Package: kdelibs Version: 4:3.5.10.dfsg.1-2 Severity: grave Tags: security patch
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for webkit. CVE-2009-1725[0]: | WebKit in Apple Safari before 4.0.2 does not properly handle numeric | character references, which allows remote attackers to execute | arbitrary code or cause a denial of service (memory corruption and | application crash) via a crafted HTML document. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 http://security-tracker.debian.net/tracker/CVE-2009-1725 [1] http://scarybeastsecurity.blogspot.com/2009/07/iphone-and-safari-advisories.html The patch: --- kdelibs-3.5.10.dfsg.1.old/khtml/html/htmltokenizer.cpp 2007-05-14 04:52:39.000000000 -0300 +++ kdelibs-3.5.10.dfsg.1/khtml/html/htmltokenizer.cpp 2009-07-24 22:10:11.000000000 -0300 @@ -736,7 +736,7 @@ #ifdef TOKEN_DEBUG kdDebug( 6036 ) << "unknown entity!" << endl; #endif - checkBuffer(10); + checkBuffer(11); // ignore the sequence, add it to the buffer as plaintext *dest++ = '&'; for(unsigned int i = 0; i < cBufferPos; i++) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
