[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#479644: libqt4-webkit:CVE-2008-1025 Cross-site scripting (XSS) vulnerability in Apple WebKit

On Wednesday 07 May 2008, Michael Gilbert wrote:
> On 5/6/08, Michael Gilbert wrote:
> > i believe that this is actually an issue with webkit itself, not the
> > libqt4-webkit package (which uses webkit as a library).  CVE-2008-1025
> > seems to indicate that the issue is wholely within webkit (there is no
> > mention of qt).
> i am mistaken, it looks like qt4-x11 duplicates the webkit source
> code, rather than relying on it as a library, which in my opinion is
> certainly not a very good approach.  please ignore the previous
> message.

Webkit doesn't provide a stable api nor abi, only thru the gtk and qt 
bindings, so there is no possibility to do it in a good way, especially when 
there is two different release schedules for the gtk and the qt version.

How could I get access over the cable?

You have to reinstall on the front-end, in such way then from the drawer 
within Photoshop you must insert the OpenGL periferic and you neither must 
open the graphic GUI of a login over a login, nor ever have to load the 
program on the button of a 2-inch ADSL terminale for removing a command 

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: