AVG-362 log

Package webkit2gtk
Status Fixed
Severity Critical
Type multiple issues
Affected 2.16.5-1
Fixed 2.16.6-1
Current 2.46.4-1 [extra]
Ticket None
Created Tue Jul 25 14:10:18 2017
Issue Severity Remote Type Description
CVE-2017-7064 Medium No Information disclosure
An information disclosure issue has been found in WebKitGTK+ <= 2.16.5, where an application may be able to read restricted memory.
CVE-2017-7061 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7056 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7055 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7048 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7046 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7039 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7037 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7034 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7030 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7018 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
Date Advisory Package Type
26 Jul 2017 ASA-201707-25 webkit2gtk multiple issues
References
https://webkitgtk.org/security/WSA-2017-0006.html