765258 libwebkit-1.0-1_1.0.1-4ubuntu0.1_armel.deb
 9fd000e65ce9a68d534be8a7d6c5a0f0ce88700a 60196424 libwebkit-1.0-1-dbg_1.0.1-4ubuntu0.1_armel.deb
Checksums-Sha256: 
 ff5ef492d26a94726258b3ce66ad4dfb74db3a5f5477ffaa7b70861002d05d22 2765258 libwebkit-1.0-1_1.0.1-4ubuntu0.1_armel.deb
 9221ef73d8b4a9a3a757d83cbee4c758ccce6f3854baf907fbcdaafe18730c98 60196424 libwebkit-1.0-1-dbg_1.0.1-4ubuntu0.1_armel.deb
Files: 
 fab39ee9adcde3af581407d3a8970455 2765258 libs optional libwebkit-1.0-1_1.0.1-4ubuntu0.1_armel.deb
 9af59c4934b4aa23673f2dcf3ee00400 60196424 libdevel extra libwebkit-1.0-1-dbg_1.0.1-4ubuntu0.1_armel.deb
Original-Maintainer: Debian WebKit Maintainers <pkg-webkit-maintainers@lists.alioth.debian.org>