[Buildroot] [PATCH] webkitgtk: security bump to version 2.16.6
Peter Korsgaard
peter at korsgaard.com
Wed Jul 26 20:52:58 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> CVE-2017-7018 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7030 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7034 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7037 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7039 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7046 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7048 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7055 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7056 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7061 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
> It allows remote attackers to execute arbitrary code or cause a denial of
> service (memory corruption and application crash) via a crafted web site.
> CVE-2017-7064 - An issue was discovered in certain Apple products. iOS
> before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before
> 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected.
> The issue involves the "WebKit" component. It allows attackers to bypass
> intended memory-read restrictions via a crafted app.
> For more details, see the announcement:
> https://webkitgtk.org/2017/07/24/webkitgtk2.16.6-released.html
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2017.02.x and 2017.05.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list