-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2009.1338
                          WebKit vulnerabilities
                             24 September 2009

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           WebKit
Publisher:         Ubuntu
Operating System:  Ubuntu
                   UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote/Unauthenticated      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2009-1725 CVE-2009-1712 CVE-2009-1711
                   CVE-2009-1698 CVE-2009-1690 CVE-2009-1687
                   CVE-2009-0945  

Original Bulletin: 
   http://www.ubuntu.com/usn/usn-836-1

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Ubuntu. It is recommended that administrators 
         running WebKit check for an updated version of the software for 
         their operating system.
         
         Webkit is commonly used in browsers such as Google Chrome and Safari.
         Uses of such browsers should check that they are running the latest
         version.

- --------------------------BEGIN INCLUDED TEXT--------------------

===========================================================
Ubuntu Security Notice USN-836-1         September 23, 2009
webkit vulnerabilities
CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698,
CVE-2009-1711, CVE-2009-1712, CVE-2009-1725
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10
Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libwebkit-1.0-1                 1.0.1-2ubuntu0.2
  libwebkit-1.0-1-dbg             1.0.1-2ubuntu0.2
  libwebkit-dev                   1.0.1-2ubuntu0.2

Ubuntu 9.04:
  libwebkit-1.0-1                 1.0.1-4ubuntu0.1
  libwebkit-1.0-1-dbg             1.0.1-4ubuntu0.1
  libwebkit-dev                   1.0.1-4ubuntu0.1

After a standard system upgrade you need to restart any applications that
use WebKit, such as Epiphany-webkit and Midori, to effect the necessary
changes.

Details follow:

It was discovered that WebKit did not properly handle certain SVGPathList
data structures. If a user were tricked into viewing a malicious website,
an attacker could exploit this to execute arbitrary code with the
privileges of the user invoking the program. (CVE-2009-0945)

Several flaws were discovered in the WebKit browser and JavaScript engines.
If a user were tricked into viewing a malicious website, a remote attacker
could cause a denial of service or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2009-1687, CVE-2009-1690,
CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)

It was discovered that WebKit did not prevent the loading of local Java
applets. If a user were tricked into viewing a malicious website,
an attacker could exploit this to execute arbitrary code with the
privileges of the user invoking the program. (CVE-2009-1712)


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-2ubuntu0.2.diff.gz
      Size/MD5:    25401 ca58f621eec09ea60847fb7eeb18ef2a
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-2ubuntu0.2.dsc
      Size/MD5:     1538 ebdb32117beca5fff473ca0c1b065b42
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1.orig.tar.gz
      Size/MD5: 13418752 4de68a5773998bea14e8939aa341c466

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.0.1-2ubuntu0.2_all.deb
      Size/MD5:    34590 acb9cdfb9608c5f4146ea88eef384e75

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.2_amd64.deb
      Size/MD5: 62592212 df3152f6a40e538e3a267908d83783c0
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.2_amd64.deb
      Size/MD5:  3501472 e68f67894e53eb2faa48191ea3953732

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.2_i386.deb
      Size/MD5: 62206938 b7d1dde62360865cbc814122b93d4005
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.2_i386.deb
      Size/MD5:  3014500 73a5a3e9985f6d165120c5c3cca6d06b

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-2ubuntu0.2_lpia.deb
      Size/MD5: 62284322 75ff8aefee1fdea994f660dab5f6554f
    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-2ubuntu0.2_lpia.deb
      Size/MD5:  2966170 1c52f1920282c659a0a81a3be44dde7f

Updated packages for Ubuntu 9.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-4ubuntu0.1.diff.gz
      Size/MD5:    30900 0ea9f48f994b9bd759446a939ff5dca3
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1-4ubuntu0.1.dsc
      Size/MD5:     1538 31502504b765f1161825ccdb82f71788
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/webkit_1.0.1.orig.tar.gz
      Size/MD5: 13418752 4de68a5773998bea14e8939aa341c466

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-dev_1.0.1-4ubuntu0.1_all.deb
      Size/MD5:    34678 5042c01c01e9d128a13d1457c56b0cbd

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4ubuntu0.1_amd64.deb
      Size/MD5: 62772554 3026ef7b332447cae68ed4f72b35ddb2
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-4ubuntu0.1_amd64.deb
      Size/MD5:  3502830 0fcd75b07524e2d70f8770ccd5bdc0c3

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4ubuntu0.1_i386.deb
      Size/MD5: 62357024 777eb37c5384472cf9b4adac21f0d116
    http://security.ubuntu.com/ubuntu/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-4ubuntu0.1_i386.deb
      Size/MD5:  3014688 100fd9406ea649edd954f4d154ab4d30

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4ubuntu0.1_lpia.deb
      Size/MD5: 62441454 18aa72b5c443a86153906e5ba4a87e55
    http://ports.ubuntu.com/pool/main/w/webkit/libwebkit-1.0-1_1.0.1-4ubuntu0.1_lpia.deb
      Size/MD5:  2968040 9651199f95dfee6252e2aacde99ebbbf

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iD8DBQFKuutxNVH5XJJInbgRAimMAJ4yHNjH3ozR6+0Bcl/ShFcm0TwF/gCeNVrp
3HbTfD0kQ/bkptfLj1003oA=
=YJsi
-----END PGP SIGNATURE-----