[BLFS Trac] #3138: webkit-1.2.3 (security fixes)

BLFS Trac trac at linuxfromscratch.org
Thu Aug 5 08:26:05 PDT 2010

#3138: webkit-1.2.3 (security fixes)
 Reporter:  ken@…                     |       Owner:  blfs-book@…                   
     Type:  task                      |      Status:  new                           
 Priority:  normal                    |   Milestone:  future                        
Component:  BOOK                      |     Version:  SVN                           
 Severity:  normal                    |    Keywords:                                
 According to today's lwn.net (subscribers only for the next 2 weeks), open
 suse have reported a string of vulnerabilities in webkit, fixed in 1.2.3.

 The links to the "original" post/thread are broken.  Claims to fix
 CVE-2010-1386 CVE-2010-1392 CVE-2010-1405 CVE-2010-1407 CVE-2010-1416
 CVE-2010-1417 CVE-2010-1418 CVE-2010-1421 CVE-2010-1422 CVE-2010-1501
 CVE-2010-1664 CVE-2010-1665 CVE-2010-1758 CVE-2010-1759 CVE-2010-1760
 CVE-2010-1761 CVE-2010-1762 CVE-2010-1767 CVE-2010-1770 CVE-2010-1771
 CVE-2010-1772 CVE-2010-1773 CVE-2010-1774

 Some of those are "reserved" numbers, the rest are labelled as 'apple',
 but it's the same webkit!

 The gtk webkit-1.1 series is not maintained.  Fedora have moved to
 webkit-1.2 for older releases with gnome-2.28.  Works for me with both
 epiphany-2.28.2 and 2.30.2 on LFS-6.6 (and with midori).  On early
 gnome-2.28 it required libsoup >= 2.28.2, but that version is already in
 the book.

Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/3138>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch

More information about the blfs-book mailing list