[3.9] webkit2gtk: Multiple vulnerabilities (CVE-2018-4437, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6227, CVE-2019-6229)
CVE-2018-4437
Processing maliciously crafted web content may lead to arbitrary code
execution.
Multiple memory corruption issues were addressed with improved memory
handling.
Versions affected: WebKitGTK+ before 2.22.5
Reference:
https://webkitgtk.org/security/WSA-2018-0009.html
CVE-2019-6212
Processing maliciously crafted web content may lead to arbitrary code
execution.
Multiple memory corruption issues were addressed with improved memory
handling.
Versions affected: WebKitGTK+ before 2.22.6
CVE-2019-6215
Processing maliciously crafted web content may lead to arbitrary code
execution.
A type confusion issue was addressed with improved memory handling.
Versions affected: WebKitGTK+ before 2.22.6
CVE-2019-6216
Processing maliciously crafted web content may lead to arbitrary code
execution.
Multiple memory corruption issues were addressed with improved memory
handling.
Versions affected: WebKitGTK+ before 2.22.5
CVE-2019-6217
Processing maliciously crafted web content may lead to arbitrary code
execution.
Multiple memory corruption issues were addressed with improved memory
handling.
Versions affected: WebKitGTK+ before 2.22.5
CVE-2019-6227
Versions affected: WebKitGTK+ before 2.22.5
Processing maliciously crafted web content may lead to arbitrary code
execution.
A memory corruption issue was addressed with improved memory handling.
CVE-2019-6229
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Processing maliciously crafted web content may lead to universal cross
site scripting.
A logic issue was addressed with improved validation.
Reference:
https://webkitgtk.org/security/WSA-2019-0001.html
(from redmine: issue id 10113, created on 2019-03-14, closed on 2019-04-15)
- Relations:
- parent #10111 (closed)
- Changesets:
- Revision 9333b6b6 on 2019-04-12T08:26:20Z:
community/webkit2gtk: security upgrade to 2.22.7
CVE-2018-4437, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216,
CVE-2019-6217, CVE-2019-6227, CVE-2019-6229
Fixes #10113