Tag: WebKit

Posted on

Blink and Servo

It is a back to back news on web browsers.

First, Mozilla and Samsung are working together on new Servo web browser engine for Android and ARM. Servo itself is written in Rust, a programming language developed by Mozilla.

Should Samsung ever want to fork Android, they would have their own web browser.

Mozilla-Samsung

——-

Second, Google announces Blink, a new open source rendering engine based on WebKit.

In a sense that Google is in a disagreement on what direction Webkit should go.

Chromium_Logo

Bring on all the different web browsers, as long as they adhere to one HTML standard.

 

 

Posted on

Apple Releases Safari 4 Public Beta

safari_icon

Apple releases Safari 4 Public Beta today. It is available for Mac OS X (Tiger and Leopard) and Windows (XP and Vista).

Safari 4 Public Beta includes Nitro engine and slew of new features such as Top Sites, Full History Search, Cover Flow, and Tabs on Top.

safari_4_top_sites

Check out the new Safari Welcome Page (Safari 4 Public Beta or the latest WebKit is required to make this page work.)

Get it from http://www.apple.com/safari/

——-

WebKit, the Open Source counterpart of Safari is available from WebKit.org.

Posted on

Safari 3.1.1 is Available

Safari Icon

Apple releases Safari 3.1.1 to address stability, compatibility and Security.

Safari 3.1.1 is available for Mac OS X Tiger, Leopard, and Windows XP/Vista.

About the security content of Safari 3.1.1

Safari 3.1.1

  • Safari
    CVE-ID: CVE-2007-2398
    Available for: Windows XP or Vista
    Impact: A maliciously crafted website may control the contents of the address bar
    Description: A timing issue in Safari 3.1 allows a web page to change the contents of the address bar without loading the contents of the corresponding page. This could be used to spoof the contents of a legitimate site, allowing user credentials or other information to be gathered. This issue was addressed in Safari Beta 3.0.2, but reintroduced in Safari 3.1. This update addresses the issue by restoring the address bar contents if a request for a new web page is terminated. This issue does not affect Mac OS X systems.
  • Safari
    CVE-ID: CVE-2008-1024
    Available for: Windows XP or Vista
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: A memory corruption issue exists in Safari’s file downloading. By enticing a user to download a file with a maliciously crafted name, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of file downloads. This issue does not affect Mac OS X systems.
  • WebKit
    CVE-ID: CVE-2008-1025
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.2, Mac OS X Server v10.5.2, Windows XP or Vista
    Impact: Visiting a malicious website may result in cross-site scripting
    Description: An issue exists in WebKi’s handling of URLs containing a colon character in the host name. Opening a maliciously crafted URL may lead to a cross-site scripting attack. This update addresses the issue through improved handling of URLs. Credit to Robert Swiecki of Google Information Security Team and David Bloom for reporting this issue.
  • WebKit
    CVE-ID: CVE-2008-1026
    Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.2, Mac OS X Server v10.5.2, Windows XP or Vista
    Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution
    Description: A heap buffer overflow exists in WebKit’s handling of JavaScript regular expressions. The issue may be triggered via JavaScript when processing regular expressions with large, nested repetition counts. This may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller for reporting these issues.

Safari 3.1.1 can be obtained through Safari Download Page or Apple Software Updates.

Close

Ad-blocker not detected

Please consider installing Ad-blocker such as uBlock Origin.

On computers, please consider browsing the web using Mozilla Firefox with uBlock Origin.