Date: Sat, 5 Feb 2011 17:45:37 -0500 From: Michael Gilbert <michael.s.gilbert@...il.com> To: oss-security@...ts.openwall.com Subject: Webkit Roundup Hello, I've been doing some work on applying security patches to the stable webkitgtk release in Debian. However, I've found a lot of the security issues were published without sufficient detail to be able to review the problems. I would really appreciate help resolving the status of the following issues. You can see the current state of what we know in the Debian security tracker . CVE-2008-1010, CVE-2008-1011: - This is a case of apple providing no useful info, but are two redhat bug reports; both of which are claim the issues fixed as of svn31787, unfortunately, there is no info about the actual problems to be able to check. I suppose there is no reason to believe these are still open, but I would feel more comfortable if there were some concrete info about the problems to be able to check. CVE-2009-2068: - This issue was assigned based on an academic paper, and there are no patches or fixes for reference in the CVE references. Chrome claims the issue is fixed as of version 5.0.342.9. Was webkit itself ever affected by this issue, and when was it fixed? CVE-2010-1403, CVE-2010-1404: - According to redhat, both of these issues were fixed in the same webkit commit. That seems a bit surprising, but may be true. I was just wondering if anyone can confirm that the info is correct? https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1403 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1404 CVE-2010-1757: - This issue sounds like an iphone-specific duplicate of CVE-2010-2441. If that is the case, can the two CVEs be merged? If its a different problem, is it in iphone-specific or is webkit itself affected? CVE-2010-1781: - This is claimed fixed by Vincent Danen in webkitgtk 1.2.4, but there is no redhat bug report about it and no info available to check whether this is indeed fixed or not. Does anyone have any info on this? http://gitorious.org/webkitgtk/stable/commit/9d07fda89aab7105962d933eef32ca15dda610d8 CVE-2010-1783: - According to redhat's info webkit commit 62134 fixes this, which is believed to be the same commit that fixes CVE-2010-2899, but google is still embargoing the bug report for that. Does anyone have any info? http://code.google.com/p/chromium/issues/detail?id=42736 CVE-2010-2264: - This is claimed to fixed in webkitgtk 1.2.3, but wasn't noted until after the fact. There is no info anywhere to be able to check that this statement is true. http://gitorious.org/webkitgtk/stable/commit/9d07fda89aab7105962d933eef32ca15dda610d8 CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829: - These are all recent apple webkit announcements without any relevant details :( Does anyone have any info to be able to check this deluge of issues? Thanks so much for any help in advance. Best wishes, Mike  http://security-tracker.debian.org/tracker/source-package/webkit
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.