Bug 506469 (CVE-2009-1698)
| Summary: | CVE-2009-1698 kdelibs: KHTML CSS parser - incorrect handling CSS "style" attribute content (DoS, ACE) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
| Status: | CLOSED ERRATA | QA Contact: | |||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | unspecified | CC: | bressers, jreznik, kevin, kxiong, security-response-team, than | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| URL: | http://trac.webkit.org/changeset/42081 | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2015-08-24 15:41:53 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 505618, 505619, 505620, 505621, 505622, 833918 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
Jan Lieskovsky
2009-06-17 13:08:11 UTC
This issue affects the versions of kdelibs package, as shipped with Red Hat Enterprise Linux 3, 4, and 5. This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1128 https://rhn.redhat.com/errata/RHSA-2009-1128.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:1127 https://rhn.redhat.com/errata/RHSA-2009-1127.html This also affects kdelibs3 3.5.10 in Fedora. I was unable to verify whether kdelibs 4.2.4 is affected too because the code is significantly different. (Note that if KDE 4 is still affected, then this is NOT fixed in KDE trunk. The WebKit patch and the KDE 3 patch are very different from each other, and in both cases the patched code is very different from the KDE 4 code.) For QtWebKit, this is fixed in Qt 4.5.2 which got pushed to Fedora updates recently. I didn't check earlier versions. The reproducer also reports FAILURE in KDE 4.2.4's Konqueror. Looks like this is still unfixed in KDE 4. Looks like I can port the KDE 3 fix. Created attachment 355171 [details]
Untested patch against kdelibs 4.2.98
Here's an untested patch against kdelibs 4.2.98.
kdelibs-4.2.4-6.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/kdelibs-4.2.4-6.fc11 kdelibs-4.2.4-6.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/kdelibs-4.2.4-6.fc10 kdelibs3-3.5.10-13.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/kdelibs3-3.5.10-13.fc11 kdelibs3-3.5.10-13.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/kdelibs3-3.5.10-13.fc10 kdelibs-4.2.4-6.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. kdelibs-4.2.4-6.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. kdelibs3-3.5.10-13.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. kdelibs3-3.5.10-13.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. |