Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <56E2D563.2070106@igalia.com>
Date: Fri, 11 Mar 2016 15:25:39 +0100
From: Carlos Alberto Lopez Perez <clopez@...lia.com>
To: webkit-gtk@...ts.webkit.org
Cc: bugtraq@...urityfocus.com, oss-security@...ts.openwall.com
Subject: WebKitGTK+ Security Advisory WSA-2016-0002

------------------------------------------------------------------------
WebKitGTK+ Security Advisory                               WSA-2016-0002
------------------------------------------------------------------------

Date reported      : March 11, 2016
Advisory ID        : WSA-2016-0002
Advisory URL       : http://webkitgtk.org/security/WSA-2016-0002.html
CVE identifiers    : CVE-2016-1723, CVE-2016-1724, CVE-2016-1725,
                     CVE-2016-1726, CVE-2016-1727, CVE-2016-1728.

Several vulnerabilities were discovered on WebKitGTK+.

CVE-2016-1723
    Versions affected: WebKitGTK+ before 2.10.5.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption) via a crafted web site, a different
    vulnerability than CVE-2016-1725 and CVE-2016-1726.

CVE-2016-1724
    Versions affected: WebKitGTK+ before 2.10.5.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and
    tvOS before 9.1.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption) via a crafted web
    site, a different vulnerability than CVE-2016-1727.

CVE-2016-1725
    Versions affected: WebKitGTK+ before 2.10.5.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption) via a crafted web site, a different
    vulnerability than CVE-2016-1723 and CVE-2016-1726.

CVE-2016-1726
    Versions affected: WebKitGTK+ before 2.10.8.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption) via a crafted web site, a different
    vulnerability than CVE-2016-1723 and CVE-2016-1725.

CVE-2016-1727
    Versions affected: WebKitGTK+ before 2.10.5.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and
    tvOS before 9.1.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption) via a crafted web
    site, a different vulnerability than CVE-2016-1724.

CVE-2016-1728
    Versions affected: WebKitGTK+ before 2.10.5.
    Credit to an anonymous researcher coordinated via Joe Vennix.
    The Cascading Style Sheets (CSS) implementation in Apple iOS before
    9.2.1 and Safari before 9.0.3 mishandles the "a:visited button"
    selector during height processing, which makes it easier for remote
    attackers to obtain sensitive browser-history information via a
    crafted web site.


We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.

Further information about WebKitGTK+ Security Advisories can be found
at: http://webkitgtk.org/security.html

The WebKitGTK+ team,
March 11, 2016



Download attachment "signature.asc" of type "application/pgp-signature" (884 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.