oss-sec mailing list archives
Re: WebKitGTK+ Security Advisory WSA-2016-0002
From: Carlos Alberto Lopez Perez <clopez () igalia com>
Date: Mon, 14 Mar 2016 17:16:45 +0100
On 14/03/16 13:29, Tomas Hoger wrote:
On Fri, 11 Mar 2016 15:25:39 +0100 Carlos Alberto Lopez Perez wrote:Advisory ID : WSA-2016-0002 Advisory URL : http://webkitgtk.org/security/WSA-2016-0002.html CVE identifiers : CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727, CVE-2016-1728. Several vulnerabilities were discovered on WebKitGTK+.Are further details of these issues available anywhere? WSA only re-uses Mitre CVE descriptions derived form Apple advisories, but is there info which bugs/commits these CVEs correspond to?
Per policy [1], the details of security bugs in WebKit and their fixes are available only to members of the WebKit Security Group. If you have a legitimate reason that you need to know specific details about any of this bugs, then you should state the reason in a inquiry directed to security () webkit org rather than to this mailing list. [1] https://webkit.org/security-policy/
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- WebKitGTK+ Security Advisory WSA-2016-0002 Carlos Alberto Lopez Perez (Mar 11)
- Re: WebKitGTK+ Security Advisory WSA-2016-0002 Tomas Hoger (Mar 14)
- Re: WebKitGTK+ Security Advisory WSA-2016-0002 Carlos Alberto Lopez Perez (Mar 14)
- Re: WebKitGTK+ Security Advisory WSA-2016-0002 Tomas Hoger (Mar 14)