Oval Definition:oval:org.opensuse.security:def:126875
Revision Date:2022-05-16Version:1
Title:Security update for webkit2gtk3 (Important)
Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.36.0 (bsc#1198290):

- CVE-2022-22624: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22628: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22629: Fixed a buffer overflow that may lead to arbitrary code execution. - CVE-2022-22637: Fixed an unexpected cross-origin behavior due to a logic error.

Missing CVE reference for the update to 2.34.6 (bsc#1196133):

- CVE-2022-22594: Fixed a cross-origin issue in the IndexDB API.
Family:unixClass:patch
Status:Reference(s):1196133
1198290
CVE-2022-22594
CVE-2022-22624
CVE-2022-22628
CVE-2022-22629
CVE-2022-22637
Platform(s):SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.36.0-2.96.1 is installed
  • OR libwebkit2gtk-4_0-37-2.36.0-2.96.1 is installed
  • OR libwebkit2gtk3-lang-2.36.0-2.96.1 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.36.0-2.96.1 is installed
  • OR typelib-1_0-WebKit2-4_0-2.36.0-2.96.1 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.36.0-2.96.1 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.36.0-2.96.1 is installed
  • BACK