U radu programskog paketa WebKit uočen je niz sigurnosnih propusta koje udaljeni napadač može iskoristiti za izvođenje XSS i DoS napada, te pokretanje proizvoljnog programskog koda.

==========================================================================
Ubuntu Security Notice USN-1195-1
August 23, 2011

webkit vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.10
- Ubuntu 10.04 LTS

Summary:

Multiple security vulnerabilities were fixed in WebKit.

Software Description:
- webkit: Web content engine library for GTK+

Details:

A large number of security issues were discovered in the WebKit browser and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of
service attacks, and arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.10:
  libwebkit-1.0-2                 1.2.7-0ubuntu0.10.10.1

Ubuntu 10.04 LTS:
  libwebkit-1.0-2                 1.2.7-0ubuntu0.10.04.1

After a standard system update you need to restart any applications that
use WebKit, such as Epiphany and Midori, to make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-1195-1
  CVE-2010-1824, CVE-2010-2646, CVE-2010-2651, CVE-2010-2900,
  CVE-2010-2901, CVE-2010-3120, CVE-2010-3254, CVE-2010-3812,
  CVE-2010-3813, CVE-2010-4040, CVE-2010-4042, CVE-2010-4197,
  CVE-2010-4198, CVE-2010-4199, CVE-2010-4204, CVE-2010-4206,
  CVE-2010-4492, CVE-2010-4493, CVE-2010-4577, CVE-2010-4578,
  CVE-2011-0482, CVE-2011-0778

Package Information:
  https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.10.1
  https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.04.1