webkitgtk (2.4.10-0ubuntu0.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: Updated to 2.4.10 to fix multiple security issues
(LP: #1556964)
- CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081,
CVE-2015-1122, CVE-2015-1155, CVE-2014-1748, CVE-2015-3752,
CVE-2015-5809, CVE-2015-5928, CVE-2015-3749, CVE-2015-3659,
CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745,
CVE-2015-5822, CVE-2015-3658, CVE-2015-3741, CVE-2015-3727,
CVE-2015-5801, CVE-2015-5788, CVE-2015-3747, CVE-2015-5794,
CVE-2015-1127, CVE-2015-1153, CVE-2015-1083
* Dropped upstreamed patches:
- fix-gtkdoc-error.patch, atomic_build_fix.patch,
fix-textrel-x86.patch, ppc64-align.patch, render-text-control.patch,
nullptr-frameprogresstracker.patch,
nullptr-accessibilitymenulistoption.patch, ax-focus-events.patch,
fix-ftbfs-pluginpackage.patch.
-- Marc Deslauriers <email address hidden> Wed, 16 Mar 2016 08:10:33 -0400
|
1556964 |
Update to bugfix release 2.4.10 in Trusty |
CVE-2015-1120 |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote at |
CVE-2015-1076 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a de |
CVE-2015-1071 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a de |
CVE-2015-1081 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a de |
CVE-2015-1122 |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote at |
CVE-2015-1155 |
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass |
CVE-2014-1748 |
The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to |
CVE-2015-3752 |
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4. |
CVE-2015-5809 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory |
CVE-2015-5928 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a |
CVE-2015-3749 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitra |
CVE-2015-3659 |
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple i |
CVE-2015-3748 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitra |
CVE-2015-3743 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitra |
CVE-2015-3731 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitra |
CVE-2015-3745 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitra |
CVE-2015-5822 |
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial o |
CVE-2015-3658 |
The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and ot |
CVE-2015-3741 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitra |
CVE-2015-3727 |
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly re |
CVE-2015-5801 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory |
CVE-2015-5788 |
The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image informatio |
CVE-2015-3747 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitra |
CVE-2015-5794 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory |
CVE-2015-1127 |
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an in |
CVE-2015-1153 |
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a de |
CVE-2015-1083 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a de |
|