Synopsis: Moderate: webkitgtk security update Issue date: 2011-01-25 CVE Names: CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 CVE-2010-1807 CVE-2010-1812 CVE-2010-1814 CVE-2010-1815 CVE-2010-3113 CVE-2010-3114 CVE-2010-3115 CVE-2010-3116 CVE-2010-3119 CVE-2010-3255 CVE-2010-3257 CVE-2010-3259 CVE-2010-3812 CVE-2010-3813 CVE-2010-4197 CVE-2010-4198 CVE-2010-4204 CVE-2010-4206 CVE-2010-4577 Multiple memory corruption flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1787, CVE-2010-1788, CVE-2010-1790, CVE-2010-1792, CVE-2010-1807, CVE-2010-1814, CVE-2010-3114, CVE-2010-3116, CVE-2010-3119, CVE-2010-3255, CVE-2010-3812, CVE-2010-4198) Multiple use-after-free flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1780, CVE-2010-1786, CVE-2010-1793, CVE-2010-1812, CVE-2010-1815, CVE-2010-3113, CVE-2010-3257, CVE-2010-4197, CVE-2010-4204) Two array index errors, leading to out-of-bounds memory reads, were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash. (CVE-2010-4206, CVE-2010-4577) A flaw in WebKit could allow malicious web content to trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3115) It was found that WebKit did not correctly restrict read access to images created from the "canvas" element. Malicious web content could allow a remote attacker to bypass the same-origin policy and potentially access sensitive image data. (CVE-2010-3259) A flaw was found in the way WebKit handled DNS prefetching. Even when it was disabled, web content containing certain "link" elements could cause WebKitGTK+ to perform DNS prefetching. (CVE-2010-3813) All running applications that use WebKitGTK+ must be restarted for this update to take effect. SL 6.x SRPMS: webkitgtk-1.2.6-2.el6_0.src.rpm i386: webkitgtk-1.2.6-2.el6_0.i686.rpm webkitgtk-devel-1.2.6-2.el6_0.i686.rpm webkitgtk-doc-1.2.6-2.el6_0.i686.rpm x86_64: webkitgtk-1.2.6-2.el6_0.i686.rpm webkitgtk-1.2.6-2.el6_0.x86_64.rpm webkitgtk-devel-1.2.6-2.el6_0.i686.rpm webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm -Connie Sieh -Troy Dawson