=========================================================== Ubuntu Security Notice USN-1006-1 October 19, 2010 webkit vulnerabilities https://launchpad.net/bugs/660075 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: libwebkit-1.0-2 1.2.5-0ubuntu0.9.10.1 Ubuntu 10.04 LTS: libwebkit-1.0-2 1.2.5-0ubuntu0.10.04.1 Ubuntu 10.10: libwebkit-1.0-2 1.2.5-0ubuntu0.10.10.1 After a standard system update you need to restart any applications that use WebKit, such as Epiphany and Midori, to make all the necessary changes. Details follow: A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Please consult the bug listed at the top of this advisory to get the exact list of CVE numbers fixed for each release. Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5-0ubuntu0.9.10.1.diff.gz Size/MD5: 28902 3436d9c6218a4cd1a5754b26d0f6e256 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5-0ubuntu0.9.10.1.dsc Size/MD5: 2346 9cc885388210502d79ca6655e073f05e http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5.orig.tar.gz Size/MD5: 6727977 09f04985665b9abf6f0d9956f86a6a31 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-common_1.2.5-0ubuntu0.9.10.1_all.deb Size/MD5: 615320 20d3e7adda2f5fa5a142a4501280a837 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.9.10.1_amd64.deb Size/MD5: 139134580 8d73bb5f05a99b76445655c0aff9eb12 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.9.10.1_amd64.deb Size/MD5: 5751420 31eda9fa73766cef54571ecab5f2c6e0 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.9.10.1_amd64.deb Size/MD5: 118264 4402376e41a392f18ec26b102a27c4aa i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.9.10.1_i386.deb Size/MD5: 138270646 ff3700bd6053f18209c8884d0bdc5bc4 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.9.10.1_i386.deb Size/MD5: 5140872 73f89219225b633f4a866245712e6837 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.9.10.1_i386.deb Size/MD5: 115628 aa55bd17bfd68286f34a8aac9017839d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.9.10.1_lpia.deb Size/MD5: 138495338 f45c9ce9a707fbcf9cf17d3039e9a47f http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.9.10.1_lpia.deb Size/MD5: 5093272 11a6dd088bde3429ed8bd8e4bd0c2610 http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.9.10.1_lpia.deb Size/MD5: 115612 d3440a9475264109fe7ee7806ad1659b powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.9.10.1_powerpc.deb Size/MD5: 138840804 c0d644f5609bb659e5c934725bfa862d http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.9.10.1_powerpc.deb Size/MD5: 5405430 04557727a3bac6037caca9b717b8e218 http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.9.10.1_powerpc.deb Size/MD5: 115620 916e4e0e1bf105f62c6d3ef2756d1186 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.9.10.1_sparc.deb Size/MD5: 137354182 d0fd14e1622fcacfa5f2f97c40bfcacc http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.9.10.1_sparc.deb Size/MD5: 6022530 ccf509a6bc5d3085170c8652323f154a http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.9.10.1_sparc.deb Size/MD5: 115604 279ec84c70acc2f0f6ac757d8ea8314d Updated packages for Ubuntu 10.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5-0ubuntu0.10.04.1.debian.tar.gz Size/MD5: 28130 d8f8ce4ec546bf31939df7fb25f0546e http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5-0ubuntu0.10.04.1.dsc Size/MD5: 2489 ce702764983bfa6366cb29288bcd0a34 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5.orig.tar.gz Size/MD5: 6727977 09f04985665b9abf6f0d9956f86a6a31 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-common_1.2.5-0ubuntu0.10.04.1_all.deb Size/MD5: 615060 54a52de598cc1d98ae81293f561cee31 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.10.04.1_amd64.deb Size/MD5: 139191092 505abba3026374772b005f66c5aa39b4 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.10.04.1_amd64.deb Size/MD5: 5759808 fe280b0b0c1cfae2ec2f1c42438f6c02 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.10.04.1_amd64.deb Size/MD5: 125090 add586dd4e7116a3c839d3aff41992c0 http://security.ubuntu.com/ubuntu/pool/universe/w/webkit/gir1.0-webkit-1.0_1.2.5-0ubuntu0.10.04.1_amd64.deb Size/MD5: 32002 68cb1c3e0122056767f3c8379bc466e9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.10.04.1_i386.deb Size/MD5: 138266662 9cbe221be706e0a8cfca8bb5f26e7b10 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.10.04.1_i386.deb Size/MD5: 5143424 7a0471d9588efe065b08e3fb1b8fe4e9 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.10.04.1_i386.deb Size/MD5: 125092 81aea704572d2052b0764962e82de16a http://security.ubuntu.com/ubuntu/pool/universe/w/webkit/gir1.0-webkit-1.0_1.2.5-0ubuntu0.10.04.1_i386.deb Size/MD5: 32000 6bafa9242012aae7a2b89a4ceda5e57b powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.10.04.1_powerpc.deb Size/MD5: 138806090 872af69f2a732bfbef0493f2a47ffa2f http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.10.04.1_powerpc.deb Size/MD5: 5402940 c77160e966129af9d018e856af48b72f http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.10.04.1_powerpc.deb Size/MD5: 125086 9fd9e5e5436c39aeecbeb21ee5f84f8b http://ports.ubuntu.com/pool/universe/w/webkit/gir1.0-webkit-1.0_1.2.5-0ubuntu0.10.04.1_powerpc.deb Size/MD5: 32396 3a217f8e2d292dc99d011474f3f1d4af sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.10.04.1_sparc.deb Size/MD5: 136606856 c78a87af6d3cbf0ce134155674cbd6c2 http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.10.04.1_sparc.deb Size/MD5: 5158466 c3d03dcf298065146ff55bb036646638 http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.10.04.1_sparc.deb Size/MD5: 125078 5cf9023f9a176b63372eeaa458c00b19 http://ports.ubuntu.com/pool/universe/w/webkit/gir1.0-webkit-1.0_1.2.5-0ubuntu0.10.04.1_sparc.deb Size/MD5: 32388 5e7796c459061e2effa909b33037f33b Updated packages for Ubuntu 10.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5-0ubuntu0.10.10.1.debian.tar.gz Size/MD5: 28946 696566138ed976047955dad9c51532de http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5-0ubuntu0.10.10.1.dsc Size/MD5: 2458 6c54ab417c58ea8fc7aeb4e023056ec1 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.2.5.orig.tar.gz Size/MD5: 6727977 09f04985665b9abf6f0d9956f86a6a31 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-common_1.2.5-0ubuntu0.10.10.1_all.deb Size/MD5: 696876 425ce7560407344b9a0bc967ca8859a4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.10.10.1_amd64.deb Size/MD5: 139228160 62a0a9f279f2e4086e2605cf00dcaf99 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.10.10.1_amd64.deb Size/MD5: 5759738 754ae8a24c22a6deb0d9093c6c3269ef http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.10.10.1_amd64.deb Size/MD5: 128206 ae712ec8851f357c54d28660d4b6e254 http://security.ubuntu.com/ubuntu/pool/universe/w/webkit/gir1.0-webkit-1.0_1.2.5-0ubuntu0.10.10.1_amd64.deb Size/MD5: 31662 4b4d0aebf0aa3b908b258581e6ab84be i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.10.10.1_i386.deb Size/MD5: 138310558 186bca6b898b28bd118560dd74fd62b2 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.10.10.1_i386.deb Size/MD5: 5132134 804908022424e58a8dd07b1fdee9e3f6 http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.10.10.1_i386.deb Size/MD5: 129146 6fa207cdf44a3e94dbe1bb2101e86803 http://security.ubuntu.com/ubuntu/pool/universe/w/webkit/gir1.0-webkit-1.0_1.2.5-0ubuntu0.10.10.1_i386.deb Size/MD5: 31788 f3076772e02b02a46c84de4ad460fb30 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2-dbg_1.2.5-0ubuntu0.10.10.1_powerpc.deb Size/MD5: 138818056 19a3a011964bd3931efb6acdc30f8a8e http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-2_1.2.5-0ubuntu0.10.10.1_powerpc.deb Size/MD5: 5395890 2d56bd9385a163c2d02acaaa5ec069da http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-dev_1.2.5-0ubuntu0.10.10.1_powerpc.deb Size/MD5: 124992 d7efe40fbab12557876cfb7c689f91ae http://ports.ubuntu.com/pool/universe/w/webkit/gir1.0-webkit-1.0_1.2.5-0ubuntu0.10.10.1_powerpc.deb Size/MD5: 32030 b8baf77562a66d7f2d9a5fdb40f59489