Ubuntu has issued an advisory on October 25: http://www.ubuntu.com/usn/usn-1617-1/ webkit 1.8.3 is building in Mageia 2 updates_testing now.
Updated package for Mageia 2 uploaded. Advisory: ======================== Updated webkit packages fix security vulnerabilities: A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution (CVE-2011-3031, CVE-2011-3038, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3051, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3076, CVE-2011-3081, CVE-2011-3086, CVE-2011-3090, CVE-2012-1521, CVE-2012-3598, CVE-2012-3601, CVE-2012-3604, CVE-2012-3611, CVE-2012-3612, CVE-2012-3617, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3645, CVE-2012-3652, CVE-2012-3657, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3674). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3031 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3038 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3043 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3044 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3059 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3060 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3064 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3598 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3601 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3611 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3612 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3617 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3626 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3627 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3645 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3652 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3669 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3670 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3671 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3672 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3674 http://www.ubuntu.com/usn/usn-1617-1/ ======================== Updated packages in core/updates_testing: ======================== webkit-1.8.3-1.mga2 webkit1.0-1.8.3-1.mga2 libwebkitgtk1.0_0-1.8.3-1.mga2 libjavascriptcoregtk1.0_0-1.8.3-1.mga2 libwebkitgtk1.0-devel-1.8.3-1.mga2 webkit-gtklauncher-1.8.3-1.mga2 webkit-jsc-1.8.3-1.mga2 webkit1.0-webinspector-1.8.3-1.mga2 webkit3-1.8.3-1.mga2 webkit3.0-1.8.3-1.mga2 libwebkitgtk3.0_0-1.8.3-1.mga2 libjavascriptcoregtk3.0_0-1.8.3-1.mga2 libwebkitgtk3.0-devel-1.8.3-1.mga2 webkit3-gtklauncher-1.8.3-1.mga2 webkit3-jsc-1.8.3-1.mga2 webkit3.0-webinspector-1.8.3-1.mga2 libjscore-gir1.0-1.8.3-1.mga2 libwebkit-gir1.0-1.8.3-1.mga2 libjscore-gir3.0-1.8.3-1.mga2 libwebkit-gir3.0-1.8.3-1.mga2 from webkit-1.8.3-1.mga2.src.rpm
Assignee: bugsquad => qa-bugs
Blocks: (none) => 7413
Testing using midori browser which requires most of these rpms and sunspider javascript benchmark. http://www.webkit.org/perf/sunspider-0.9.1/sunspider-0.9.1/driver.html
Tested OK i586. Also checked acid3 http://acid3.acidtests.org/
Whiteboard: (none) => has_procedure mga2-32-OK
Tested successfully with midori (and chromium-browser) on mga2 x86_64. Nothing to report. validate updates. Please use Comment 1 for Advisory and src-rpm. Could someone from sysadmin team push to Updates? Thanks.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: has_procedure mga2-32-OK => has_procedure, MGA2-32-OK, MGA2-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0324
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED