calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'update'
${ noResults }
gentoo-overlay/metadata/glsa/glsa-201706-15.xml

153 lines
10 KiB
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201706-15">
<title>WebKitGTK+: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in WebKitGTK+, the worst
of which allows remote attackers to execute arbitrary code.
</synopsis>
<product type="ebuild">webkit-gtk</product>
<announced>2017-06-07</announced>
<revised count="1">2017-06-07</revised>
<bug>543650</bug>
<bug>573656</bug>
<bug>577068</bug>
<bug>608958</bug>
<bug>614876</bug>
<bug>619788</bug>
<access>remote</access>
<affected>
<package name="net-libs/webkit-gtk" auto="yes" arch="*">
<unaffected range="ge">2.16.3</unaffected>
<vulnerable range="lt">2.16.3</vulnerable>
</package>
</affected>
<background>
<p>WebKitGTK+ is a full-featured port of the WebKit rendering engine.</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
</p>
</description>
<impact type="normal">
<p>A remote attack can use multiple vectors to execute arbitrary code or
cause a denial of service condition.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All WebKitGTK+ users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=net-libs/webkit-gtk-2.16.3:4"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330">CVE-2015-2330</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096">CVE-2015-7096</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098">CVE-2015-7098</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723">CVE-2016-1723</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724">CVE-2016-1724</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725">CVE-2016-1725</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726">CVE-2016-1726</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727">CVE-2016-1727</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728">CVE-2016-1728</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692">CVE-2016-4692</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743">CVE-2016-4743</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586">CVE-2016-7586</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587">CVE-2016-7587</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589">CVE-2016-7589</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592">CVE-2016-7592</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598">CVE-2016-7598</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599">CVE-2016-7599</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610">CVE-2016-7610</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611">CVE-2016-7611</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623">CVE-2016-7623</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632">CVE-2016-7632</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635">CVE-2016-7635</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639">CVE-2016-7639</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640">CVE-2016-7640</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641">CVE-2016-7641</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642">CVE-2016-7642</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645">CVE-2016-7645</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646">CVE-2016-7646</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648">CVE-2016-7648</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649">CVE-2016-7649</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652">CVE-2016-7652</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654">CVE-2016-7654</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656">CVE-2016-7656</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642">CVE-2016-9642</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643">CVE-2016-9643</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350">CVE-2017-2350</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354">CVE-2017-2354</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355">CVE-2017-2355</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356">CVE-2017-2356</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362">CVE-2017-2362</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363">CVE-2017-2363</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364">CVE-2017-2364</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365">CVE-2017-2365</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366">CVE-2017-2366</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367">CVE-2017-2367</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369">CVE-2017-2369</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371">CVE-2017-2371</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373">CVE-2017-2373</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376">CVE-2017-2376</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377">CVE-2017-2377</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386">CVE-2017-2386</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392">CVE-2017-2392</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394">CVE-2017-2394</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395">CVE-2017-2395</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396">CVE-2017-2396</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405">CVE-2017-2405</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415">CVE-2017-2415</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419">CVE-2017-2419</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433">CVE-2017-2433</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442">CVE-2017-2442</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445">CVE-2017-2445</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446">CVE-2017-2446</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447">CVE-2017-2447</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454">CVE-2017-2454</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455">CVE-2017-2455</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457">CVE-2017-2457</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459">CVE-2017-2459</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460">CVE-2017-2460</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464">CVE-2017-2464</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465">CVE-2017-2465</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466">CVE-2017-2466</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468">CVE-2017-2468</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469">CVE-2017-2469</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470">CVE-2017-2470</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471">CVE-2017-2471</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475">CVE-2017-2475</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476">CVE-2017-2476</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481">CVE-2017-2481</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496">CVE-2017-2496</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504">CVE-2017-2504</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505">CVE-2017-2505</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506">CVE-2017-2506</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508">CVE-2017-2508</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510">CVE-2017-2510</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514">CVE-2017-2514</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515">CVE-2017-2515</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521">CVE-2017-2521</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525">CVE-2017-2525</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526">CVE-2017-2526</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528">CVE-2017-2528</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530">CVE-2017-2530</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531">CVE-2017-2531</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536">CVE-2017-2536</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539">CVE-2017-2539</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544">CVE-2017-2544</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547">CVE-2017-2547</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549">CVE-2017-2549</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980">CVE-2017-6980</uri>
<uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984">CVE-2017-6984</uri>
</references>
<metadata tag="requester" timestamp="2017-04-19T06:44:45Z">BlueKnight</metadata>
<metadata tag="submitter" timestamp="2017-06-07T11:52:15Z">whissi</metadata>
</glsa>
Reference in new issue View Git Blame Copy Permalink