Oval Definition:oval:org.opensuse.security:def:55226
Revision Date:2021-08-03Version:1
Title:Security update for webkit2gtk3 (Important)
Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.32.3:

- CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-21779: Fixed a use-after-free vulnerability in the way that WebKit GraphicsContext handles certain events. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-30663: An integer overflow was addressed with improved input validation. (bsc#1188697) - CVE-2021-30665: A memory corruption issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30689: A logic issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30720: A logic issue was addressed with improved restrictions. (bsc#1188697) - CVE-2021-30734: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30744: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. (bsc#1188697) - CVE-2021-30749: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30758: A type confusion issue was addressed with improved state handling. (bsc#1188697) - CVE-2021-30795: A use after free issue was addressed with improved memory management. (bsc#1188697) - CVE-2021-30797: This issue was addressed with improved checks. (bsc#1188697) - CVE-2021-30799: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697)
Family:unixClass:patch
Status:Reference(s):1012215
1027519
1043886
1070615
1070724
1073748
1083292
1089152
1089635
1090820
1090822
1090823
1091107
1092885
1103276
1109847
1122191
1124493
1188697
755505
762294
802639
821039
826906
844230
855685
939367
952051
954980
958861
CVE-2010-5107
CVE-2012-0862
CVE-2012-2150
CVE-2012-4453
CVE-2013-4342
CVE-2014-0004
CVE-2014-9092
CVE-2015-3294
CVE-2015-7981
CVE-2015-8000
CVE-2015-8126
CVE-2017-15108
CVE-2017-15232
CVE-2018-10471
CVE-2018-10472
CVE-2018-14647
CVE-2018-3639
CVE-2018-3646
CVE-2018-7550
CVE-2018-8897
CVE-2019-3820
CVE-2019-5010
CVE-2021-21775
CVE-2021-21779
CVE-2021-30663
CVE-2021-30665
CVE-2021-30689
CVE-2021-30720
CVE-2021-30734
CVE-2021-30744
CVE-2021-30749
CVE-2021-30758
CVE-2021-30795
CVE-2021-30797
CVE-2021-30799
SUSE-SU-2015:2017-1
SUSE-SU-2015:2359-1
SUSE-SU-2015:2384-1
SUSE-SU-2018:0372-1
SUSE-SU-2018:0510-1
SUSE-SU-2018:1202-1
SUSE-SU-2018:1378-1
SUSE-SU-2018:2401-1
SUSE-SU-2019:0482-1
SUSE-SU-2019:1390-1
SUSE-SU-2021:2600-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • bind-9.11.2-lp150.7 is installed
  • OR bind-chrootenv-9.11.2-lp150.7 is installed
  • OR bind-utils-9.11.2-lp150.7 is installed
  • OR libbind9-160-9.11.2-lp150.7 is installed
  • OR libdns169-9.11.2-lp150.7 is installed
  • OR libirs160-9.11.2-lp150.7 is installed
  • OR libisc166-9.11.2-lp150.7 is installed
  • OR libisccc160-9.11.2-lp150.7 is installed
  • OR libisccfg160-9.11.2-lp150.7 is installed
  • OR liblwres160-9.11.2-lp150.7 is installed
  • OR python3-bind-9.11.2-lp150.7 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libtasn1-4.13-lp151.4.3 is installed
  • OR libtasn1-6-4.13-lp151.4.3 is installed
  • OR libtasn1-6-32bit-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-32bit-4.13-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • openssh-5.1p1-41.57 is installed
  • OR openssh-askpass-5.1p1-41.57 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libpng12-0-1.2.31-5.35 is installed
  • OR libpng12-0-32bit-1.2.31-5.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • xen-4.9.2_10-3.41 is installed
  • OR xen-libs-4.9.2_10-3.41 is installed
  • OR xen-libs-32bit-4.9.2_10-3.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libjpeg-turbo-1.5.3-31.7 is installed
  • OR libjpeg62-62.2.0-31.7 is installed
  • OR libjpeg62-32bit-62.2.0-31.7 is installed
  • OR libjpeg62-turbo-1.5.3-31.7 is installed
  • OR libjpeg8-8.1.2-31.7 is installed
  • OR libjpeg8-32bit-8.1.2-31.7 is installed
  • OR libturbojpeg0-8.1.2-31.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • dracut-037-66 is installed
  • OR dracut-fips-037-66 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.60 is installed
  • OR kernel-default-base-3.12.74-60.64.60 is installed
  • OR kernel-default-devel-3.12.74-60.64.60 is installed
  • OR kernel-default-man-3.12.74-60.64.60 is installed
  • OR kernel-devel-3.12.74-60.64.60 is installed
  • OR kernel-macros-3.12.74-60.64.60 is installed
  • OR kernel-source-3.12.74-60.64.60 is installed
  • OR kernel-syms-3.12.74-60.64.60 is installed
  • OR kernel-xen-3.12.74-60.64.60 is installed
  • OR kernel-xen-base-3.12.74-60.64.60 is installed
  • OR kernel-xen-devel-3.12.74-60.64.60 is installed
  • OR kgraft-patch-3_12_74-60_64_60-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_60-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_21-1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND davfs2-1.5.2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.32.3-2.66.1 is installed
  • OR libwebkit2gtk-4_0-37-2.32.3-2.66.1 is installed
  • OR libwebkit2gtk3-lang-2.32.3-2.66.1 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.32.3-2.66.1 is installed
  • OR typelib-1_0-WebKit2-4_0-2.32.3-2.66.1 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.32.3-2.66.1 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.32.3-2.66.1 is installed
  • OR webkit2gtk3-devel-2.32.3-2.66.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_101-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_27-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_59-92_24-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_9-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cracklib-2.9.0-7 is installed
  • OR libcrack2-2.9.0-7 is installed
  • OR libcrack2-32bit-2.9.0-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.68 is installed
  • OR libgcrypt20-1.6.1-16.68 is installed
  • OR libgcrypt20-32bit-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • dpdk-16.11.9-11.6 is installed
  • OR dpdk-kmp-default-16.11.9_k4.4.140_96.58.TDC-11.6 is installed
  • OR dpdk-tools-16.11.9-11.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • at-3.1.14-8.6 is installed
  • OR flex-2.5.37-8 is installed
  • OR flex-32bit-2.5.37-8 is installed
  • OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed
  • OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed
  • OR libbonobo-2.32.1-16 is installed
  • OR libbonobo-32bit-2.32.1-16 is installed
  • OR libbonobo-doc-2.32.1-16 is installed
  • OR libbonobo-lang-2.32.1-16 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND dnsmasq-utils-2.71-8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • storm-1.0.5-5 is installed
  • OR storm-nimbus-1.0.5-5 is installed
  • OR storm-supervisor-1.0.5-5 is installed
    • BACK