Oval Definition:	oval:org.opensuse.security:def:56341
Revision Date: 2020-12-01 Version: 1 Title: Security update for webkit2gtk3 (Important) Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.18.5: + Disable SharedArrayBuffers from Web API. + Reduce the precision of 'high' resolution time to 1ms. + bsc#1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown (CVE-2017-5753 and CVE-2017-5715). Update to version 2.18.4: + Make WebDriver implementation more spec compliant. + Fix a bug when trying to remove cookies before a web process is spawned. + WebKitWebDriver process no longer links to libjavascriptcoregtk. + Fix several memory leaks in GStreamer media backend. + bsc#1073654 - Security fixes: CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-13856. Update to version 2.18.3: + Improve calculation of font metrics to prevent scrollbars from being shown unnecessarily in some cases. + Fix handling of null capabilities in WebDriver implementation. + Security fixes: CVE-2017-13798, CVE-2017-13788, CVE-2017-13803. Update to version 2.18.2: + Fix rendering of arabic text. + Fix a crash in the web process when decoding GIF images. + Fix rendering of wind in Windy.com. + Fix several crashes and rendering issues. Update to version 2.18.1: + Improve performance of GIF animations. + Fix garbled display in GMail. + Fix rendering of several material design icons when using the web font. + Fix flickering when resizing the window in Wayland. + Prevent default kerberos authentication credentials from being used in ephemeral sessions. + Fix a crash when webkit_web_resource_get_data() is cancelled. + Correctly handle touchmove and touchend events in WebKitWebView. + Fix the build with enchant 2.1.1. + Fix the build in HPPA and Alpha. + Fix several crashes and rendering issues. + Security fixes: CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142. - Enable gold linker on s390/s390x on SLE15/Tumbleweed. Family: unix Class: patch Status: Reference(s): 1002981 1009254 1010735 1010740 1010752 1010754 1010911 1020950 1021739 1024749 1025913 1026507 1027692 1027998 1028842 1033936 1033937 1033938 1033939 1033940 1033941 1033942 1033943 1033944 1033945 1050469 1052311 1052368 1062063 1066644 1066892 1069925 1071459 1071460 1071853 1073654 1075419 1093536 1094462 1107874 1108399 1109845 1133037 1141619 990856 998761 998762 998763 998800 998963 998964 CVE-2008-0928 CVE-2008-1945 CVE-2008-2382 CVE-2008-4316 CVE-2008-4539 CVE-2010-1205 CVE-2011-2489 CVE-2011-2490 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3328 CVE-2012-0804 CVE-2012-3449 CVE-2012-3515 CVE-2012-3524 CVE-2013-1992 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-4544 CVE-2013-6399 CVE-2013-6954 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0150 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-0333 CVE-2014-3461 CVE-2014-3640 CVE-2014-7840 CVE-2014-8106 CVE-2014-9495 CVE-2015-0973 CVE-2015-1779 CVE-2015-3209 CVE-2015-3456 CVE-2015-4037 CVE-2015-5154 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 CVE-2016-4692 CVE-2016-4743 CVE-2016-6354 CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 CVE-2016-7586 CVE-2016-7587 CVE-2016-7589 CVE-2016-7592 CVE-2016-7598 CVE-2016-7599 CVE-2016-7610 CVE-2016-7623 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7641 CVE-2016-7645 CVE-2016-7652 CVE-2016-7654 CVE-2016-7656 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 CVE-2017-1000112 CVE-2017-13788 CVE-2017-13798 CVE-2017-13803 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373 CVE-2017-2496 CVE-2017-2510 CVE-2017-2539 CVE-2017-5596 CVE-2017-5597 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-6014 CVE-2017-7006 CVE-2017-7011 CVE-2017-7012 CVE-2017-7018 CVE-2017-7019 CVE-2017-7020 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7038 CVE-2017-7039 CVE-2017-7040 CVE-2017-7041 CVE-2017-7042 CVE-2017-7043 CVE-2017-7046 CVE-2017-7048 CVE-2017-7049 CVE-2017-7052 CVE-2017-7055 CVE-2017-7056 CVE-2017-7059 CVE-2017-7061 CVE-2017-7064 CVE-2017-7081 CVE-2017-7087 CVE-2017-7089 CVE-2017-7090 CVE-2017-7091 CVE-2017-7092 CVE-2017-7093 CVE-2017-7094 CVE-2017-7095 CVE-2017-7096 CVE-2017-7098 CVE-2017-7099 CVE-2017-7100 CVE-2017-7102 CVE-2017-7104 CVE-2017-7107 CVE-2017-7109 CVE-2017-7111 CVE-2017-7117 CVE-2017-7120 CVE-2017-7142 CVE-2017-7156 CVE-2017-7157 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 CVE-2017-7745 CVE-2017-7746 CVE-2017-7747 CVE-2017-7748 CVE-2018-10811 CVE-2018-16151 CVE-2018-16152 CVE-2018-17182 CVE-2018-17540 CVE-2018-5388 CVE-2019-1010006 CVE-2019-11459 SUSE-SU-2017:1442-1 SUSE-SU-2017:2423-1 SUSE-SU-2018:0118-1 SUSE-SU-2018:0219-1 SUSE-SU-2018:3032-1 SUSE-SU-2019:2098-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cpio-2.12-lp150.1 is installed OR cpio-lang-2.12-lp150.1 is installed OR cpio-mt-2.12-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libecpg6-10.9-lp151.2.3 is installed OR libecpg6-32bit-10.9-lp151.2.3 is installed OR libpq5-10.9-lp151.2.3 is installed OR libpq5-32bit-10.9-lp151.2.3 is installed OR postgresql10-10.9-lp151.2.3 is installed OR postgresql10-contrib-10.9-lp151.2.3 is installed OR postgresql10-devel-10.9-lp151.2.3 is installed OR postgresql10-docs-10.9-lp151.2.3 is installed OR postgresql10-plperl-10.9-lp151.2.3 is installed OR postgresql10-plpython-10.9-lp151.2.3 is installed OR postgresql10-pltcl-10.9-lp151.2.3 is installed OR postgresql10-server-10.9-lp151.2.3 is installed OR postgresql10-test-10.9-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.18.5-2.18 is installed OR libwebkit2gtk-4_0-37-2.18.5-2.18 is installed OR libwebkit2gtk3-lang-2.18.5-2.18 is installed OR typelib-1_0-JavaScriptCore-4_0-2.18.5-2.18 is installed OR typelib-1_0-WebKit2-4_0-2.18.5-2.18 is installed OR webkit2gtk-4_0-injected-bundles-2.18.5-2.18 is installed OR webkit2gtk3-2.18.5-2.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cvs-1.12.12-181 is installed OR cvs-doc-1.12.12-181 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-8-2 is installed OR kgraft-patch-3_12_67-60_64_24-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_11-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information glib2-lang-2.48.2-10 is installed OR glib2-tools-2.48.2-10 is installed OR libgio-2_0-0-2.48.2-10 is installed OR libgio-2_0-0-32bit-2.48.2-10 is installed OR libglib-2_0-0-2.48.2-10 is installed OR libglib-2_0-0-32bit-2.48.2-10 is installed OR libgmodule-2_0-0-2.48.2-10 is installed OR libgmodule-2_0-0-32bit-2.48.2-10 is installed OR libgobject-2_0-0-2.48.2-10 is installed OR libgobject-2_0-0-32bit-2.48.2-10 is installed OR libgthread-2_0-0-2.48.2-10 is installed OR libgthread-2_0-0-32bit-2.48.2-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.19 is installed OR rsyslog-diag-tools-8.24.0-3.19 is installed OR rsyslog-doc-8.24.0-3.19 is installed OR rsyslog-module-gssapi-8.24.0-3.19 is installed OR rsyslog-module-gtls-8.24.0-3.19 is installed OR rsyslog-module-mysql-8.24.0-3.19 is installed OR rsyslog-module-pgsql-8.24.0-3.19 is installed OR rsyslog-module-relp-8.24.0-3.19 is installed OR rsyslog-module-snmp-8.24.0-3.19 is installed OR rsyslog-module-udpspoof-8.24.0-3.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-rails-html-sanitizer-1.0.2-7 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ntp-4.2.8p12-64.8 is installed OR ntp-doc-4.2.8p12-64.8 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.23-3.9 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-loofah-2.0.2-3.8 is installed OR rubygem-loofah-2.0.2-3.8 is installed
BACK