Opened 5 years ago

Closed 5 years ago

#8865 closed enhancement (fixed)

WebkitGTK+-2.1x webkitgtk+-2.14.4

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: highest Milestone: 8.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point release (security related)

https://webkitgtk.org/2017/02/10/webkitgtk2.14.4-released.html

What’s new in the WebKitGTK+ 2.14.4 release?

    Make accelerating compositing mode on-demand again. By default it will only be used for websites that require it, saving a lot of memory on websites that don’t need it.
    Fix rendering issues in long documents with transparent background.
    Release unused UpdateAtlas and reduce the tile coverage on memory pressure.
    The media backend now stores preloaded media in /var/tmp instead of user cache dir.
    Make inspector work again when accelerated compositing support is disabled.
    Fix a deadlock when the media player is destroyed.
    Fix network process crashes when loading custom URI schemes.
    Fix overlay scrollbars that are over a subframe.
    Fix a crash in GraphicsContext3D::drawArrays when using OpenGL 3.2 core profile.
    Fix BadDamage X errors happening when resizing the WebView.
    Fix several crashes and rendering issues.
    Security fixes: CVE-2017-2365, CVE-2017-2366, CVE-2017-2373, CVE-2017-2363, CVE-2017-2362, CVE-2017-2350, CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2371, CVE-2017-2364, CVE-2017-2369.
Date reported      : February 10, 2017
Advisory ID        : WSA-2017-0002
Advisory URL       : https://webkitgtk.org/security/WSA-2017-0002.html
CVE identifiers    : CVE-2017-2350, CVE-2017-2354, CVE-2017-2355,
                     CVE-2017-2356, CVE-2017-2362, CVE-2017-2363,
                     CVE-2017-2364, CVE-2017-2365, CVE-2017-2366,
                     CVE-2017-2369, CVE-2017-2371, CVE-2017-2373.

https://webkitgtk.org/security/WSA-2017-0002.html

CVE-2017-2350
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Gareth Heyes of Portswigger Web Security.
    Impact: Processing maliciously crafted web content may exfiltrate
    data cross-origin. Description: A prototype access issue was
    addressed through improved exception handling.

CVE-2017-2354
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Neymar of Tencent's Xuanwu Lab (tencent.com) working with
    Trend Micro's Zero Day Initiative.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed through improved memory handling.

CVE-2017-2355
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Team Pangu and lokihardt at PwnFest 2016.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: A memory initialization issue
    was addressed through improved memory handling.

CVE-2017-2356
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Team Pangu and lokihardt at PwnFest 2016.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed through improved input validation.

CVE-2017-2362
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Ivan Fratric of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed through improved memory handling.

CVE-2017-2363
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to lokihardt of Google Project Zero.
    Impact: Processing maliciously crafted web content may exfiltrate
    data cross-origin. Description: Multiple validation issues existed
    in the handling of page loading. This issue was addressed through
    improved logic.

CVE-2017-2364
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to lokihardt of Google Project Zero.
    Impact: Processing maliciously crafted web content may exfiltrate
    data cross-origin. Description: Multiple validation issues existed
    in the handling of page loading. This issue was addressed through
    improved logic.

CVE-2017-2365
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to lokihardt of Google Project Zero.
    Impact: Processing maliciously crafted web content may exfiltrate
    data cross-origin. Description: A validation issue existed in
    variable handling. This issue was addressed through improved
    validation.

CVE-2017-2366
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Kai Kang of Tencent's Xuanwu Lab (tencent.com).
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed through improved input validation.

CVE-2017-2369
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Ivan Fratric of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed through improved input validation.

CVE-2017-2371
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to lokihardt of Google Project Zero.
    Impact: A malicious website can open popups. Description: An issue
    existed in the handling of blocking popups. This was addressed
    through improved input validation.

CVE-2017-2373
    Versions affected: WebKitGTK+ before 2.14.4.
    Credit to Ivan Fratric of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed through improved memory handling.

Change History (2)

comment:1 by Douglas R. Reno, 5 years ago

Owner: changed from blfs-book@… to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 5 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r18281

Note: See TracTickets for help on using tickets.