Bug 596498 (CVE-2010-1772)
Summary: | CVE-2010-1772 WebKit: use-after-free vulnerability in handling of geolocation events | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | unspecified | CC: | jgrulich, jreznik, security-response-team, stransky, than |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-08-05 08:18:16 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 538236, 606304 | ||
Bug Blocks: | 806808 |
Description
Vincent Danen
2010-05-26 20:10:12 UTC
Upstream indicates this is a regression probably caused here (via https://bugs.webkit.org/show_bug.cgi?id=37815#c60): "Reverted r59693 for reason: Broke GTK Release Committed r59727: <http://trac.webkit.org/changeset/59727>" It looks like webkitgtk 1.2.0 is using r56916 based on the ChangeLog entries. If that is the case, then this would not affect webkitgtk (as we provide it) at all. Geolocation is not supported by Konqueror. This is being made public now, we've been given the go-ahead from upstream to do so. Created webkitgtk tracking bugs for this issue Affects: fedora-all [bug 606304] Created qt tracking bugs for this issue Affects: fedora-all [bug 538236] qt-4.6.3-8.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. qt-4.6.3-8.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. |