1
Candidate: CVE-2017-13797
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13797
5
https://support.apple.com/HT208219
6
https://support.apple.com/HT208222
7
https://support.apple.com/HT208223
8
https://support.apple.com/HT208224
9
https://support.apple.com/HT208225
10
https://webkitgtk.org/security/WSA-2017-0009.html
12
An issue was discovered in certain Apple products. iOS before 11.1 is
13
affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is
14
affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is
15
affected. The issue involves the "WebKit" component. It allows remote
16
attackers to execute arbitrary code or cause a denial of service (memory
17
corruption and application crash) via a crafted web site.
20
tyhicks> This CVE wasn't mentioned in the latest webkit2gtk security advisory
21
so it may be specific to Apple. Deferring it for now so that we can take one
22
more look in the future.
23
mdeslaur> This still wasn't mentioned in webkit2gtk advisories as of
24
mdeslaur> 2018-04-04, so marking as not-affected
31
upstream_webkit2gtk: needs-triage
32
precise/esm_webkit2gtk: DNE
33
trusty_webkit2gtk: DNE
34
xenial_webkit2gtk: not-affected
35
zesty_webkit2gtk: ignored (reached end-of-life)
36
artful_webkit2gtk: not-affected
37
devel_webkit2gtk: not-affected