This update together with previous releases addresses the following vulnerabilities: - CVE-2015-7096 - CVE-2015-7098 Additional fixes: - Disable DNS prefetch when a proxy is configured. - Reduce the maximum simultaneous network connections to match other browsers. - Make WebKitWebView always propagate motion-notify-event signal. - Add a way to force accelerating compositing mode at runtime using an environment variable. - Fix input elements and scrollbars rendering with GTK+ 3.19. - Fix rendering of lines when using solid colors. - Fix UI process crashes related to not having a main resource response when the load is committed for pages restored from the history cache.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2016-143a48536c.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(89480);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_xref(name:"FEDORA", value:"2016-143a48536c");
script_name(english:"Fedora 22 : webkitgtk4-2.10.7-1.fc22 (2016-143a48536c)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update together with previous releases addresses the following
vulnerabilities: - CVE-2015-7096 - CVE-2015-7098 Additional fixes: -
Disable DNS prefetch when a proxy is configured. - Reduce the maximum
simultaneous network connections to match other browsers. - Make
WebKitWebView always propagate motion-notify-event signal. - Add a way
to force accelerating compositing mode at runtime using an environment
variable. - Fix input elements and scrollbars rendering with GTK+
3.19. - Fix rendering of lines when using solid colors. - Fix UI
process crashes related to not having a main resource response when
the load is committed for pages restored from the history cache.
- Fix a WebProcess crash when loading large contents with
custom URI schemes API. - Fix a crash in the UI process
when the WebView is destroyed while the screensaver DBus
proxy is being created. - Fix WebProcess crashes due to
BadDrawable X errors in accelerated compositing mode. -
Fix crashes on PPC64 due to mprotect() on address not
aligned to the page size. - Fix std::bad_function_call
exception raised in
dispatchDecidePolicyForNavigationAction. - Fix downloads
of data URLs. - Fix runtime critical warnings when
closing a page containing windowed plugins. - Fix
several crashes and rendering issues. - Fix a deadlock
in the Web Process when JavaScript garbage collector was
running for a web worker thread that made google maps to
hang. - Fix media controls displaying without controls
attribute. - Fix a Web Process crash when quickly
attempting many DnD operations. - Fix the build with
GTK+ < 3.16. - Translation updates: French, German,
Italian, Turkish.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
# https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177032.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?fbd0927f"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected webkitgtk4 package."
);
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:webkitgtk4");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:22");
script_set_attribute(attribute:"patch_publication_date", value:"2016/02/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/04");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^22([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 22.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC22", reference:"webkitgtk4-2.10.7-1.fc22")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "webkitgtk4");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | webkitgtk4 | p-cpe:/a:fedoraproject:fedora:webkitgtk4 |
fedoraproject | fedora | 22 | cpe:/o:fedoraproject:fedora:22 |