LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: August 25th, 2014
Linux Advisory Watch: August 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: WebKit vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that WebKit did not properly handle Cascading Style Sheets (CSS) import statements. If a user were tricked into opening a malicious website, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges.
===========================================================
Ubuntu Security Notice USN-676-1          November 24, 2008
webkit vulnerability
CVE-2008-3632
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libwebkit-1.0-1                 1.0.1-2ubuntu0.1

After a standard system upgrade you need to restart any applications that
use WebKit, such as Epiphany-webkit and Midori, to effect the necessary
changes.

Details follow:

It was discovered that WebKit did not properly handle Cascading Style Sheets
(CSS) import statements. If a user were tricked into opening a malicious
website, an attacker could cause a browser crash and possibly execute
arbitrary code with user privileges.


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-2ubuntu0.1.diff.gz
      Size/MD5:    21219 e7f04089c687141f512cb5066d1a1c30
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-2ubuntu0.1.dsc
      Size/MD5:     1538 23427df68878b3540e082d778cf74ed2
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1.orig.tar.gz
      Size/MD5: 13418752 4de68a5773998bea14e8939aa341c466

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.0.1-2ubuntu0.1_all.deb
      Size/MD5:    33888 3d3e394977eb1a52a81694786831075b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.1_amd64.deb
      Size/MD5: 62588488 b87a1a306e88f330a034de2374f08998
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.1_amd64.deb
      Size/MD5:  3498192 08f5383449a42b900a7a541a50f309d7

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.1_i386.deb
      Size/MD5: 62196494 3b3c6e6c871e45ebda20daeb377c261b
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.1_i386.deb
      Size/MD5:  3012354 f1528e6e6dedd94de7cf80bc8cf00c83

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.1_lpia.deb
      Size/MD5: 62283008 74002deca41e5eb530475b1b8162948c
    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.1_lpia.deb
      Size/MD5:  2965064 a7e3b539e899ad5b1fae915f9da5fce2

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.1_powerpc.deb
      Size/MD5: 64792472 dcaf2d61a355ef62a6bdc423aa68bbe2
    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.1_powerpc.deb
      Size/MD5:  3291430 50b79b1e9dfd831cd4fb3ffeb6342ec8

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.1_sparc.deb
      Size/MD5: 63702930 9a411dc78d88cdeadf1e105eafa84b31
    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.1_sparc.deb
      Size/MD5:  3495810 b945ea2113760479bdc8be11aafe0272



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.