1
PublicDateAtUSN: 2018-04-03
2
Candidate: CVE-2018-4120
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4120
6
https://support.apple.com/HT208693
7
https://support.apple.com/HT208694
8
https://support.apple.com/HT208695
9
https://support.apple.com/HT208697
10
https://support.apple.com/HT208698
11
https://webkitgtk.org/security/WSA-2018-0003.html
12
https://usn.ubuntu.com/usn/usn-3635-1
14
An issue was discovered in certain Apple products. iOS before 11.3 is
15
affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is
16
affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is
17
affected. The issue involves the "WebKit" component. It allows remote
18
attackers to execute arbitrary code or cause a denial of service (memory
19
corruption and application crash) via a crafted web site.
22
jdstrand> webkit receives limited support. For details, see
23
https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
24
jdstrand> webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
27
Discovered-by: Hanming Zhang
31
upstream_webkitgtk: needs-triage
32
precise/esm_webkitgtk: DNE
33
trusty_webkitgtk: needs-triage
34
xenial_webkitgtk: needs-triage
35
artful_webkitgtk: needs-triage
36
bionic_webkitgtk: needs-triage
37
devel_webkitgtk: needs-triage
40
upstream_webkit2gtk: released (2.20.0)
41
precise/esm_webkit2gtk: DNE
42
trusty_webkit2gtk: DNE
43
xenial_webkit2gtk: released (2.20.1-0ubuntu0.16.04.1)
44
artful_webkit2gtk: released (2.20.1-0ubuntu0.17.10.1)
45
bionic_webkit2gtk: not-affected (2.20.0-2)
46
devel_webkit2gtk: not-affected (2.20.0-2)
48
Patches_qtwebkit-source:
49
upstream_qtwebkit-source: needs-triage
50
precise/esm_qtwebkit-source: DNE
51
trusty_qtwebkit-source: needs-triage
52
xenial_qtwebkit-source: needs-triage
53
artful_qtwebkit-source: needs-triage
54
bionic_qtwebkit-source: needs-triage
55
devel_qtwebkit-source: needs-triage
57
Patches_qtwebkit-opensource-src: needs-triage
58
upstream_qtwebkit-opensource-src: needs-triage
59
precise/esm_qtwebkit-opensource-src: DNE
60
trusty_qtwebkit-opensource-src: needs-triage
61
xenial_qtwebkit-opensource-src: needs-triage
62
artful_qtwebkit-opensource-src: needs-triage
63
bionic_qtwebkit-opensource-src: needs-triage
64
devel_qtwebkit-opensource-src: needs-triage