Opened 5 years ago

Closed 5 years ago

#11374 closed enhancement (fixed)

webkitgtk-2.22.5 (CVE-2018-4372, 4437, 4438, 4441, 4442, 4443, 4464, 4345)

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: highest Milestone: 8.4
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

"Thanksgiving Day Emergency Release"

I'm going to try to get here tonight, but I have TK/systemd to deal with first.

In addition, CVE-2018-4372 has to do with arbitrary code execution (ACE). This one's gotta get done soon.

Change History (5)

comment:1 by Douglas R. Reno, 5 years ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Xi Ruoyao, 5 years ago

Summary: webkitgtk-2.22.4 (CVE-2018-4372)webkitgtk-2.22.5 (CVE-2018-4372, 4437, 4438, 4441, 4442, 4443, 4464)

New point version.

There are many CVEs with ACE, see https://webkitgtk.org/security/WSA-2018-0009.html.

I've built and installed webkitgtk-2.22.5. It seems working well.

Last edited 5 years ago by Xi Ruoyao (previous) (diff)

comment:3 by Douglas R. Reno, 5 years ago

Next comment will contain a list of security fixes

2.22.3 

What’s new in the WebKitGTK+ 2.22.3 release?

    Many improvements and fixes for video playback with media source extensions (MSE), which improve the user experience across the board, and in particular for playback of WebM videos.
    Fix a memory leak during media playback when using playbin3.
    Fix portions of Web views not being rendered after resizing.
    Fix Resource Timing reporting for <iframe> elements.
    Fix the build with the remote Web Inspector disabled.
    Fix the build on ARMv7 with NEON extensions.
    Fix several crashes and rendering issues.

2.22.4 

What’s new in the WebKitGTK+ 2.22.4 release?

    Expose ENABLE_MEDIA_SOURCE as a public build option.
    Fix a crash when using Cairo versions between 1.15 and 1.16.0
    Fix the build with -DLOG_DISABLED=0.
    Fix the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF.
    Fix debug builds of JavaScriptCore.
    Fix several crashes and rendering issues.

2.22.5 

What’s new in the WebKitGTK+ 2.22.5 release?

    Improved the logic to determine for which architectures to enable the JIT compiler support and USE_SYSTEM_MALLOC at build time.
    Fix the build with ENABLE_VIDEO=OFF and ENABLE_OPENGL=OFF.
    Fix several crashes.

comment:4 by Douglas R. Reno, 5 years ago

Priority: highhighest
Summary: webkitgtk-2.22.5 (CVE-2018-4372, 4437, 4438, 4441, 4442, 4443, 4464)webkitgtk-2.22.5 (CVE-2018-4372, 4437, 4438, 4441, 4442, 4443, 4464, 4345) 
CVE-2018-4345

    Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1.
    Credit to an anonymous researcher.
    A cross-site scripting issue existed in WebKit. This issue was addressed with improved URL validation.

CVE-2018-4372

    Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before 2.22.2.
    Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea.
    Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4386

    Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1.
    Credit to lokihardt of Google Project Zero.
    Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4437

    Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before 2.22.3.
    Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea.
    Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4438

    Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1.
    Credit to lokihardt of Google Project Zero.
    Processing maliciously crafted web content may lead to arbitrary code execution. A logic issue existed resulting in memory corruption. This was addressed with improved state management.

CVE-2018-4441

    Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1.
    Credit to lokihardt of Google Project Zero.
    Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.

CVE-2018-4442

    Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1.
    Credit to lokihardt of Google Project Zero.
    Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.

CVE-2018-4443

    Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1.
    Credit to lokihardt of Google Project Zero.
    Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.

comment:5 by Douglas R. Reno, 5 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r20902

Note: See TracTickets for help on using tickets.