1
PublicDateAtUSN: 2017-04-01
2
Candidate: CVE-2017-2481
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2481
6
http://zerodayinitiative.com/advisories/ZDI-17-191/
7
https://support.apple.com/HT207600
8
https://support.apple.com/HT207601
9
https://support.apple.com/HT207617
10
https://www.webkitgtk.org/security/WSA-2017-0003.html
11
https://usn.ubuntu.com/usn/usn-3257-1
13
An issue was discovered in certain Apple products. iOS before 10.3 is
14
affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The
15
issue involves the "WebKit" component. It allows remote attackers to
16
execute arbitrary code or cause a denial of service (memory corruption and
17
application crash) via a crafted web site.
20
jdstrand> webkit receives limited support. For details, see
21
https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
22
jdstrand> webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
29
upstream_webkit: needs-triage
30
precise_webkit: ignored (see notes)
31
precise/esm_webkit: DNE (precise was ignored [see notes])
33
vivid/ubuntu-core_webkit: DNE
34
vivid/stable-phone-overlay_webkit: DNE
43
upstream_webkitgtk: needs-triage
44
precise_webkitgtk: DNE
45
precise/esm_webkitgtk: DNE
46
trusty_webkitgtk: needs-triage
47
vivid/ubuntu-core_webkitgtk: DNE
48
vivid/stable-phone-overlay_webkitgtk: DNE
49
xenial_webkitgtk: needs-triage
50
yakkety_webkitgtk: ignored (reached end-of-life)
51
zesty_webkitgtk: ignored (reached end-of-life)
52
artful_webkitgtk: needs-triage
53
bionic_webkitgtk: needs-triage
54
devel_webkitgtk: needs-triage
57
upstream_webkit2gtk: released (2.14.6)
58
precise_webkit2gtk: DNE
59
precise/esm_webkit2gtk: DNE
60
trusty_webkit2gtk: DNE
61
vivid/ubuntu-core_webkit2gtk: DNE
62
vivid/stable-phone-overlay_webkit2gtk: DNE
63
xenial_webkit2gtk: released (2.16.1-0ubuntu0.16.04.1)
64
yakkety_webkit2gtk: released (2.16.1-0ubuntu0.16.10.1)
65
zesty_webkit2gtk: not-affected (2.16.1-1)
66
artful_webkit2gtk: not-affected (2.16.1-1)
67
bionic_webkit2gtk: not-affected (2.16.1-1)
68
devel_webkit2gtk: not-affected (2.16.1-1)
70
Patches_qtwebkit-source:
71
upstream_qtwebkit-source: needs-triage
72
precise_qtwebkit-source: ignored (see notes)
73
precise/esm_qtwebkit-source: DNE (precise was ignored [see notes])
74
trusty_qtwebkit-source: needs-triage
75
vivid/ubuntu-core_qtwebkit-source: DNE
76
vivid/stable-phone-overlay_qtwebkit-source: DNE
77
xenial_qtwebkit-source: needs-triage
78
yakkety_qtwebkit-source: ignored (reached end-of-life)
79
zesty_qtwebkit-source: ignored (reached end-of-life)
80
artful_qtwebkit-source: needs-triage
81
bionic_qtwebkit-source: needs-triage
82
devel_qtwebkit-source: needs-triage
84
Patches_qtwebkit-opensource-src: needs-triage
85
upstream_qtwebkit-opensource-src: needs-triage
86
precise_qtwebkit-opensource-src: DNE
87
precise/esm_qtwebkit-opensource-src: DNE
88
trusty_qtwebkit-opensource-src: needs-triage
89
vivid/ubuntu-core_qtwebkit-opensource-src: DNE
90
vivid/stable-phone-overlay_qtwebkit-opensource-src: DNE
91
xenial_qtwebkit-opensource-src: needs-triage
92
yakkety_qtwebkit-opensource-src: ignored (reached end-of-life)
93
zesty_qtwebkit-opensource-src: ignored (reached end-of-life)
94
artful_qtwebkit-opensource-src: needs-triage
95
bionic_qtwebkit-opensource-src: needs-triage
96
devel_qtwebkit-opensource-src: needs-triage