Bug 892084 - (CVE-2014-1384) VUL-0: webkit: tracker-bug for multiple CVEs
VUL-0: webkit: tracker-bug for multiple CVEs
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Federico Mena Quintero
Security Team bot
Depends on: 1069669
  Show dependency treegraph
Reported: 2014-08-15 11:16 UTC by Johannes Segitz
Modified: 2019-07-24 07:21 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2014-08-15 11:16:12 UTC
Safari 6.1.6 and Safari 7.0.6 are now available and address the

Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.
- CVE-2014-1384: Apple
- CVE-2014-1385: Apple
- CVE-2014-1386: an anonymous researcher
- CVE-2014-1387: Google Chrome Security Team
- CVE-2014-1388: Apple
- CVE-2014-1389: Apple
- CVE-2014-1390: Apple
Comment 1 Swamp Workflow Management 2014-08-15 22:00:18 UTC
bugbot adjusting priority
Comment 4 Federico Mena Quintero 2015-01-17 02:09:21 UTC
OK, these are fixed in webkitgtk-2.4.8.  I'm making a package right now.
Comment 5 Federico Mena Quintero 2015-01-23 21:58:02 UTC
I've submitted webkitgtk 2.4.8 to SUSE:SLE-11:Update, with id 49176.  This is the same package that is now in GNOME:Factory (openSUSE:Factory).
Comment 7 Marcus Meissner 2019-07-24 07:21:07 UTC
closing as unresolved