GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Thu Mar 22, 2018 1:26 am Post subject: [ GLSA 201803-11 ] WebKitGTK+ |
 |
|
Gentoo Linux Security Advisory
Title: WebKitGTK+: Multiple Vulnerabilities (GLSA 201803-11)
Severity: normal
Exploitable: remote
Date: 2018-03-22
Bug(s): #645686
ID: 201803-11
Synopsis
Multiple vulnerabilities have been found in WebKitGTK+, the worst
of which may lead to arbitrary code execution.
Background
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from hybrid
HTML/CSS applications to full-fledged web browsers.
Affected Packages
Package: net-libs/webkit-gtk
Vulnerable: < 2.18.6
Unaffected: >= 2.18.6
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Impact
An attacker could execute arbitrary commands via maliciously crafted web
content.
Workaround
There is no known workaround at this time.
Resolution
All WebKitGTK+ users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.18.6"
|
References
CVE-2017-13884
CVE-2017-13885
CVE-2017-7153
CVE-2017-7160
CVE-2017-7161
CVE-2017-7165
CVE-2018-4088
CVE-2018-4089
CVE-2018-4096 |
|
News & Announcements
