| Revision Date: | 2020-04-24 | Version: | 1 |
| Title: | Security update for webkit2gtk3 (Important) |
| Description: |
This update for webkit2gtk3 to version 2.28.1 fixes the following issues:
Security issues fixed:
- CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled (bsc#1165528). - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free vulnerability (bsc#1169658).
Non-security issues fixed:
- Add API to enable Process Swap on (Cross-site) Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox support. - Make ondemand hardware acceleration policy never leave accelerated compositing mode. - Always use a light theme for rendering form controls. - Add about:gpu to show information about the graphics stack.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1165528
1169658
CVE-2020-10018
CVE-2020-11793
SUSE-SU-2020:1109-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information
libjavascriptcoregtk-4_0-18-2.28.1-3.49.2 is installed
OR libwebkit2gtk-4_0-37-2.28.1-3.49.2 is installed
OR libwebkit2gtk3-lang-2.28.1-3.49.2 is installed
OR webkit2gtk-4_0-injected-bundles-2.28.1-3.49.2 is installed
|