Oval Definition:oval:org.opensuse.security:def:119382
Revision Date:2022-04-27Version:1
Title:Security update for webkit2gtk3 (Important)
Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.36.0 (bsc#1198290): - CVE-2022-22624: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22628: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22629: Fixed a buffer overflow that may lead to arbitrary code execution. - CVE-2022-22637: Fixed an unexpected cross-origin behavior due to a logic error.

Missing CVE reference for the update to 2.34.6 (bsc#1196133): - CVE-2022-22594: Fixed a cross-origin issue in the IndexDB API.
Family:unixClass:patch
Status:Reference(s):1196133
1198290
CVE-2022-22594
CVE-2022-22624
CVE-2022-22628
CVE-2022-22629
CVE-2022-22637
SUSE-SU-2022:1431-1
Platform(s):SUSE Linux Enterprise Server 15 SP2-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP2-LTSS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1 is installed
  • OR libwebkit2gtk-4_0-37-2.36.0-150200.32.1 is installed
  • OR libwebkit2gtk3-lang-2.36.0-150200.32.1 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1 is installed
  • OR typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1 is installed
  • OR webkit2gtk3-devel-2.36.0-150200.32.1 is installed
  • BACK