OVAL Reference oval:org.opensuse.security:def:1088

Oval Definition:

oval:org.opensuse.security:def:1088

Revision Date:	2022-03-04	Version:	1
Title:	Security update for webkit2gtk3 (Important)
Description:	This update for webkit2gtk3 fixes the following issues: Update to version 2.34.6 (bsc#1196133): - CVE-2022-22620: Processing maliciously crafted web content may have lead to arbitrary code execution. Update to version 2.34.5 (bsc#1195735): - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addressed with improved state management. Update to version 2.34.4 (bsc#1195064): - CVE-2021-30934: A buffer overflow issue was addressed with improved memory handling. - CVE-2021-30936: A use after free issue was addressed with improved memory management. - CVE-2021-30951: A use after free issue was addressed with improved memory management. - CVE-2021-30952: An integer overflow was addressed with improved input validation. - CVE-2021-30953: An out-of-bounds read was addressed with improved bounds checking. - CVE-2021-30954: A type confusion issue was addressed with improved memory handling. - CVE-2021-30984: A race condition was addressed with improved state handling. - CVE-2022-22594: A cross-origin issue in the IndexDB API was addressed with improved input validation. The following CVEs were addressed in a previous update: - CVE-2021-45481: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create. - CVE-2021-45482: A use-after-free in WebCore::ContainerNode::firstChild. - CVE-2021-45483: A use-after-free in WebCore::Frame::page.
Family:	unix	Class:	patch
Status:		Reference(s):	1195064 1195735 1196133 CVE-2009-1720 CVE-2009-1721 CVE-2014-0107 CVE-2014-0107 CVE-2017-12596 CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 CVE-2018-18444 CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984 CVE-2021-45481 CVE-2021-45482 CVE-2021-45483 CVE-2022-22589 CVE-2022-22590 CVE-2022-22592 CVE-2022-22620 SUSE-SU-2022:0705-1
Platform(s):	openSUSE 13.2 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Storage 7.1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 SUSE Package Hub for SUSE Linux Enterprise 15	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information openstack-cinder-2014.2.3.dev13-1 is installed OR openstack-cinder-volume-2014.2.3.dev13-1 is installed OR python-cinder-2014.2.3.dev13-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND python-pyOpenSSL-16.0.0-2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND libmp3lame0-3.100-1.33 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND Package Information typelib-1_0-JavaScriptCore-4_0-2.34.6-29.1 is installed OR typelib-1_0-WebKit2-4_0-2.34.6-29.1 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.34.6-29.1 is installed OR webkit2gtk3-devel-2.34.6-29.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ruby2.5-rubygem-sprockets-3.7.2-3.3 is installed OR rubygem-sprockets-3.7.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information ffmpeg-3.4.2-4.12 is installed OR libavdevice57-3.4.2-4.12 is installed OR libavfilter6-3.4.2-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libIlmImf-2_2-23-2.2.1-3.3 is installed OR libIlmImfUtil-2_2-23-2.2.1-3.3 is installed OR openexr-devel-2.2.1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.30-3.16 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.30-3.16 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.30-3.16 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.30-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_6-default-3-2 is installed OR kernel-livepatch-SLE15_Update_2-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information MozillaFirefox-60.8.0-3.51 is installed OR MozillaFirefox-branding-upstream-60.8.0-3.51 is installed OR MozillaFirefox-buildsymbols-60.8.0-3.51 is installed OR MozillaFirefox-devel-60.8.0-3.51 is installed OR libfreebl3-hmac-32bit-3.44.1-3.16 is installed OR libsoftokn3-hmac-32bit-3.44.1-3.16 is installed OR mozilla-nss-3.44.1-3.16 is installed OR mozilla-nss-sysinit-32bit-3.44.1-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.13 is installed OR kernel-azure-base-4.12.14-5.13 is installed OR kernel-azure-devel-4.12.14-5.13 is installed OR kernel-devel-azure-4.12.14-5.13 is installed OR kernel-source-azure-4.12.14-5.13 is installed OR kernel-syms-azure-4.12.14-5.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.3 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND xalan-j2-2.7.2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information dovecot22-2.2.13-2.7 is installed OR dovecot22-backend-mysql-2.2.13-2.7 is installed OR dovecot22-backend-pgsql-2.2.13-2.7 is installed OR dovecot22-backend-sqlite-2.2.13-2.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND w3m-0.5.3-157.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information dia-0.97.3-2 is installed OR dia-lang-0.97.3-2 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND Package Information GraphicsMagick-1.3.29-bp150.2.9 is installed OR GraphicsMagick-devel-1.3.29-bp150.2.9 is installed OR libGraphicsMagick++-Q16-12-1.3.29-bp150.2.9 is installed OR libGraphicsMagick++-devel-1.3.29-bp150.2.9 is installed OR libGraphicsMagick-Q16-3-1.3.29-bp150.2.9 is installed OR libGraphicsMagick3-config-1.3.29-bp150.2.9 is installed OR libGraphicsMagickWand-Q16-2-1.3.29-bp150.2.9 is installed OR perl-GraphicsMagick-1.3.29-bp150.2.9 is installed

BACK