CVE-2016-4761 in Ubuntu

CVE-2016-4761

Priority

Description

An use-after-free vulnerability allows remote attackers to cause a denial
of service or possibly have unspecified other impact via unknown vectors.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4761
https://webkitgtk.org/security/WSA-2016-0006.html
https://usn.ubuntu.com/usn/usn-3166-1

Notes

jdstrand

webkit receives limited support. For details, see
https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8

Package

Source: qtwebkit-opensource-src (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [no update available])
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (no update available)

Patches:

Package

Source: qtwebkit-source (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [no update available])
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (no update available)

Package

Source: webkit (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: webkit2gtk (LP Ubuntu Debian)

Upstream:	released (2.14.0)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (2.14.2-0ubuntu0.16.04.1)

Package

Source: webkitgtk (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [no update available])
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (no update available)

More Information

Updated: 2019-12-05 18:45:22 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)