Giuseppe Iuculano
2009-Jun-28 13:17 UTC
[Secure-testing-team] Bug#534949: CVE-2009-1698 CVE-2009-1690
Package: kde4libs
Severity: serious
Tags: security patch
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for kde4libs.
CVE-2009-1698[0]:
| WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and
| iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a
| pointer during handling of a Cascading Style Sheets (CSS) attr
| function call with a large numerical argument, which allows remote
| attackers to execute arbitrary code or cause a denial of service
| (memory corruption and application crash) via a crafted HTML document.
CVE-2009-1690[1]:
| Use-after-free vulnerability in WebKit, as used in Apple Safari before
| 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through
| 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows
| remote attackers to execute arbitrary code or cause a denial of
| service (memory corruption and application crash) by setting an
| unspecified property of an HTML tag that causes child elements to be
| freed and later accessed when an HTML error occurs, related to
| "recursion in certain DOM event handlers."
If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698
http://security-tracker.debian.net/tracker/CVE-2009-1698
Upstream WebKit patch: http://trac.webkit.org/changeset/42081
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690
http://security-tracker.debian.net/tracker/CVE-2009-1690
Upstream WebKit patch: http://trac.webkit.org/changeset/42532
Upstream KDE 4.2 patch: http://websvn.kde.org/?view=rev&revision=983316
Cheers,
Giuseppe.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEUEARECAAYFAkpHbXMACgkQNxpp46476aozMACggLXxefxPO5I2tyYL1jJ0nnSj
XP4Al2eJElqsD3/lKXrGwe/vIg9xKmA=TaZb
-----END PGP SIGNATURE-----