[SECURITY] Fedora 8 Update: WebKit-1.0.0-0.10.svn34655.fc8
updates at fedoraproject.org
updates at fedoraproject.org
Wed Jul 9 02:49:35 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-6220
2008-07-09 00:01:08
--------------------------------------------------------------------------------
Name : WebKit
Product : Fedora 8
Version : 1.0.0
Release : 0.10.svn34655.fc8
URL : http://webkit.org/
Summary : Web content engine library
Description :
WebKit is an open source web browser engine.
--------------------------------------------------------------------------------
Update Information:
This updated WebKit snapshot fixes CVE-2008-2307. (A memory corruption issue
exists in WebKit's handling of JavaScript arrays. Visiting a maliciously
crafted website may lead to an unexpected application termination or arbitrary
code execution.)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 6 2008 Peter Gordon <peter at thecodergeek.com> 1.0.0-0.10.svn34655
- Update to new upstream snapshot (SVN 34655)
- Resolves: CVE-2008-2307 (bug #454092: memory corruption in handling of
JavaScript arrays)
- Add some build-time conditionals for non-default features: debug, html5video,
pango, svg.
- libqtwebico.so is no longer supported.
* Mon Apr 28 2008 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 1.0.0-0.9.svn32531
- Update to new upstream snapshot (SVN 32531).
- Fix bug 443048 and hopefully fix bug 444445
- Modify the process of building GTK+ port a bit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #454092 - CVE-2008-2307 WebKit: memory corruption in handling of JavaScript arrays
https://bugzilla.redhat.com/show_bug.cgi?id=454092
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update WebKit' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list