Bug 825914 (CVE-2011-3105)

Summary: CVE-2011-3105 webkitgtk: Use-after-free in first-letter handling
Product: [Other] Security Response Reporter: Huzaifa S. Sidhpurwala <huzaifas>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: huzaifas, martin.sourada, mtasaka, security-response-team, stransky
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-19 21:52:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 748383    

Description Huzaifa S. Sidhpurwala 2012-05-29 04:33:07 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3105 to the following vulnerability:

Name: CVE-2011-3105
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3105
Reference: CONFIRM:http://code.google.com/p/chromium/issues/detail?id=120912
Reference: CONFIRM:http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html

Use-after-free vulnerability in the Cascading Style Sheets (CSS)
implementation in Google Chrome before 19.0.1084.52 allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to the :first-letter pseudo-element.
Comment 3 Huzaifa S. Sidhpurwala 2012-05-29 04:37:24 UTC 
References:

webkit bug: https://bugs.webkit.org/show_bug.cgi?id=86133
Patch: http://trac.webkit.org/changeset/117309

Statement:

This issue affects the version of webkitgtk as shipped with Red Hat Enterprise Linux 6.
Comment 4 Mamoru TASAKA 2021-10-05 12:53:37 UTC 
Is there any changes that this old bug can be closed?
Comment 5 Huzaifa S. Sidhpurwala 2021-10-11 03:03:25 UTC 
This is a bug againstIn reply to comment #4:
> Is there any changes that this old bug can be closed?

Is there a reason for closing this bug? Do you know if the products are fixed? or what the status is?
Comment 6 Mamoru TASAKA 2021-10-11 05:16:27 UTC 
(In reply to Huzaifa S. Sidhpurwala from comment #5)
> This is a bug againstIn reply to comment #4:
> > Is there any changes that this old bug can be closed?
> 
> Is there a reason for closing this bug? 

Because I am cc of this bug, I cannot remove this, and even if I can remove CC,
I regularly query open bugzilla bugs I am involved in (CC, commented, assingee, reported),
and every time I query, this old bug always appears, and I have to check the status
of this bug, very annoying.


> Do you know if the products are
> fixed? or what the status is?

Hmm?? why are you asking me the status? It is your responsibility to check 
the status, isn't it?

If you don't care the status of this bug, please close.