Lucene search

Gentoo FoundationMGASA-2016-0116

HistoryMar 25, 2016 - 9:38 a.m.

Updated webkit2 packages fix security vulnerability

2016-03-2509:38:37

Gentoo Foundation

advisories.mageia.org

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.922 High

EPSS

Percentile

98.9%

JSON

The webkit2 package has been updated to version 2.10.9, fixing several security issues and other bugs.

OSVersionArchitecturePackageVersionFilename
Mageia5noarchwebkit2< 2.10.9-1webkit2-2.10.9-1.mga5

OS	Version	Architecture	Package	Version	Filename
Mageia	5	noarch	webkit2	< 2.10.9-1	webkit2-2.10.9-1.mga5

References

webkitgtk.org/security/WSA-2015-0002.html

webkitgtk.org/security/WSA-2016-0001.html

webkitgtk.org/security/WSA-2016-0002.html

www.webkitgtk.org/2015/04/14/webkitgtk2.8.1-released.html

www.webkitgtk.org/2015/05/12/webkitgtk2.8.2-released.html

www.webkitgtk.org/2015/07/08/webkitgtk2.8.4-released.html

www.webkitgtk.org/2015/08/06/webkitgtk2.8.5-released.html

www.webkitgtk.org/2015/09/21/webkitgtk2.10.0-released.html

www.webkitgtk.org/2015/10/14/webkitgtk2.10.1-released.html

www.webkitgtk.org/2015/10/15/webkitgtk2.10.2-released.html

www.webkitgtk.org/2015/10/26/webkitgtk2.10.3-released.html

www.webkitgtk.org/2015/11/11/webkitgtk2.10.4-released.html

www.webkitgtk.org/2016/01/20/webkitgtk2.10.5-released.html

www.webkitgtk.org/2016/01/27/webkitgtk2.10.6-released.html

www.webkitgtk.org/2016/01/29/webkitgtk2.10.7-released.html

www.webkitgtk.org/2016/03/11/webkitgtk2.10.8-released.html

www.webkitgtk.org/2016/03/17/webkitgtk2.10.9-released.html

bugs.mageia.org/show_bug.cgi?id=17662

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.922 High

EPSS

Percentile

98.9%

JSON

Related for MGASA-2016-0116