Bug 892084 (CVE-2014-1384) - VUL-0: webkit: tracker-bug for multiple CVEs
Summary: VUL-0: webkit: tracker-bug for multiple CVEs
Status: RESOLVED NORESPONSE
Alias: CVE-2014-1384
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Federico Mena Quintero
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/105037/
Whiteboard:
Keywords:
Depends on: 1069669
Blocks:
  Show dependency treegraph
 
Reported: 2014-08-15 11:16 UTC by Johannes Segitz
Modified: 2019-07-24 07:21 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2014-08-15 11:16:12 UTC 
Safari 6.1.6 and Safari 7.0.6 are now available and address the
following:

WebKit:
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.
- CVE-2014-1384: Apple
- CVE-2014-1385: Apple
- CVE-2014-1386: an anonymous researcher
- CVE-2014-1387: Google Chrome Security Team
- CVE-2014-1388: Apple
- CVE-2014-1389: Apple
- CVE-2014-1390: Apple
Comment 1 Swamp Workflow Management 2014-08-15 22:00:18 UTC 
bugbot adjusting priority
Comment 4 Federico Mena Quintero 2015-01-17 02:09:21 UTC 
OK, these are fixed in webkitgtk-2.4.8.  I'm making a package right now.
Comment 5 Federico Mena Quintero 2015-01-23 21:58:02 UTC 
I've submitted webkitgtk 2.4.8 to SUSE:SLE-11:Update, with id 49176.  This is the same package that is now in GNOME:Factory (openSUSE:Factory).
Comment 7 Marcus Meissner 2019-07-24 07:21:07 UTC 
closing as unresolved