Oval Definition:oval:org.opensuse.security:def:5358
Revision Date:2022-03-03Version:1
Title:Security update for webkit2gtk3 (Important)
Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.34.5 (bsc#1195735):

- CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addressed with improved state management.

Update to version 2.34.4 (bsc#1195064):

- CVE-2021-30934: A buffer overflow issue was addressed with improved memory handling. - CVE-2021-30936: A use after free issue was addressed with improved memory management. - CVE-2021-30951: A use after free issue was addressed with improved memory management. - CVE-2021-30952: An integer overflow was addressed with improved input validation. - CVE-2021-30953: An out-of-bounds read was addressed with improved bounds checking. - CVE-2021-30954: A type confusion issue was addressed with improved memory handling. - CVE-2021-30984: A race condition was addressed with improved state handling. - CVE-2022-22594: A cross-origin issue in the IndexDB API was addressed with improved input validation.

The following CVEs were addressed in a previous update:

- CVE-2021-45481: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create. - CVE-2021-45482: A use-after-free in WebCore::ContainerNode::firstChild. - CVE-2021-45483: A use-after-free in WebCore::Frame::page.
Family:unixClass:patch
Status:Reference(s):1154063
1175070
1175071
1178074
1195064
1195735
CVE-2004-0801
CVE-2009-1886
CVE-2009-1888
CVE-2009-2813
CVE-2009-2906
CVE-2009-2948
CVE-2009-5029
CVE-2010-0547
CVE-2010-0728
CVE-2010-0787
CVE-2010-4000
CVE-2010-4267
CVE-2011-2485
CVE-2011-2513
CVE-2011-2514
CVE-2011-2697
CVE-2011-2722
CVE-2011-3377
CVE-2011-3602
CVE-2012-0035
CVE-2012-1586
CVE-2012-2451
CVE-2012-3406
CVE-2012-3422
CVE-2012-3423
CVE-2012-4412
CVE-2012-4540
CVE-2013-0242
CVE-2013-1914
CVE-2013-1926
CVE-2013-1927
CVE-2013-2001
CVE-2013-2207
CVE-2013-4237
CVE-2013-4325
CVE-2013-4332
CVE-2013-4349
CVE-2013-4458
CVE-2013-6370
CVE-2013-6371
CVE-2013-6402
CVE-2013-6427
CVE-2013-7423
CVE-2014-0475
CVE-2014-3421
CVE-2014-3422
CVE-2014-3423
CVE-2014-3424
CVE-2014-3634
CVE-2014-4043
CVE-2014-5119
CVE-2014-6040
CVE-2014-7817
CVE-2014-8121
CVE-2014-9402
CVE-2014-9761
CVE-2015-1472
CVE-2015-1473
CVE-2015-1781
CVE-2015-5234
CVE-2015-5235
CVE-2015-7547
CVE-2015-8776
CVE-2015-8777
CVE-2015-8778
CVE-2015-8779
CVE-2016-1234
CVE-2016-2347
CVE-2016-3075
CVE-2016-3706
CVE-2016-4429
CVE-2020-11993
CVE-2020-9490
CVE-2021-30934
CVE-2021-30936
CVE-2021-30951
CVE-2021-30952
CVE-2021-30953
CVE-2021-30954
CVE-2021-30984
CVE-2021-45481
CVE-2021-45482
CVE-2021-45483
CVE-2022-22589
CVE-2022-22590
CVE-2022-22592
CVE-2022-22594
SUSE-SU-2020:2583-1
SUSE-SU-2020:3067-1
SUSE-SU-2022:0690-1
Platform(s):openSUSE 13.1
openSUSE 13.1 NonFree
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability Extension 11 SP2
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for Advanced Systems Management 12
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for High Performance Computing 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Point of Sale 12 SP2
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE OpenStack Cloud 5
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • krb5-1.6.3-133.49.66.1 is installed
  • OR krb5-32bit-1.6.3-133.49.66.1 is installed
  • OR krb5-client-1.6.3-133.49.66.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • emacs-24.3-14 is installed
  • OR emacs-info-24.3-14 is installed
  • OR emacs-x11-24.3-14 is installed
  • OR etags-24.3-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND cifs-utils-6.5-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 is installed
  • AND Package Information
  • compat-libldap-2_3-0-2.3.37-16.1 is installed
  • OR openldap2-2.4.39-16.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-94.1 is installed
  • OR libopenssl0_9_8-0.9.8j-94.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND libpcreposix0-8.39-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND conntrack-tools-1.4.2-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability Extension 11 SP2 is installed
  • AND Package Information
  • hawk-0.5.2-0.38.16 is installed
  • OR hawk-templates-0.5.2-0.38.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND Package Information
  • cups-1.7.5-20.23 is installed
  • OR cups-client-1.7.5-20.23 is installed
  • OR cups-libs-1.7.5-20.23 is installed
  • OR cups-libs-32bit-1.7.5-20.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_35-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_12-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_92-6_30-default-1-6.1 is installed
  • OR kgraft-patch-SLE12-SP3_Update_5-1-6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
  • AND Package Information
  • salt-2016.11.4-46.10.1 is installed
  • OR salt-api-2016.11.4-46.10.1 is installed
  • OR salt-bash-completion-2016.11.4-46.10.1 is installed
  • OR salt-cloud-2016.11.4-46.10.1 is installed
  • OR salt-doc-2016.11.4-46.10.1 is installed
  • OR salt-master-2016.11.4-46.10.1 is installed
  • OR salt-minion-2016.11.4-46.10.1 is installed
  • OR salt-proxy-2016.11.4-46.10.1 is installed
  • OR salt-ssh-2016.11.4-46.10.1 is installed
  • OR salt-syndic-2016.11.4-46.10.1 is installed
  • OR salt-zsh-completion-2016.11.4-46.10.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND Package Information
  • ruby2.1-rubygem-passenger-5.0.18-6.1 is installed
  • OR rubygem-passenger-5.0.18-6.1 is installed
  • OR rubygem-passenger-apache2-5.0.18-6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 12 is installed
  • AND Package Information
  • libslurm29-16.05.8.1-5 is installed
  • OR perl-slurm-16.05.8.1-5 is installed
  • OR slurm-16.05.8.1-5 is installed
  • OR slurm-auth-none-16.05.8.1-5 is installed
  • OR slurm-devel-16.05.8.1-5 is installed
  • OR slurm-doc-16.05.8.1-5 is installed
  • OR slurm-lua-16.05.8.1-5 is installed
  • OR slurm-munge-16.05.8.1-5 is installed
  • OR slurm-pam_slurm-16.05.8.1-5 is installed
  • OR slurm-plugins-16.05.8.1-5 is installed
  • OR slurm-sched-wiki-16.05.8.1-5 is installed
  • OR slurm-slurmdbd-16.05.8.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • cups154-1.5.4-5.1 is installed
  • OR cups154-client-1.5.4-5.1 is installed
  • OR cups154-filters-1.5.4-5.1 is installed
  • OR cups154-libs-1.5.4-5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND python-pycrypto-2.6.1-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php5-5.5.14-4 is installed
  • OR php5-5.5.14-4 is installed
  • OR php5-bcmath-5.5.14-4 is installed
  • OR php5-bz2-5.5.14-4 is installed
  • OR php5-calendar-5.5.14-4 is installed
  • OR php5-ctype-5.5.14-4 is installed
  • OR php5-curl-5.5.14-4 is installed
  • OR php5-dba-5.5.14-4 is installed
  • OR php5-dom-5.5.14-4 is installed
  • OR php5-enchant-5.5.14-4 is installed
  • OR php5-exif-5.5.14-4 is installed
  • OR php5-fastcgi-5.5.14-4 is installed
  • OR php5-fileinfo-5.5.14-4 is installed
  • OR php5-fpm-5.5.14-4 is installed
  • OR php5-ftp-5.5.14-4 is installed
  • OR php5-gd-5.5.14-4 is installed
  • OR php5-gettext-5.5.14-4 is installed
  • OR php5-gmp-5.5.14-4 is installed
  • OR php5-iconv-5.5.14-4 is installed
  • OR php5-intl-5.5.14-4 is installed
  • OR php5-json-5.5.14-4 is installed
  • OR php5-ldap-5.5.14-4 is installed
  • OR php5-mbstring-5.5.14-4 is installed
  • OR php5-mcrypt-5.5.14-4 is installed
  • OR php5-mysql-5.5.14-4 is installed
  • OR php5-odbc-5.5.14-4 is installed
  • OR php5-openssl-5.5.14-4 is installed
  • OR php5-pcntl-5.5.14-4 is installed
  • OR php5-pdo-5.5.14-4 is installed
  • OR php5-pear-5.5.14-4 is installed
  • OR php5-pgsql-5.5.14-4 is installed
  • OR php5-pspell-5.5.14-4 is installed
  • OR php5-shmop-5.5.14-4 is installed
  • OR php5-snmp-5.5.14-4 is installed
  • OR php5-soap-5.5.14-4 is installed
  • OR php5-sockets-5.5.14-4 is installed
  • OR php5-sqlite-5.5.14-4 is installed
  • OR php5-suhosin-5.5.14-4 is installed
  • OR php5-sysvmsg-5.5.14-4 is installed
  • OR php5-sysvsem-5.5.14-4 is installed
  • OR php5-sysvshm-5.5.14-4 is installed
  • OR php5-tokenizer-5.5.14-4 is installed
  • OR php5-wddx-5.5.14-4 is installed
  • OR php5-xmlreader-5.5.14-4 is installed
  • OR php5-xmlrpc-5.5.14-4 is installed
  • OR php5-xmlwriter-5.5.14-4 is installed
  • OR php5-xsl-5.5.14-4 is installed
  • OR php5-zip-5.5.14-4 is installed
  • OR php5-zlib-5.5.14-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Point of Sale 12 SP2 is installed
  • AND python-pycrypto-2.6.1-10.3.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • libapr-util1-1.3.4-12.19.1 is installed
  • OR libapr-util1-32bit-1.3.4-12.19.1 is installed
  • OR libapr1-1.3.3-11.16.1 is installed
  • OR libapr1-32bit-1.3.3-11.16.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND amavisd-new-2.7.0-18.7.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND LibVNCServer-0.9.1-154.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • opie-2.4-662.18.1 is installed
  • OR opie-32bit-2.4-662.18.1 is installed
  • OR opie-x86-2.4-662.18.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • jasper-1.900.14-181.1 is installed
  • OR libjasper1-1.900.14-181.1 is installed
  • OR libjasper1-32bit-1.900.14-181.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libXrender1-0.9.8-7 is installed
  • OR libXrender1-32bit-0.9.8-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
  • AND Package Information
  • typelib-1_0-WebKit2WebExtension-4_0-2.34.5-2.85.3 is installed
  • OR webkit2gtk3-devel-2.34.5-2.85.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_60-52_63-default-3-2.1 is installed
  • OR kgraft-patch-3_12_60-52_63-xen-3-2.1 is installed
  • OR kgraft-patch-SLE12_Update_18-3-2.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • avahi-0.6.32-5.8 is installed
  • OR avahi-compat-howl-devel-0.6.32-5.8 is installed
  • OR avahi-compat-mDNSResponder-devel-0.6.32-5.8 is installed
  • OR avahi-glib2-0.6.32-5.8 is installed
  • OR avahi-lang-0.6.32-5.8 is installed
  • OR avahi-utils-0.6.32-5.8 is installed
  • OR libavahi-client3-0.6.32-5.8 is installed
  • OR libavahi-client3-32bit-0.6.32-5.8 is installed
  • OR libavahi-common3-0.6.32-5.8 is installed
  • OR libavahi-common3-32bit-0.6.32-5.8 is installed
  • OR libavahi-core7-0.6.32-5.8 is installed
  • OR libavahi-devel-0.6.32-5.8 is installed
  • OR libavahi-glib-devel-0.6.32-5.8 is installed
  • OR libavahi-glib1-0.6.32-5.8 is installed
  • OR libavahi-gobject0-0.6.32-5.8 is installed
  • OR libavahi-ui-gtk3-0-0.6.32-5.8 is installed
  • OR libavahi-ui0-0.6.32-5.8 is installed
  • OR libdns_sd-0.6.32-5.8 is installed
  • OR libhowl0-0.6.32-5.8 is installed
  • OR typelib-1_0-Avahi-0_6-0.6.32-5.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND apache2-mod_nss-1.0.14-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_60-52_54-default-4-2 is installed
  • OR kgraft-patch-3_12_60-52_54-xen-4-2 is installed
  • OR kgraft-patch-SLE12_Update_15-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed
  • AND Package Information
  • kgraft-patch-3_12_67-60_64_18-default-8-3 is installed
  • OR kgraft-patch-3_12_67-60_64_18-xen-8-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_9-8-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND LibVNCServer-devel-0.9.1-154.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND apache2-devel-2.4.10-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-70.1 is installed
  • OR ImageMagick-devel-6.8.8.1-70.1 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-70.1 is installed
  • OR libMagick++-devel-6.8.8.1-70.1 is installed
  • OR perl-PerlMagick-6.8.8.1-70.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND dovecot22-devel-2.2.30.2-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND LibVNCServer-devel-0.9.9-17.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • kernel-default-3.12.38-44.1 is installed
  • OR kernel-default-extra-3.12.38-44.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP1 is installed
  • AND Package Information
  • kernel-default-3.12.69-60.64.32.1 is installed
  • OR kernel-default-extra-3.12.69-60.64.32.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
  • AND Package Information
  • gstreamer-0_10-plugins-base-0.10.36-14.1 is installed
  • OR gstreamer-0_10-plugins-base-lang-0.10.36-14.1 is installed
  • OR libgstapp-0_10-0-0.10.36-14.1 is installed
  • OR libgstinterfaces-0_10-0-0.10.36-14.1 is installed
    • BACK