OVAL Reference oval:org.opensuse.security:def:59516

Oval Definition:

oval:org.opensuse.security:def:59516

Revision Date:	2021-08-03	Version:	1
Title:	Security update for webkit2gtk3 (Important)
Description:	This update for webkit2gtk3 fixes the following issues: Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-21779: Fixed a use-after-free vulnerability in the way that WebKit GraphicsContext handles certain events. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-30663: An integer overflow was addressed with improved input validation. (bsc#1188697) - CVE-2021-30665: A memory corruption issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30689: A logic issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30720: A logic issue was addressed with improved restrictions. (bsc#1188697) - CVE-2021-30734: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30744: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. (bsc#1188697) - CVE-2021-30749: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30758: A type confusion issue was addressed with improved state handling. (bsc#1188697) - CVE-2021-30795: A use after free issue was addressed with improved memory management. (bsc#1188697) - CVE-2021-30797: This issue was addressed with improved checks. (bsc#1188697) - CVE-2021-30799: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697)
Family:	unix	Class:	patch
Status:		Reference(s):	1027519 1068101 1083630 1086690 1094150 1094154 1094161 1095218 1095219 1097356 1105528 1108940 1114423 1115040 1115045 1115047 1116380 1117756 1129180 1129231 1131863 1134156 1140359 1146882 1146884 1151021 1154609 1172402 1174421 1174633 1174635 1174638 1188697 CVE-2011-2054 CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 CVE-2015-1419 CVE-2015-4041 CVE-2015-4042 CVE-2017-12627 CVE-2017-18269 CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 CVE-2018-11233 CVE-2018-11235 CVE-2018-11236 CVE-2018-11237 CVE-2018-18849 CVE-2018-19665 CVE-2018-19961 CVE-2018-19962 CVE-2018-19965 CVE-2018-19966 CVE-2018-5848 CVE-2019-12973 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-14835 CVE-2019-18197 CVE-2019-3835 CVE-2019-3839 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-15705 CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797 CVE-2021-30799 SUSE-SU-2017:3213-1 SUSE-SU-2018:1562-1 SUSE-SU-2018:1566-1 SUSE-SU-2019:0020-1 SUSE-SU-2019:0736-1 SUSE-SU-2019:2478-1 SUSE-SU-2020:0920-2 SUSE-SU-2020:1563-1 SUSE-SU-2020:2225-1 SUSE-SU-2020:2308-1 SUSE-SU-2020:2331-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libfreetype6-2.9-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.142-7 is installed OR chromium-75.0.3770.142-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_05-43.45 is installed OR xen-doc-html-4.7.6_05-43.45 is installed OR xen-libs-4.7.6_05-43.45 is installed OR xen-libs-32bit-4.7.6_05-43.45 is installed OR xen-tools-4.7.6_05-43.45 is installed OR xen-tools-domU-4.7.6_05-43.45 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-12-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed OR webkit2gtk3-2.28.1-2.50 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libgcrypt-1.6.1-16.62 is installed OR libgcrypt20-1.6.1-16.62 is installed OR libgcrypt20-32bit-1.6.1-16.62 is installed OR libgcrypt20-hmac-1.6.1-16.62 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.62 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bluez-5.13-5.4 is installed OR libbluetooth3-5.13-5.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.32.3-2.66.1 is installed OR libwebkit2gtk-4_0-37-2.32.3-2.66.1 is installed OR libwebkit2gtk3-lang-2.32.3-2.66.1 is installed OR typelib-1_0-JavaScriptCore-4_0-2.32.3-2.66.1 is installed OR typelib-1_0-WebKit2-4_0-2.32.3-2.66.1 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.32.3-2.66.1 is installed OR webkit2gtk-4_0-injected-bundles-2.32.3-2.66.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libxerces-c-3_1-3.1.1-13.3 is installed OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed OR xerces-c-3.1.1-13.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information xorg-x11-server-7.6_1.18.3-76.26 is installed OR xorg-x11-server-extra-7.6_1.18.3-76.26 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-core-branding-upstream-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-ha-6.0+git.1574286261.6fd1a34-3.13 is installed OR crowbar-openstack-6.0+git.1580922461.67fb3c087-3.19 is installed OR crowbar-ui-1.3.0+git.1575896697.a01a3a08-17 is installed OR keepalived-2.0.19-3.3 is installed OR openstack-barbican-7.0.1~dev24-3.6 is installed OR openstack-barbican-api-7.0.1~dev24-3.6 is installed OR openstack-barbican-keystone-listener-7.0.1~dev24-3.6 is installed OR openstack-barbican-retry-7.0.1~dev24-3.6 is installed OR openstack-barbican-worker-7.0.1~dev24-3.6 is installed OR openstack-ceilometer-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-central-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-polling-11.0.2~dev21-3.10 is installed OR openstack-cinder-13.0.9~dev11-3.16 is installed OR openstack-cinder-api-13.0.9~dev11-3.16 is installed OR openstack-cinder-backup-13.0.9~dev11-3.16 is installed OR openstack-cinder-scheduler-13.0.9~dev11-3.16 is installed OR openstack-cinder-volume-13.0.9~dev11-3.16 is installed OR openstack-dashboard-14.1.1~dev1-3.12 is installed OR openstack-dashboard-theme-SUSE-2018.2+git.1555335229.5c8dec9-3.3 is installed OR openstack-designate-7.0.1~dev23-3.13 is installed OR openstack-designate-agent-7.0.1~dev23-3.13 is installed OR openstack-designate-api-7.0.1~dev23-3.13 is installed OR openstack-designate-central-7.0.1~dev23-3.13 is installed OR openstack-designate-producer-7.0.1~dev23-3.13 is installed OR openstack-designate-sink-7.0.1~dev23-3.13 is installed OR openstack-designate-worker-7.0.1~dev23-3.13 is installed OR openstack-heat-11.0.3~dev31-3.13 is installed OR openstack-heat-api-11.0.3~dev31-3.13 is installed OR openstack-heat-api-cfn-11.0.3~dev31-3.13 is installed OR openstack-heat-engine-11.0.3~dev31-3.13 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev31-3.13 is installed OR openstack-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR openstack-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR openstack-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR openstack-ironic-11.1.4~dev22-3.13 is installed OR openstack-ironic-api-11.1.4~dev22-3.13 is installed OR openstack-ironic-conductor-11.1.4~dev22-3.13 is installed OR openstack-ironic-python-agent-3.3.3~dev6-3.13 is installed OR openstack-keystone-14.1.1~dev36-3.19 is installed OR openstack-magnum-7.2.1~dev1-3.10 is installed OR openstack-magnum-api-7.2.1~dev1-3.10 is installed OR openstack-magnum-conductor-7.2.1~dev1-3.10 is installed OR openstack-monasca-agent-2.8.1~dev13-3.6 is installed OR openstack-neutron-13.0.7~dev48-3.19 is installed OR openstack-neutron-dhcp-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-fwaas-13.0.3~dev4-3.9 is installed OR openstack-neutron-gbp-5.0.1~dev491-3.16 is installed OR openstack-neutron-ha-tool-13.0.7~dev48-3.19 is installed OR openstack-neutron-l3-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-linuxbridge-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-macvtap-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metadata-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metering-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-openvswitch-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-server-13.0.7~dev48-3.19 is installed OR openstack-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR openstack-neutron-vyatta-agent-13.0.2~dev6-3.6 is installed OR openstack-nova-18.2.4~dev63-3.19 is installed OR openstack-nova-api-18.2.4~dev63-3.19 is installed OR openstack-nova-cells-18.2.4~dev63-3.19 is installed OR openstack-nova-compute-18.2.4~dev63-3.19 is installed OR openstack-nova-conductor-18.2.4~dev63-3.19 is installed OR openstack-nova-console-18.2.4~dev63-3.19 is installed OR openstack-nova-novncproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-placement-api-18.2.4~dev63-3.19 is installed OR openstack-nova-scheduler-18.2.4~dev63-3.19 is installed OR openstack-nova-serialproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-vncproxy-18.2.4~dev63-3.19 is installed OR openstack-octavia-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-agent-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-image-0.1.2-7.6 is installed OR openstack-octavia-amphora-image-x86_64-0.1.2-7.6 is installed OR openstack-octavia-api-3.2.2~dev8-3.19 is installed OR openstack-octavia-health-manager-3.2.2~dev8-3.19 is installed OR openstack-octavia-housekeeping-3.2.2~dev8-3.19 is installed OR openstack-octavia-worker-3.2.2~dev8-3.19 is installed OR openstack-sahara-9.0.2~dev15-3.9 is installed OR openstack-sahara-api-9.0.2~dev15-3.9 is installed OR openstack-sahara-engine-9.0.2~dev15-3.9 is installed OR openstack-swift-2.19.2~dev48-3.3 is installed OR openstack-swift-account-2.19.2~dev48-3.3 is installed OR openstack-swift-container-2.19.2~dev48-3.3 is installed OR openstack-swift-object-2.19.2~dev48-3.3 is installed OR openstack-swift-proxy-2.19.2~dev48-3.3 is installed OR python-amqp-2.4.2-4.3 is installed OR python-barbican-7.0.1~dev24-3.6 is installed OR python-ceilometer-11.0.2~dev21-3.10 is installed OR python-cinder-13.0.9~dev11-3.16 is installed OR python-designate-7.0.1~dev23-3.13 is installed OR python-heat-11.0.3~dev31-3.13 is installed OR python-horizon-14.1.1~dev1-3.12 is installed OR python-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR python-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR python-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR python-ironic-11.1.4~dev22-3.13 is installed OR python-ironic-lib-2.14.2-3.3 is installed OR python-keystone-14.1.1~dev36-3.19 is installed OR python-keystoneauth1-3.10.1~dev10-3.3 is installed OR python-keystoneclient-3.17.1~dev5-3.3 is installed OR python-keystoneclient-doc-3.17.1~dev5-3.3 is installed OR python-keystonemiddleware-5.2.2~dev3-14 is installed OR python-magnum-7.2.1~dev1-3.10 is installed OR python-monasca-agent-2.8.1~dev13-3.6 is installed OR python-neutron-13.0.7~dev48-3.19 is installed OR python-neutron-fwaas-13.0.3~dev4-3.9 is installed OR python-neutron-gbp-5.0.1~dev491-3.16 is installed OR python-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR python-nova-18.2.4~dev63-3.19 is installed OR python-octavia-3.2.2~dev8-3.19 is installed OR python-openstack_auth-14.1.1~dev1-3.12 is installed OR python-ovs-2.9.0-3.3 is installed OR python-sahara-9.0.2~dev15-3.9 is installed OR python-swift-2.19.2~dev48-3.3 is installed OR ruby2.1-rubygem-crowbar-client-3.9.1-3.3 is installed OR ruby2.1-rubygem-puma-2.16.0-4.3 is installed OR rubygem-crowbar-client-3.9.1-3.3 is installed OR rubygem-puma-2.16.0-4.3 is installed OR supportutils-plugin-suse-openstack-cloud-9.0.1574431436.987b47d-3.6 is installed

BACK