← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2017-2504

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
active/CVE-2017-2504
1
 
Candidate: CVE-2017-2504
2
 
PublicDate: 2017-05-22
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2504
5
 
 https://support.apple.com/HT207798
6
 
 https://support.apple.com/HT207801
7
 
 https://support.apple.com/HT207804
8
 
 https://webkitgtk.org/security/WSA-2017-0004.html
9
 
Description:
10
 
 An issue was discovered in certain Apple products. iOS before 10.3.2 is
11
 
 affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected.
12
 
 The issue involves the "WebKit" component. It allows remote attackers to
13
 
 conduct Universal XSS (UXSS) attacks via a crafted web site that improperly
14
 
 interacts with WebKit Editor commands.
15
 
Ubuntu-Description:
16
 
Notes:
17
 
 jdstrand> webkit receives limited support. For details, see
18
 
 https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
19
 
 jdstrand> webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
20
 
Bugs:
21
 
Priority: medium
22
 
Discovered-by:
23
 
Assigned-to:
24
 
 
25
 
Patches_webkitgtk:
26
 
upstream_webkitgtk: needs-triage
27
 
precise/esm_webkitgtk: DNE
28
 
trusty_webkitgtk: needs-triage
29
 
vivid/ubuntu-core_webkitgtk: DNE
30
 
vivid/stable-phone-overlay_webkitgtk: DNE
31
 
xenial_webkitgtk: needs-triage
32
 
yakkety_webkitgtk: ignored (reached end-of-life)
33
 
zesty_webkitgtk: ignored (reached end-of-life)
34
 
artful_webkitgtk: needs-triage
35
 
bionic_webkitgtk: needs-triage
36
 
devel_webkitgtk: needs-triage
37
 
 
38
 
Patches_webkit2gtk:
39
 
upstream_webkit2gtk: released (2.16.1)
40
 
precise_webkit2gtk: DNE
41
 
precise/esm_webkit2gtk: DNE
42
 
trusty_webkit2gtk: DNE
43
 
vivid/ubuntu-core_webkit2gtk: DNE
44
 
vivid/stable-phone-overlay_webkit2gtk: DNE
45
 
xenial_webkit2gtk: not-affected (2.16.1-0ubuntu0.16.04.2)
46
 
yakkety_webkit2gtk: not-affected (2.16.1-0ubuntu0.16.10.2)
47
 
zesty_webkit2gtk: not-affected (2.16.1-1ubuntu0.17.04.1)
48
 
artful_webkit2gtk: not-affected (2.16.2-1)
49
 
bionic_webkit2gtk: not-affected (2.16.2-1)
50
 
devel_webkit2gtk: not-affected (2.16.2-1)
51
 
 
52
 
Patches_qtwebkit-source:
53
 
upstream_qtwebkit-source: needs-triage
54
 
precise/esm_qtwebkit-source: DNE
55
 
trusty_qtwebkit-source: needs-triage
56
 
vivid/ubuntu-core_qtwebkit-source: DNE
57
 
vivid/stable-phone-overlay_qtwebkit-source: DNE
58
 
xenial_qtwebkit-source: needs-triage
59
 
yakkety_qtwebkit-source: ignored (reached end-of-life)
60
 
zesty_qtwebkit-source: ignored (reached end-of-life)
61
 
artful_qtwebkit-source: needs-triage
62
 
bionic_qtwebkit-source: needs-triage
63
 
devel_qtwebkit-source: needs-triage
64
 
 
65
 
Patches_qtwebkit-opensource-src: needs-triage
66
 
upstream_qtwebkit-opensource-src: needs-triage
67
 
precise/esm_qtwebkit-opensource-src: DNE
68
 
trusty_qtwebkit-opensource-src: needs-triage
69
 
vivid/ubuntu-core_qtwebkit-opensource-src: DNE
70
 
vivid/stable-phone-overlay_qtwebkit-opensource-src: DNE
71
 
xenial_qtwebkit-opensource-src: needs-triage
72
 
yakkety_qtwebkit-opensource-src: ignored (reached end-of-life)
73
 
zesty_qtwebkit-opensource-src: ignored (reached end-of-life)
74
 
artful_qtwebkit-opensource-src: needs-triage
75
 
bionic_qtwebkit-opensource-src: needs-triage
76
 
devel_qtwebkit-opensource-src: needs-triage
77