Skip to navigation

Security Advisory Moderate: webkitgtk security update

Advisory: RHSA-2011:0177-1
Type: Security Advisory
Severity: Moderate
Issued on: 2011-01-25
Last updated on: 2011-01-25
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.0.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2010-1780
CVE-2010-1782
CVE-2010-1783
CVE-2010-1784
CVE-2010-1785
CVE-2010-1786
CVE-2010-1787
CVE-2010-1788
CVE-2010-1790
CVE-2010-1792
CVE-2010-1793
CVE-2010-1807
CVE-2010-1812
CVE-2010-1814
CVE-2010-1815
CVE-2010-3113
CVE-2010-3114
CVE-2010-3115
CVE-2010-3116
CVE-2010-3119
CVE-2010-3255
CVE-2010-3257
CVE-2010-3259
CVE-2010-3812
CVE-2010-3813
CVE-2010-4197
CVE-2010-4198
CVE-2010-4204
CVE-2010-4206
CVE-2010-4577

Details

Updated webkitgtk packages that fix several security issues are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

WebKitGTK+ is the port of the portable web rendering engine WebKit to the
GTK+ platform.

Multiple memory corruption flaws were found in WebKit. Malicious web
content could cause an application using WebKitGTK+ to crash or,
potentially, execute arbitrary code with the privileges of the user running
the application. (CVE-2010-1782, CVE-2010-1783, CVE-2010-1784,
CVE-2010-1785, CVE-2010-1787, CVE-2010-1788, CVE-2010-1790, CVE-2010-1792,
CVE-2010-1807, CVE-2010-1814, CVE-2010-3114, CVE-2010-3116, CVE-2010-3119,
CVE-2010-3255, CVE-2010-3812, CVE-2010-4198)

Multiple use-after-free flaws were found in WebKit. Malicious web content
could cause an application using WebKitGTK+ to crash or, potentially,
execute arbitrary code with the privileges of the user running the
application. (CVE-2010-1780, CVE-2010-1786, CVE-2010-1793, CVE-2010-1812,
CVE-2010-1815, CVE-2010-3113, CVE-2010-3257, CVE-2010-4197, CVE-2010-4204)

Two array index errors, leading to out-of-bounds memory reads, were found
in WebKit. Malicious web content could cause an application using
WebKitGTK+ to crash. (CVE-2010-4206, CVE-2010-4577)

A flaw in WebKit could allow malicious web content to trick a user into
thinking they are visiting the site reported by the location bar, when the
page is actually content controlled by an attacker. (CVE-2010-3115)

It was found that WebKit did not correctly restrict read access to images
created from the "canvas" element. Malicious web content could allow a
remote attacker to bypass the same-origin policy and potentially access
sensitive image data. (CVE-2010-3259)

A flaw was found in the way WebKit handled DNS prefetching. Even when it
was disabled, web content containing certain "link" elements could cause
WebKitGTK+ to perform DNS prefetching. (CVE-2010-3813)

Users of WebKitGTK+ should upgrade to these updated packages, which contain
WebKitGTK+ version 1.2.6, and resolve these issues. All running
applications that use WebKitGTK+ must be restarted for this update to take
effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
webkitgtk-1.2.6-2.el6_0.src.rpm
File outdated by:  RHBA-2013:1613
    MD5: e92173e83855ad0e25a7915ad8f25a06
SHA-256: aa4882ce9c9edb46d91f71b52448b7fe3a336e7f7301b9af3ca10f610bc28a34
 
IA-32:
webkitgtk-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-doc-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 7dabe6217ad7cef4c1def5f4dc106132
SHA-256: 49a6ffee4f43fa3fda1737bd0bf17864499570e45b8f985bcf4e92a3994cde05
 
x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 5d36d5970a52061bb7dba6d78c8239ba
SHA-256: b8d804f77c48afee1139d3b05901a6923325f85b9f013768de2818d3a0a1e708
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 4ef47eb3df45148293f14a85406f7478
SHA-256: 9ad4c2669573ada78525e29dd7728ce788e27e8f99c1e96b2b3f872b142122a2
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: d72d1e7690aabcc034cb94edd35ef927
SHA-256: bc81bb4f5e16b4257f362eb449a208fe1e9c938b564b5a589035f4e575b7af96
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 9d281923b64a0a931f281ce865e9225c
SHA-256: 1bafee5dc398a2a90b494fd9e039dcad5acf0e63c1b13b852679658602c4c174
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
webkitgtk-1.2.6-2.el6_0.src.rpm
File outdated by:  RHBA-2013:1613
    MD5: e92173e83855ad0e25a7915ad8f25a06
SHA-256: aa4882ce9c9edb46d91f71b52448b7fe3a336e7f7301b9af3ca10f610bc28a34
 
x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 5d36d5970a52061bb7dba6d78c8239ba
SHA-256: b8d804f77c48afee1139d3b05901a6923325f85b9f013768de2818d3a0a1e708
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 4ef47eb3df45148293f14a85406f7478
SHA-256: 9ad4c2669573ada78525e29dd7728ce788e27e8f99c1e96b2b3f872b142122a2
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: d72d1e7690aabcc034cb94edd35ef927
SHA-256: bc81bb4f5e16b4257f362eb449a208fe1e9c938b564b5a589035f4e575b7af96
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 9d281923b64a0a931f281ce865e9225c
SHA-256: 1bafee5dc398a2a90b494fd9e039dcad5acf0e63c1b13b852679658602c4c174
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
webkitgtk-1.2.6-2.el6_0.src.rpm
File outdated by:  RHBA-2013:1613
    MD5: e92173e83855ad0e25a7915ad8f25a06
SHA-256: aa4882ce9c9edb46d91f71b52448b7fe3a336e7f7301b9af3ca10f610bc28a34
 
IA-32:
webkitgtk-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-doc-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 7dabe6217ad7cef4c1def5f4dc106132
SHA-256: 49a6ffee4f43fa3fda1737bd0bf17864499570e45b8f985bcf4e92a3994cde05
 
PPC:
webkitgtk-1.2.6-2.el6_0.ppc.rpm
File outdated by:  RHBA-2013:1613
    MD5: 73b5044857ea9d625c10a46160cd3f5f
SHA-256: d1c77783c487d21a88def97cc2bd813d8ac91015322dc287fa0c1354f633efad
webkitgtk-1.2.6-2.el6_0.ppc64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 94c0bf5b2d32e1d1a9192efc7892ba34
SHA-256: 8eee3ce33c08dc1d747cdc54526033988c6e0526cdc58830d678907ed5eef0f7
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc.rpm
File outdated by:  RHBA-2013:1613
    MD5: 9d242ef69035d8036f854a5535a21bac
SHA-256: bd0daea9b0c68d122df99e0c72af6c107ce73fe9c3b3a89864d77ffd961ab6d2
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc64.rpm
File outdated by:  RHBA-2013:1613
    MD5: f9e63c38fb4d7e5fbee4c7c8ddaf9b9e
SHA-256: 010afb9343abf3822923eae808b72591bb8967e9e716488634fc69511e9f0c8c
webkitgtk-devel-1.2.6-2.el6_0.ppc.rpm
File outdated by:  RHBA-2013:1613
    MD5: 5379ec57874da94b5f8dd8b757b5ff76
SHA-256: 8fd2c988d8eb0b87a27f574a44aa385ab675417b4a85415f2644775137314e5f
webkitgtk-devel-1.2.6-2.el6_0.ppc64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 4a1ab895ad7ff5f82dfffad88fa0d36c
SHA-256: 894e620bf201f93b879e012a61819222ddf8a14645349449c7ce8913529b02de
webkitgtk-doc-1.2.6-2.el6_0.ppc64.rpm
File outdated by:  RHBA-2013:1613
    MD5: f06517c4713b65e827a5fd01b714cf27
SHA-256: e725b381ce4c0e27c294220ab89df3b22cec1b0bfb7474980951f69e9e870f1d
 
s390x:
webkitgtk-1.2.6-2.el6_0.s390.rpm
File outdated by:  RHBA-2013:1613
    MD5: 5f0497d4e6f40f237282f7d917ec78d0
SHA-256: 9b18820b085cc2486c9150619b7f99894fd84df581497fd2431bebeefd16f5c4
webkitgtk-1.2.6-2.el6_0.s390x.rpm
File outdated by:  RHBA-2013:1613
    MD5: b49f9b21403be50608005718e206be04
SHA-256: f710a0bf24674b34a380e779101cc90a5a4cc50fb213e5be00bcefee4689a845
webkitgtk-debuginfo-1.2.6-2.el6_0.s390.rpm
File outdated by:  RHBA-2013:1613
    MD5: 1560fba791f09cdb158d6dc95f4b8e3d
SHA-256: e0dd30c134d9c6c8e9ef250f79bb2c379d3c4e53e09d235e0795b3e6ca740032
webkitgtk-debuginfo-1.2.6-2.el6_0.s390x.rpm
File outdated by:  RHBA-2013:1613
    MD5: 2fe88169dedaeb9ac33ceda80d542c15
SHA-256: 7b3078bc1c33d69ed496dbf1ba49e950eeeb64cb05c8e4c54605c78dc16445c8
webkitgtk-devel-1.2.6-2.el6_0.s390.rpm
File outdated by:  RHBA-2013:1613
    MD5: 9b80ddb0545a38ffa7fde85eb178931d
SHA-256: bac1064d964436313fe4ae1c94ea89e1b9f31e8a5dde125ed49515e6dffd0053
webkitgtk-devel-1.2.6-2.el6_0.s390x.rpm
File outdated by:  RHBA-2013:1613
    MD5: 1a5acf6ca8e4c80c51e6018f68aea1db
SHA-256: 8d6133d2358938df301bd061aed8af8056523a115c6a9d7c2f4e3a342f5f4121
webkitgtk-doc-1.2.6-2.el6_0.s390x.rpm
File outdated by:  RHBA-2013:1613
    MD5: dc86eba9b266682d1f0b1520e8dc01fe
SHA-256: cb2e7a70e119b6c434672752c350ef61bf997c2fb8c6ad79fe2d382235b63506
 
x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 5d36d5970a52061bb7dba6d78c8239ba
SHA-256: b8d804f77c48afee1139d3b05901a6923325f85b9f013768de2818d3a0a1e708
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 4ef47eb3df45148293f14a85406f7478
SHA-256: 9ad4c2669573ada78525e29dd7728ce788e27e8f99c1e96b2b3f872b142122a2
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: d72d1e7690aabcc034cb94edd35ef927
SHA-256: bc81bb4f5e16b4257f362eb449a208fe1e9c938b564b5a589035f4e575b7af96
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 9d281923b64a0a931f281ce865e9225c
SHA-256: 1bafee5dc398a2a90b494fd9e039dcad5acf0e63c1b13b852679658602c4c174
 
Red Hat Enterprise Linux Server EUS (v. 6.0.z)

SRPMS:
webkitgtk-1.2.6-2.el6_0.src.rpm
File outdated by:  RHBA-2013:1613
    MD5: e92173e83855ad0e25a7915ad8f25a06
SHA-256: aa4882ce9c9edb46d91f71b52448b7fe3a336e7f7301b9af3ca10f610bc28a34
 
IA-32:
webkitgtk-1.2.6-2.el6_0.i686.rpm     MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm     MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm     MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-doc-1.2.6-2.el6_0.i686.rpm     MD5: 7dabe6217ad7cef4c1def5f4dc106132
SHA-256: 49a6ffee4f43fa3fda1737bd0bf17864499570e45b8f985bcf4e92a3994cde05
 
PPC:
webkitgtk-1.2.6-2.el6_0.ppc.rpm     MD5: 73b5044857ea9d625c10a46160cd3f5f
SHA-256: d1c77783c487d21a88def97cc2bd813d8ac91015322dc287fa0c1354f633efad
webkitgtk-1.2.6-2.el6_0.ppc64.rpm     MD5: 94c0bf5b2d32e1d1a9192efc7892ba34
SHA-256: 8eee3ce33c08dc1d747cdc54526033988c6e0526cdc58830d678907ed5eef0f7
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc.rpm     MD5: 9d242ef69035d8036f854a5535a21bac
SHA-256: bd0daea9b0c68d122df99e0c72af6c107ce73fe9c3b3a89864d77ffd961ab6d2
webkitgtk-debuginfo-1.2.6-2.el6_0.ppc64.rpm     MD5: f9e63c38fb4d7e5fbee4c7c8ddaf9b9e
SHA-256: 010afb9343abf3822923eae808b72591bb8967e9e716488634fc69511e9f0c8c
webkitgtk-devel-1.2.6-2.el6_0.ppc.rpm     MD5: 5379ec57874da94b5f8dd8b757b5ff76
SHA-256: 8fd2c988d8eb0b87a27f574a44aa385ab675417b4a85415f2644775137314e5f
webkitgtk-devel-1.2.6-2.el6_0.ppc64.rpm     MD5: 4a1ab895ad7ff5f82dfffad88fa0d36c
SHA-256: 894e620bf201f93b879e012a61819222ddf8a14645349449c7ce8913529b02de
webkitgtk-doc-1.2.6-2.el6_0.ppc64.rpm     MD5: f06517c4713b65e827a5fd01b714cf27
SHA-256: e725b381ce4c0e27c294220ab89df3b22cec1b0bfb7474980951f69e9e870f1d
 
s390x:
webkitgtk-1.2.6-2.el6_0.s390.rpm     MD5: 5f0497d4e6f40f237282f7d917ec78d0
SHA-256: 9b18820b085cc2486c9150619b7f99894fd84df581497fd2431bebeefd16f5c4
webkitgtk-1.2.6-2.el6_0.s390x.rpm     MD5: b49f9b21403be50608005718e206be04
SHA-256: f710a0bf24674b34a380e779101cc90a5a4cc50fb213e5be00bcefee4689a845
webkitgtk-debuginfo-1.2.6-2.el6_0.s390.rpm     MD5: 1560fba791f09cdb158d6dc95f4b8e3d
SHA-256: e0dd30c134d9c6c8e9ef250f79bb2c379d3c4e53e09d235e0795b3e6ca740032
webkitgtk-debuginfo-1.2.6-2.el6_0.s390x.rpm     MD5: 2fe88169dedaeb9ac33ceda80d542c15
SHA-256: 7b3078bc1c33d69ed496dbf1ba49e950eeeb64cb05c8e4c54605c78dc16445c8
webkitgtk-devel-1.2.6-2.el6_0.s390.rpm     MD5: 9b80ddb0545a38ffa7fde85eb178931d
SHA-256: bac1064d964436313fe4ae1c94ea89e1b9f31e8a5dde125ed49515e6dffd0053
webkitgtk-devel-1.2.6-2.el6_0.s390x.rpm     MD5: 1a5acf6ca8e4c80c51e6018f68aea1db
SHA-256: 8d6133d2358938df301bd061aed8af8056523a115c6a9d7c2f4e3a342f5f4121
webkitgtk-doc-1.2.6-2.el6_0.s390x.rpm     MD5: dc86eba9b266682d1f0b1520e8dc01fe
SHA-256: cb2e7a70e119b6c434672752c350ef61bf997c2fb8c6ad79fe2d382235b63506
 
x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm     MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-1.2.6-2.el6_0.x86_64.rpm     MD5: 5d36d5970a52061bb7dba6d78c8239ba
SHA-256: b8d804f77c48afee1139d3b05901a6923325f85b9f013768de2818d3a0a1e708
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm     MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm     MD5: 4ef47eb3df45148293f14a85406f7478
SHA-256: 9ad4c2669573ada78525e29dd7728ce788e27e8f99c1e96b2b3f872b142122a2
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm     MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm     MD5: d72d1e7690aabcc034cb94edd35ef927
SHA-256: bc81bb4f5e16b4257f362eb449a208fe1e9c938b564b5a589035f4e575b7af96
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm     MD5: 9d281923b64a0a931f281ce865e9225c
SHA-256: 1bafee5dc398a2a90b494fd9e039dcad5acf0e63c1b13b852679658602c4c174
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
webkitgtk-1.2.6-2.el6_0.src.rpm
File outdated by:  RHBA-2013:1613
    MD5: e92173e83855ad0e25a7915ad8f25a06
SHA-256: aa4882ce9c9edb46d91f71b52448b7fe3a336e7f7301b9af3ca10f610bc28a34
 
IA-32:
webkitgtk-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-doc-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 7dabe6217ad7cef4c1def5f4dc106132
SHA-256: 49a6ffee4f43fa3fda1737bd0bf17864499570e45b8f985bcf4e92a3994cde05
 
x86_64:
webkitgtk-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: c5df5a7355db303ed5a3e72fd50a81ce
SHA-256: 4b1216fcf3fac0bb36e56bec539dff1c66a779d78c66424ff3dd39e220a6839f
webkitgtk-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 5d36d5970a52061bb7dba6d78c8239ba
SHA-256: b8d804f77c48afee1139d3b05901a6923325f85b9f013768de2818d3a0a1e708
webkitgtk-debuginfo-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: dd0503a5adb34fa0b09a958e921bf8d4
SHA-256: e3399c2ab0e97b2d4a91279e7ca20c367092e7077ae3ccac34eca513f9d58857
webkitgtk-debuginfo-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 4ef47eb3df45148293f14a85406f7478
SHA-256: 9ad4c2669573ada78525e29dd7728ce788e27e8f99c1e96b2b3f872b142122a2
webkitgtk-devel-1.2.6-2.el6_0.i686.rpm
File outdated by:  RHBA-2013:1613
    MD5: 03cd88f4c3c3b8fe971c03104750b2c8
SHA-256: b18002529b00d1f61cce0d3f98e14f8f777934e700cb38e2d8ef10e5f235f4f4
webkitgtk-devel-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: d72d1e7690aabcc034cb94edd35ef927
SHA-256: bc81bb4f5e16b4257f362eb449a208fe1e9c938b564b5a589035f4e575b7af96
webkitgtk-doc-1.2.6-2.el6_0.x86_64.rpm
File outdated by:  RHBA-2013:1613
    MD5: 9d281923b64a0a931f281ce865e9225c
SHA-256: 1bafee5dc398a2a90b494fd9e039dcad5acf0e63c1b13b852679658602c4c174
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

627366 - CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK
627703 - CVE-2010-1807 webkit: input validation error when parsing certain NaN values
628032 - CVE-2010-3113 webkit: memory corruption when handling SVG documents
628035 - CVE-2010-3114 webkit: bad cast with text editing
628071 - CVE-2010-3115 webkit: address bar spoofing with history bug
628076 - CVE-2010-3119 webkit: DoS due to improper Ruby support
631939 - CVE-2010-1812 webkit: use-after-free flaw in handling of selections
631946 - CVE-2010-1814 webkit: memory corruption flaw when handling form menus
631948 - CVE-2010-1815 webkit: use-after-free flaw when handling scrollbars
640353 - CVE-2010-3116 webkit: memory corruption with MIME types
640357 - CVE-2010-3257 webkit: stale pointer issue with focusing
640360 - CVE-2010-3259 webkit: cross-origin image theft
645914 - CVE-2010-3255 webkit: DoS via improper handling of counter nodes
656115 - CVE-2010-4197 WebKit: Use-after-free vulnerabiity related to text editing causes memory corruption
656118 - CVE-2010-4198 WebKit: Memory corruption due to improper handling of large text area
656126 - CVE-2010-4204 WebKit: Use-after-free vulnerability related frame object
656129 - CVE-2010-4206 WebKit: Array index error during processing of an SVG document
667022 - CVE-2010-3812 webkit: Integer overflow in WebKit's handling of Text objects
667024 - CVE-2010-3813 webkit: HTMLLinkElement ignores dnsPrefetchingEnabled setting
667025 - CVE-2010-4577 webkit: CSS Font Face Parsing Type Confusion Vulnerability


References

https://www.redhat.com/security/data/cve/CVE-2010-1780.html
https://www.redhat.com/security/data/cve/CVE-2010-1782.html
https://www.redhat.com/security/data/cve/CVE-2010-1783.html
https://www.redhat.com/security/data/cve/CVE-2010-1784.html
https://www.redhat.com/security/data/cve/CVE-2010-1785.html
https://www.redhat.com/security/data/cve/CVE-2010-1786.html
https://www.redhat.com/security/data/cve/CVE-2010-1787.html
https://www.redhat.com/security/data/cve/CVE-2010-1788.html
https://www.redhat.com/security/data/cve/CVE-2010-1790.html
https://www.redhat.com/security/data/cve/CVE-2010-1792.html
https://www.redhat.com/security/data/cve/CVE-2010-1793.html
https://www.redhat.com/security/data/cve/CVE-2010-1807.html
https://www.redhat.com/security/data/cve/CVE-2010-1812.html
https://www.redhat.com/security/data/cve/CVE-2010-1814.html
https://www.redhat.com/security/data/cve/CVE-2010-1815.html
https://www.redhat.com/security/data/cve/CVE-2010-3113.html
https://www.redhat.com/security/data/cve/CVE-2010-3114.html
https://www.redhat.com/security/data/cve/CVE-2010-3115.html
https://www.redhat.com/security/data/cve/CVE-2010-3116.html
https://www.redhat.com/security/data/cve/CVE-2010-3119.html
https://www.redhat.com/security/data/cve/CVE-2010-3255.html
https://www.redhat.com/security/data/cve/CVE-2010-3257.html
https://www.redhat.com/security/data/cve/CVE-2010-3259.html
https://www.redhat.com/security/data/cve/CVE-2010-3812.html
https://www.redhat.com/security/data/cve/CVE-2010-3813.html
https://www.redhat.com/security/data/cve/CVE-2010-4197.html
https://www.redhat.com/security/data/cve/CVE-2010-4198.html
https://www.redhat.com/security/data/cve/CVE-2010-4204.html
https://www.redhat.com/security/data/cve/CVE-2010-4206.html
https://www.redhat.com/security/data/cve/CVE-2010-4577.html
https://access.redhat.com/security/updates/classification/#moderate


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/