This bug is to collect statements for Webkit-related CVE's that do not have their own top-level CVE SRT bug because it did not affect the version of webkitgtk or konquerer shipped with Red Hat Enterprise Linux. These statements were also referred to as NVD statements and are noted on the NVD web site. This bug is used for webkit security issues disclosed in the following google chrome security advisory: http://googlechromereleases.blogspot.in/2012/03/stable-channel-release-and-beta-channel.html
CVE-2011-3059 ------------- http://code.google.com/p/chromium/issues/detail?id=112317 https://bugs.webkit.org/show_bug.cgi?id=80729 http://trac.webkit.org/changeset/110593 CVE-2011-3060 -------------- http://code.google.com/p/chromium/issues/detail?id=114056 https://bugs.webkit.org/show_bug.cgi?id=78534 Patch: http://trac.webkit.org/changeset/110332 Both the bugs cause an OOB read and results in crash only. Note: Other flaws reported on the google chrome security advisory do not affect Webkit
Statement CVE-2011-3059, CVE-2011-3060: Not Vulnerable. This issue does not affect the version of webkitgtk as shipped with Red Hat Enterprise Linux 6.