OVAL Reference oval:org.opensuse.security:def:58258

Oval Definition:

oval:org.opensuse.security:def:58258

Revision Date:	2020-12-01	Version:	1
Title:	Security update for webkit2gtk3 (Important)
Description:	This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled (bsc#1165528). - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free vulnerability (bsc#1169658). - CVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8846: Fixed a use-after-free issue (bsc#1161719). - CVE-2020-3862: Fixed a memory handling issue (bsc#1163809). - CVE-2020-3867: Fixed an XSS issue (bsc#1163809). - CVE-2020-3868: Fixed multiple memory corruption issues that could have lead to arbitrary code execution (bsc#1163809). - CVE-2020-3864,CVE-2020-3865: Fixed logic issues in the DOM object context handling (bsc#1163809). Non-security issues fixed: - Add API to enable Process Swap on (Cross-site) Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox support. - Make ondemand hardware acceleration policy never leave accelerated compositing mode. - Always use a light theme for rendering form controls. - Add about:gpu to show information about the graphics stack. - Fixed issues while trying to play a video on NextCloud. - Fixed vertical alignment of text containing arabic diacritics. - Fixed build with icu 65.1. - Fixed page loading errors with websites using HSTS. - Fixed web process crash when displaying a KaTeX formula. - Fixed several crashes and rendering issues. - Switched to a single web process for Evolution and geary (bsc#1159329).
Family:	unix	Class:	patch
Status:		Reference(s):	1037559 1046554 1046555 1065274 1073230 1076017 1083488 1085114 1085447 1102682 1104129 1104205 1109209 1112209 1113534 1113652 1113742 1126068 1126069 1132665 1133185 1149332 1152856 1154212 1154824 1155321 1156318 1156353 1159329 1161719 1163809 1164860 1165528 1165784 1166238 1169658 1171878 1172085 1172140 1172437 1172466 1174117 1176013 1177943 CVE-2017-13166 CVE-2017-15088 CVE-2017-3142 CVE-2017-3143 CVE-2017-8779 CVE-2018-0734 CVE-2018-1000004 CVE-2018-1068 CVE-2018-14526 CVE-2018-5390 CVE-2018-5407 CVE-2018-5740 CVE-2018-5743 CVE-2018-5745 CVE-2018-7566 CVE-2019-15666 CVE-2019-20503 CVE-2019-2894 CVE-2019-2933 CVE-2019-2945 CVE-2019-2949 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2987 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-6465 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-10018 CVE-2020-10029 CVE-2020-10757 CVE-2020-11793 CVE-2020-13935 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-1935 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 SUSE-SU-2017:1328-1 SUSE-SU-2017:1736-1 SUSE-SU-2017:2948-1 SUSE-SU-2018:1004-1 SUSE-SU-2018:3866-1 SUSE-SU-2019:3084-1 SUSE-SU-2020:0717-1 SUSE-SU-2020:1135-1 SUSE-SU-2020:1595-1 SUSE-SU-2020:2611-1 SUSE-SU-2020:3024-1 SUSE-SU-2020:3310-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND autofs-5.1.3-lp150.5 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.3 is installed OR bzip2-doc-1.0.6-lp151.5.3 is installed OR libbz2-1-1.0.6-lp151.5.3 is installed OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed OR libbz2-devel-1.0.6-lp151.5.3 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.46 is installed OR libopenssl1_0_0-1.0.2j-60.46 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed OR openssl-1.0.2j-60.46 is installed OR openssl-doc-1.0.2j-60.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND wpa_supplicant-2.6-15.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND sudo-1.8.20p2-3.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libruby2_1-2_1-2.1.9-19.3 is installed OR ruby2.1-2.1.9-19.3 is installed OR ruby2.1-stdlib-2.1.9-19.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_57-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libblkid1-2.29.2-3.12 is installed OR libblkid1-32bit-2.29.2-3.12 is installed OR libfdisk1-2.29.2-3.12 is installed OR libmount1-2.29.2-3.12 is installed OR libmount1-32bit-2.29.2-3.12 is installed OR libsmartcols1-2.29.2-3.12 is installed OR libuuid1-2.29.2-3.12 is installed OR libuuid1-32bit-2.29.2-3.12 is installed OR python-libmount-2.29.2-3.12 is installed OR util-linux-2.29.2-3.12 is installed OR util-linux-lang-2.29.2-3.12 is installed OR util-linux-systemd-2.29.2-3.12 is installed OR uuidd-2.29.2-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libXvMC1-1.0.8-7 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed OR libwebkit2gtk3-lang-2.28.1-2.50 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.1-2.50 is installed OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed OR webkit2gtk3-2.28.1-2.50 is installed OR webkit2gtk3-devel-2.28.1-2.50 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information openstack-aodh-5.1.1~dev5-3.5 is installed OR openstack-aodh-api-5.1.1~dev5-3.5 is installed OR openstack-aodh-doc-5.1.1~dev5-3.5 is installed OR openstack-aodh-evaluator-5.1.1~dev5-3.5 is installed OR openstack-aodh-expirer-5.1.1~dev5-3.5 is installed OR openstack-aodh-listener-5.1.1~dev5-3.5 is installed OR openstack-aodh-notifier-5.1.1~dev5-3.5 is installed OR openstack-barbican-5.0.1~dev11-3.8 is installed OR openstack-barbican-api-5.0.1~dev11-3.8 is installed OR openstack-barbican-doc-5.0.1~dev11-3.8 is installed OR openstack-barbican-keystone-listener-5.0.1~dev11-3.8 is installed OR openstack-barbican-retry-5.0.1~dev11-3.8 is installed OR openstack-barbican-worker-5.0.1~dev11-3.8 is installed OR openstack-cinder-11.1.2~dev14-3.6 is installed OR openstack-cinder-api-11.1.2~dev14-3.6 is installed OR openstack-cinder-backup-11.1.2~dev14-3.6 is installed OR openstack-cinder-doc-11.1.2~dev14-3.6 is installed OR openstack-cinder-scheduler-11.1.2~dev14-3.6 is installed OR openstack-cinder-volume-11.1.2~dev14-3.6 is installed OR openstack-dashboard-12.0.4~dev1-3.8 is installed OR openstack-designate-5.0.2~dev5-3.5 is installed OR openstack-designate-agent-5.0.2~dev5-3.5 is installed OR openstack-designate-api-5.0.2~dev5-3.5 is installed OR openstack-designate-central-5.0.2~dev5-3.5 is installed OR openstack-designate-doc-5.0.2~dev5-3.5 is installed OR openstack-designate-producer-5.0.2~dev5-3.5 is installed OR openstack-designate-sink-5.0.2~dev5-3.5 is installed OR openstack-designate-worker-5.0.2~dev5-3.5 is installed OR openstack-glance-15.0.2~dev4-3.3 is installed OR openstack-glance-api-15.0.2~dev4-3.3 is installed OR openstack-glance-doc-15.0.2~dev4-3.3 is installed OR openstack-glance-registry-15.0.2~dev4-3.3 is installed OR openstack-heat-9.0.5~dev11-3.6 is installed OR openstack-heat-api-9.0.5~dev11-3.6 is installed OR openstack-heat-api-cfn-9.0.5~dev11-3.6 is installed OR openstack-heat-api-cloudwatch-9.0.5~dev11-3.6 is installed OR openstack-heat-doc-9.0.5~dev11-3.6 is installed OR openstack-heat-engine-9.0.5~dev11-3.6 is installed OR openstack-heat-plugin-heat_docker-9.0.5~dev11-3.6 is installed OR openstack-heat-templates-0.0.0+git.1525957319.6b5a7cd-3.3 is installed OR openstack-heat-test-9.0.5~dev11-3.6 is installed OR openstack-horizon-plugin-designate-ui-5.0.2~dev5-3.3 is installed OR openstack-horizon-plugin-freezer-ui-5.0.1~dev6-3.3 is installed OR openstack-horizon-plugin-gbp-ui-5.0.1~dev21-4.3 is installed OR openstack-horizon-plugin-manila-ui-2.10.3~dev4-4.5 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-3.0.3~dev2-3.5 is installed OR openstack-horizon-plugin-trove-ui-9.0.1~dev7-3.3 is installed OR openstack-ironic-9.1.5~dev7-3.6 is installed OR openstack-ironic-api-9.1.5~dev7-3.6 is installed OR openstack-ironic-conductor-9.1.5~dev7-3.6 is installed OR openstack-ironic-doc-9.1.5~dev7-3.6 is installed OR openstack-keystone-12.0.1~dev19-5.8 is installed OR openstack-keystone-doc-12.0.1~dev19-5.8 is installed OR openstack-manila-5.0.2~dev55-3.6 is installed OR openstack-manila-api-5.0.2~dev55-3.6 is installed OR openstack-manila-data-5.0.2~dev55-3.6 is installed OR openstack-manila-doc-5.0.2~dev55-3.6 is installed OR openstack-manila-scheduler-5.0.2~dev55-3.6 is installed OR openstack-manila-share-5.0.2~dev55-3.6 is installed OR openstack-neutron-11.0.6~dev63-3.6 is installed OR openstack-neutron-dhcp-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-doc-11.0.6~dev63-3.6 is installed OR openstack-neutron-fwaas-11.0.2~dev7-3.5 is installed OR openstack-neutron-fwaas-doc-11.0.2~dev7-3.5 is installed OR openstack-neutron-ha-tool-11.0.6~dev63-3.6 is installed OR openstack-neutron-l3-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-lbaas-11.0.4~dev4-3.3 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev4-3.3 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev4-3.3 is installed OR openstack-neutron-linuxbridge-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-macvtap-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-metadata-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-metering-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-openvswitch-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-server-11.0.6~dev63-3.6 is installed OR openstack-neutron-vpn-agent-11.0.1~dev1-3.3 is installed OR openstack-neutron-vpnaas-11.0.1~dev1-3.3 is installed OR openstack-neutron-vpnaas-doc-11.0.1~dev1-3.3 is installed OR openstack-neutron-vyatta-agent-11.0.1~dev1-3.3 is installed OR openstack-neutron-zvm-agent-8.0.1~dev12-4.3 is installed OR openstack-nova-16.1.5~dev49-3.8 is installed OR openstack-nova-api-16.1.5~dev49-3.8 is installed OR openstack-nova-cells-16.1.5~dev49-3.8 is installed OR openstack-nova-compute-16.1.5~dev49-3.8 is installed OR openstack-nova-conductor-16.1.5~dev49-3.8 is installed OR openstack-nova-console-16.1.5~dev49-3.8 is installed OR openstack-nova-consoleauth-16.1.5~dev49-3.8 is installed OR openstack-nova-doc-16.1.5~dev49-3.8 is installed OR openstack-nova-novncproxy-16.1.5~dev49-3.8 is installed OR openstack-nova-placement-api-16.1.5~dev49-3.8 is installed OR openstack-nova-scheduler-16.1.5~dev49-3.8 is installed OR openstack-nova-serialproxy-16.1.5~dev49-3.8 is installed OR openstack-nova-virt-zvm-8.0.1~dev56-3.3 is installed OR openstack-nova-vncproxy-16.1.5~dev49-3.8 is installed OR openstack-octavia-1.0.3~dev21-4.6 is installed OR openstack-octavia-amphora-agent-1.0.3~dev21-4.6 is installed OR openstack-octavia-api-1.0.3~dev21-4.6 is installed OR openstack-octavia-health-manager-1.0.3~dev21-4.6 is installed OR openstack-octavia-housekeeping-1.0.3~dev21-4.6 is installed OR openstack-octavia-worker-1.0.3~dev21-4.6 is installed OR openstack-trove-8.0.1~dev11-3.3 is installed OR openstack-trove-api-8.0.1~dev11-3.3 is installed OR openstack-trove-conductor-8.0.1~dev11-3.3 is installed OR openstack-trove-doc-8.0.1~dev11-3.3 is installed OR openstack-trove-guestagent-8.0.1~dev11-3.3 is installed OR openstack-trove-taskmanager-8.0.1~dev11-3.3 is installed OR python-aodh-5.1.1~dev5-3.5 is installed OR python-barbican-5.0.1~dev11-3.8 is installed OR python-barbicanclient-4.5.2-4.3 is installed OR python-barbicanclient-doc-4.5.2-4.3 is installed OR python-cinder-11.1.2~dev14-3.6 is installed OR python-designate-5.0.2~dev5-3.5 is installed OR python-glance-15.0.2~dev4-3.3 is installed OR python-heat-9.0.5~dev11-3.6 is installed OR python-horizon-12.0.4~dev1-3.8 is installed OR python-horizon-plugin-designate-ui-5.0.2~dev5-3.3 is installed OR python-horizon-plugin-freezer-ui-5.0.1~dev6-3.3 is installed OR python-horizon-plugin-gbp-ui-5.0.1~dev21-4.3 is installed OR python-horizon-plugin-manila-ui-2.10.3~dev4-4.5 is installed OR python-horizon-plugin-neutron-lbaas-ui-3.0.3~dev2-3.5 is installed OR python-horizon-plugin-trove-ui-9.0.1~dev7-3.3 is installed OR python-ironic-9.1.5~dev7-3.6 is installed OR python-keystone-12.0.1~dev19-5.8 is installed OR python-keystone-json-assignment-0.0.2-3.3 is installed OR python-manila-5.0.2~dev55-3.6 is installed OR python-manilaclient-1.17.3-3.3 is installed OR python-manilaclient-doc-1.17.3-3.3 is installed OR python-neutron-11.0.6~dev63-3.6 is installed OR python-neutron-fwaas-11.0.2~dev7-3.5 is installed OR python-neutron-lbaas-11.0.4~dev4-3.3 is installed OR python-neutron-vpnaas-11.0.1~dev1-3.3 is installed OR python-nova-16.1.5~dev49-3.8 is installed OR python-octavia-1.0.3~dev21-4.6 is installed OR python-trove-8.0.1~dev11-3.3 is installed OR python-vmware-nsx-11.0.3~dev16-3.3 is installed OR python-vmware-nsxlib-11.0.4~dev7-3.3 is installed

BACK