Package: kde4libs Version: 4:4.2.96-1 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for webkit.
CVE-2009-1725[0]: | WebKit in Apple Safari before 4.0.2 does not properly handle numeric | character references, which allows remote attackers to execute | arbitrary code or cause a denial of service (memory corruption and | application crash) via a crafted HTML document. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 http://security-tracker.debian.net/tracker/CVE-2009-1725 [1] http://scarybeastsecurity.blogspot.com/2009/07/iphone-and-safari-advisories.html The patch: --- kde4libs-4.2.96.old/khtml/html/htmltokenizer.cpp 2009-05-14 14:27:29.000000000 -0300 +++ kde4libs-4.2.96/khtml/html/htmltokenizer.cpp 2009-07-24 22:20:11.000000000 -0300 @@ -1038,7 +1038,7 @@ #ifdef TOKEN_DEBUG kDebug( 6036 ) << "unknown entity!"; #endif - checkBuffer(10); + checkBuffer(11); // ignore the sequence, add it to the buffer as plaintext *dest++ = '&'; for(unsigned int i = 0; i < cBufferPos; i++) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
