Mandriva Linux Security Advisory 2011-039

Mandriva Linux Security Advisory 2011-039: Posted Mar 2, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-039 - Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. The updated packages have been upgraded to the latest version to correct these issues.; tags | advisory, denial of service, arbitrary, code execution, xss; systems | linux, mandriva; advisories | CVE-2009-2797, CVE-2009-2841, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0314, CVE-2010-0647, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-1386, CVE-2010-1387, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398; SHA-256 | 9aa3acee10ae2e83e96128d82e5f1409071587392804e700307a97e3ba876551; Download | Favorite | View

Mandriva Linux Security Advisory 2011-039

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:039
 https://www.mandriva.com/security/
 _______________________________________________________________________

 Package : webkit
 Date    : March 2, 2011
 Affected: 2010.1
 _______________________________________________________________________

 Problem Description:

 Multiple cross-site scripting, denial of service and arbitrary code
 execution security flaws were discovered in webkit.
 
 Please consult the CVE web links for further information.
 
 The updated packages have been upgraded to the latest version (1.2.7)
 to correct these issues.
 _______________________________________________________________________

 References:

 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1501
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3119
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3255
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3812
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3813
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4040
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4197
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4198
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4204
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4206
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 141f3cd181b875d1bb40b67a507b6db1  2010.1/i586/libwebkitgtk1.0_2-1.2.7-0.1mdv2010.2.i586.rpm
 054886a3c645b3ce710b9b9daec1d5f9  2010.1/i586/libwebkitgtk1.0-devel-1.2.7-0.1mdv2010.2.i586.rpm
 bef556ca3f281f6ef4086292c3b658d2  2010.1/i586/webkit1.0-1.2.7-0.1mdv2010.2.i586.rpm
 a1ff7ac638646aeb64e3bbdca9bc945d  2010.1/i586/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.i586.rpm
 3f40e3ebc62bad67097a9e102e0e79c2  2010.1/i586/webkit-1.2.7-0.1mdv2010.2.i586.rpm
 50875cf1bc8718cedce1a45dc509b44b  2010.1/i586/webkit-gtklauncher-1.2.7-0.1mdv2010.2.i586.rpm
 625d27780d1cc9edb935d4ac3521ae16  2010.1/i586/webkit-jsc-1.2.7-0.1mdv2010.2.i586.rpm 
 8d02c28d8f21a022130be4c49f9d27be  2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 5ce57cd6ab823f8084030033c7c230d7  2010.1/x86_64/lib64webkitgtk1.0_2-1.2.7-0.1mdv2010.2.x86_64.rpm
 690d8718a97af93f58de3bb2357fbe9b  2010.1/x86_64/lib64webkitgtk1.0-devel-1.2.7-0.1mdv2010.2.x86_64.rpm
 7cc1d4aa77e1901ccc92f27faf85c9ea  2010.1/x86_64/webkit1.0-1.2.7-0.1mdv2010.2.x86_64.rpm
 2b77a77159529c55f64343aba98c15d9  2010.1/x86_64/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.x86_64.rpm
 475cf83c5ddd8f6809c2c73a1f5a71d1  2010.1/x86_64/webkit-1.2.7-0.1mdv2010.2.x86_64.rpm
 b0f1c76107c3d54241daa7e61bfb29a9  2010.1/x86_64/webkit-gtklauncher-1.2.7-0.1mdv2010.2.x86_64.rpm
 97deff5e94a625a79842b4c240b0b00d  2010.1/x86_64/webkit-jsc-1.2.7-0.1mdv2010.2.x86_64.rpm 
 8d02c28d8f21a022130be4c49f9d27be  2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  https://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNbgbemqjQ0CJFipgRAs9YAJ92z2WSC2ijj34b/wr42OIYLtv65gCg7XgL
Yv/ButpYAcXsmnJWUG4ayxQ=
=GRM6
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 56 files
Debian 19 files
LiquidWorm 18 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Chokri Hammedi 3 files
Alter Prime 3 files
Valentin Lobstein 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,937)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,979)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

Mandriva Linux Security Advisory 2011-039

Mandriva Linux Security Advisory 2011-039

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Mandriva Linux Security Advisory 2011-039

Share This

Mandriva Linux Security Advisory 2011-039

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems