1
Candidate: CVE-2017-2504
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2504
5
https://support.apple.com/HT207798
6
https://support.apple.com/HT207801
7
https://support.apple.com/HT207804
8
https://webkitgtk.org/security/WSA-2017-0004.html
10
An issue was discovered in certain Apple products. iOS before 10.3.2 is
11
affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected.
12
The issue involves the "WebKit" component. It allows remote attackers to
13
conduct Universal XSS (UXSS) attacks via a crafted web site that improperly
14
interacts with WebKit Editor commands.
17
jdstrand> webkit receives limited support. For details, see
18
https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
19
jdstrand> webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
26
upstream_webkitgtk: needs-triage
27
precise/esm_webkitgtk: DNE
28
trusty_webkitgtk: needs-triage
29
vivid/ubuntu-core_webkitgtk: DNE
30
vivid/stable-phone-overlay_webkitgtk: DNE
31
xenial_webkitgtk: needs-triage
32
yakkety_webkitgtk: ignored (reached end-of-life)
33
zesty_webkitgtk: ignored (reached end-of-life)
34
artful_webkitgtk: needs-triage
35
bionic_webkitgtk: needs-triage
36
devel_webkitgtk: needs-triage
39
upstream_webkit2gtk: released (2.16.1)
40
precise_webkit2gtk: DNE
41
precise/esm_webkit2gtk: DNE
42
trusty_webkit2gtk: DNE
43
vivid/ubuntu-core_webkit2gtk: DNE
44
vivid/stable-phone-overlay_webkit2gtk: DNE
45
xenial_webkit2gtk: not-affected (2.16.1-0ubuntu0.16.04.2)
46
yakkety_webkit2gtk: not-affected (2.16.1-0ubuntu0.16.10.2)
47
zesty_webkit2gtk: not-affected (2.16.1-1ubuntu0.17.04.1)
48
artful_webkit2gtk: not-affected (2.16.2-1)
49
bionic_webkit2gtk: not-affected (2.16.2-1)
50
devel_webkit2gtk: not-affected (2.16.2-1)
52
Patches_qtwebkit-source:
53
upstream_qtwebkit-source: needs-triage
54
precise/esm_qtwebkit-source: DNE
55
trusty_qtwebkit-source: needs-triage
56
vivid/ubuntu-core_qtwebkit-source: DNE
57
vivid/stable-phone-overlay_qtwebkit-source: DNE
58
xenial_qtwebkit-source: needs-triage
59
yakkety_qtwebkit-source: ignored (reached end-of-life)
60
zesty_qtwebkit-source: ignored (reached end-of-life)
61
artful_qtwebkit-source: needs-triage
62
bionic_qtwebkit-source: needs-triage
63
devel_qtwebkit-source: needs-triage
65
Patches_qtwebkit-opensource-src: needs-triage
66
upstream_qtwebkit-opensource-src: needs-triage
67
precise/esm_qtwebkit-opensource-src: DNE
68
trusty_qtwebkit-opensource-src: needs-triage
69
vivid/ubuntu-core_qtwebkit-opensource-src: DNE
70
vivid/stable-phone-overlay_qtwebkit-opensource-src: DNE
71
xenial_qtwebkit-opensource-src: needs-triage
72
yakkety_qtwebkit-opensource-src: ignored (reached end-of-life)
73
zesty_qtwebkit-opensource-src: ignored (reached end-of-life)
74
artful_qtwebkit-opensource-src: needs-triage
75
bionic_qtwebkit-opensource-src: needs-triage
76
devel_qtwebkit-opensource-src: needs-triage