Bug#561762: kde4libs: many webkit vulnerabilities

To: Eckhart Wörner <ewoerner@kde.org>
Cc: 561762@bugs.debian.org
Subject: Bug#561762: kde4libs: many webkit vulnerabilities
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Sun, 25 Apr 2010 22:43:03 +0200
Message-id: <[🔎] 20100425204303.GB17321@inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 561762@bugs.debian.org
In-reply-to: <[🔎] 201004040234.33161.ewoerner@kde.org>
References: <20091219234905.16030120.michael.s.gilbert@gmail.com> <[🔎] 20100403143220.GA2629@galadriel.inutil.org> <[🔎] 201004040234.33161.ewoerner@kde.org>

Hi Eckhart,

On Sun, Apr 04, 2010 at 02:34:32AM +0200, Eckhart Wörner wrote:
> > > CVE-2009-1703[25]:
> > > | WebKit in Apple Safari before 4.0 does not prevent references to file:
> > > | URLs within (1) audio and (2) video elements, which allows remote
> > > | attackers to determine the existence of arbitrary files via a crafted
> > > | HTML document.
> > 
> > This doesn't affect kde4libs (and even if, the impact is negligable)
> 
> Konqueror loads local videos from an http context here.

Since you're writing with a @kde.org address: My mail to security@kde.org 
was left unanswered. Do you have a suggestion who to contact instead?

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Bug#561762: kde4libs: many webkit vulnerabilities
  - From: Eckhart Wörner <ewoerner@kde.org>

References:
- Bug#561762: kde4libs: many webkit vulnerabilities
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Bug#561762: kde4libs: many webkit vulnerabilities
  - From: Eckhart Wörner <ewoerner@kde.org>

Prev by Date: Bug#561760: marked as done (qt4-x11: many webkit vulnerabilities)
Next by Date: Bug#561762: kde4libs: many webkit vulnerabilities
Previous by thread: Bug#561762: kde4libs: many webkit vulnerabilities
Next by thread: Bug#561762: kde4libs: many webkit vulnerabilities
Index(es):
- Date
- Thread