[Secure-testing-team] Bug#700164: src:webkit: first pile of 2013 CVEs
Helmut Grohne
helmut at subdivi.de
Sat Feb 9 11:31:23 UTC 2013
Package: src:webkit
Severity: grave
Tags: security
Justification: user security hole
Dear webkit maintainers,
On behalf of the security team I am creating a bug for the following
CVE identifiers supposedly affecting webkit.
CVE-2013-0948
CVE-2013-0949
CVE-2013-0950
CVE-2013-0951
CVE-2013-0952
CVE-2013-0953
CVE-2013-0954
CVE-2013-0955
CVE-2013-0956
CVE-2013-0958
CVE-2013-0959
CVE-2013-0962
CVE-2013-0964
CVE-2013-0968
Please verify which of them (if any) actually apply to Debian's version
of webkit. All of the appear to apply to some kind of memory corruption
or access restriction bypass which makes them good candidates. If they
turn out not to pose a risk for the user, please downgrade this bug.
Helmut
More information about the Secure-testing-team
mailing list