Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20110205174537.237e05b9.michael.s.gilbert@gmail.com>
Date: Sat, 5 Feb 2011 17:45:37 -0500
From: Michael Gilbert <michael.s.gilbert@...il.com>
To: oss-security@...ts.openwall.com
Subject: Webkit Roundup

Hello,

I've been doing some work on applying security patches to the stable
webkitgtk release in Debian.  However, I've found a lot of the security
issues were published without sufficient detail to be able to review
the problems.  I would really appreciate help resolving the status of
the following issues.  You can see the current state of what we know in
the Debian security tracker [0].

CVE-2008-1010, CVE-2008-1011:
- This is a case of apple providing no useful info, but are two redhat
bug reports; both of which are claim the issues fixed as of svn31787,
unfortunately, there is no info about the actual problems to be able to
check. I suppose there is no reason to believe these are still open,
but I would feel more comfortable if there were some concrete info
about the problems to be able to check.

CVE-2009-2068:
- This issue was assigned based on an academic paper, and there are no
patches or fixes for reference in the CVE references. Chrome claims
the issue is fixed as of version 5.0.342.9.  Was webkit itself ever
affected by this issue, and when was it fixed?

CVE-2010-1403, CVE-2010-1404:
- According to redhat, both of these issues were fixed in the same
webkit commit.  That seems a bit surprising, but may be true.  I was
just wondering if anyone can confirm that the info is correct?
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1403
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1404

CVE-2010-1757:
- This issue sounds like an iphone-specific duplicate of
CVE-2010-2441.  If that is the case, can the two CVEs be merged?  If
its a different problem, is it in iphone-specific or is webkit itself
affected?

CVE-2010-1781:
- This is claimed fixed by Vincent Danen in webkitgtk 1.2.4, but there
is no redhat bug report about it and no info available to check whether
this is indeed fixed or not.  Does anyone have any info on this?
http://gitorious.org/webkitgtk/stable/commit/9d07fda89aab7105962d933eef32ca15dda610d8

CVE-2010-1783:
- According to redhat's info webkit commit 62134 fixes this, which is
believed to be the same commit that fixes CVE-2010-2899, but google is
still embargoing the bug report for that.  Does anyone have any info?
http://code.google.com/p/chromium/issues/detail?id=42736

CVE-2010-2264:
- This is claimed to fixed in webkitgtk 1.2.3, but wasn't noted until
after the fact. There is no info anywhere to be able to check that this
statement is true.
http://gitorious.org/webkitgtk/stable/commit/9d07fda89aab7105962d933eef32ca15dda610d8

CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808,
CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3816,
CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,
CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,
CVE-2010-3826, CVE-2010-3829: 
- These are all recent apple webkit announcements without any relevant
details :( Does anyone have any info to be able to check this deluge
of issues?

Thanks so much for any help in advance.

Best wishes,
Mike

[0] http://security-tracker.debian.org/tracker/source-package/webkit

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.