Gitiles
Code Review Sign In
gerrit.cesnet.cz / github / buildroot / buildroot / d50477b52bf71a9cd03b9e2de38c775d82cea0ec
commitd50477b52bf71a9cd03b9e2de38c775d82cea0ec[log] [tgz]
authorGustavo Zacarias <gustavo@zacarias.com.ar>Sun Aug 28 10:11:39 2016 -0300
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>Sun Aug 28 15:50:33 2016 +0200
tree2c816e696ee7e59a7313957a958a3f8cb4ae5cdf
parentaa9fde1c459dbc20b268694eafd7a1d3341dbf76 [diff]
webkitgtk: security bump to version 2.12.4

Fixes:
CVE-2016-4590 - mishandles about: URLs, which allows remote attackers to
bypass the Same Origin Policy via a crafted web site.

CVE-2016-4591 - mishandles the location variable, which allows remote
attackers to access the local filesystem via unspecified vectors.

CVE-2016-4622 - allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web site, a
different vulnerability than CVE-2016-4589, CVE-2016-4623, and
CVE-2016-4624.

CVE-2016-4624 - allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web site, a
different vulnerability than CVE-2016-4589, CVE-2016-4622, and
CVE-2016-4623.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2 files changed
tree: 2c816e696ee7e59a7313957a958a3f8cb4ae5cdf
  1. .defconfig
  2. .gitignore
  3. CHANGES
  4. COPYING
  5. Config.in
  6. Config.in.legacy
  7. Makefile
  8. Makefile.legacy
  9. README
  10. arch/
  11. board/
  12. boot/
  13. configs/
  14. docs/
  15. fs/
  16. linux/
  17. package/
  18. support/
  19. system/
  20. toolchain/