ArchLinux: 201609-2: webkit2gtk: multiple issues
Summary
- CVE-2016-4590 (same-origin policy bypass)
xisigr of Tencent’s Xuanwu Lab discovered a vulnerability in the way
webkit handles URLs, which allows remote attackers to bypass the Same
Origin Policy via a crafted web site.
- CVE-2016-4591 (arbitrary filesystem access)
ma.la of LINE Corporation discoveered a vulnerability in the way webkit
handles the location variable, which allows remote attackers to access
the local filesystem via unspecified vectors.
- CVE-2016-4622 (arbitrary code execution)
Samuel Gross working with Trend Micro’s Zero Day Initiative discovered a
vulnerability that allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web site.
- CVE-2016-4624 (arbitrary code execution)
Apple found a vulnerability that allows remote attackers to execute
arbitrary code or cause a denial of service (memory corruption) via a
crafted web site.
Resolution
Upgrade to 2.12.4-1.
# pacman -Syu "webkit2gtk>=2.12.4-1"
The problems have been fixed upstream in version 2.12.4.
References
https://webkitgtk.org/security/WSA-2016-0005.html#CVE-2016-4591 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4590 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4591 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4622 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4624
Workaround
None.