GLSA-201710-14 : WebKitGTK+: Multiple Vulnerabilities
High Nessus Plugin ID 103849
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201710-14 (WebKitGTK+: Multiple Vulnerabilities)
Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the references below for details.
A remote attacker could execute arbitrary code, cause a Denial of Service condition, bypass intended memory-read restrictions, conduct a timing side-channel attack to bypass the Same Origin Policy, obtain sensitive information, or spoof the address bar.
There is no known workaround at this time.
SolutionAll WebKitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/webkit-gtk-2.16.6' Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.