Candidate: CVE-2009-1696
PublicDate: 2009-06-10 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1696
Description:
 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone
 OS for iPod touch 1.1 through 2.2.1 uses predictable random numbers in
 JavaScript applications, which makes it easier for remote web servers to
 track the behavior of a Safari user during a session.
Ubuntu-Description:
Notes:
 jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
  it, while qt4-x11 attempts to unify khtml and webkit
 mdeslaur> code doesn't seem present in kde4libs
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535793
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_webkit:
 upstream: http://trac.webkit.org/changeset/39510
 upstream: http://trac.webkit.org/changeset/39553
upstream_webkit: needs-triage
dapper_webkit: DNE
hardy_webkit: not-affected (code not present)
intrepid_webkit: not-affected (code not present)
jaunty_webkit: not-affected (code not present)
devel_webkit: not-affected (1.1.12-1ubuntu1)

Patches_qt4-x11:
upstream_qt4-x11: needs-triage
dapper_qt4-x11: not-affected (no webkit)
hardy_qt4-x11: not-affected (no webkit)
intrepid_qt4-x11: not-affected (code not present)
jaunty_qt4-x11: not-affected (4.5.0-0ubuntu4.2)
devel_qt4-x11: not-affected (4.5.2-0ubuntu5)