Oval Definition:	oval:org.opensuse.security:def:60944
Revision Date: 2020-12-01 Version: 1 Title: Security update for webkit2gtk3 (Important) Description: This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled (bsc#1165528). - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free vulnerability (bsc#1169658). - CVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8846: Fixed a use-after-free issue (bsc#1161719). - CVE-2020-3862: Fixed a memory handling issue (bsc#1163809). - CVE-2020-3867: Fixed an XSS issue (bsc#1163809). - CVE-2020-3868: Fixed multiple memory corruption issues that could have lead to arbitrary code execution (bsc#1163809). - CVE-2020-3864,CVE-2020-3865: Fixed logic issues in the DOM object context handling (bsc#1163809). Non-security issues fixed: - Add API to enable Process Swap on (Cross-site) Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox support. - Make ondemand hardware acceleration policy never leave accelerated compositing mode. - Always use a light theme for rendering form controls. - Add about:gpu to show information about the graphics stack. - Fixed issues while trying to play a video on NextCloud. - Fixed vertical alignment of text containing arabic diacritics. - Fixed build with icu 65.1. - Fixed page loading errors with websites using HSTS. - Fixed web process crash when displaying a KaTeX formula. - Fixed several crashes and rendering issues. - Switched to a single web process for Evolution and geary (bsc#1159329). Family: unix Class: patch Status: Reference(s): 1012382 1027519 1035442 1040662 1049423 1051510 1051729 1052448 1052449 1052466 1055047 1061075 1061081 1063123 1067317 1068032 1068187 1068191 1070158 1070159 1070160 1070163 1074562 1076116 1076180 1077559 1077568 1077572 1077732 1082023 1084878 1117267 1117665 1118987 1135556 1137586 1137865 1139073 1139751 1140328 1140671 1143187 1144903 1145477 1146042 1146361 1146524 1146526 1146540 1146589 1147122 1148394 1148938 1149555 1149612 1150025 1150452 1150457 1150465 1151347 1151350 1152497 1152685 1152782 1152788 1153158 1154372 1154448 1154456 1154458 1154460 1154461 1154464 1155094 1155321 1155671 1155945 1156318 1157888 1158003 1158004 1158005 1158006 1158007 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1159329 1161719 1162197 1162200 1162224 1162367 1162825 1163809 1165528 1165894 1166916 1169658 1171252 1171254 1172443 1173369 1174157 1175259 1178671 CVE-2017-11423 CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 CVE-2017-15289 CVE-2017-15595 CVE-2017-15597 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566 CVE-2017-18030 CVE-2017-18379 CVE-2017-18509 CVE-2017-18595 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-6418 CVE-2017-6419 CVE-2017-6420 CVE-2018-11805 CVE-2018-12207 CVE-2018-19519 CVE-2018-5683 CVE-2018-6196 CVE-2018-6197 CVE-2018-6198 CVE-2019-10220 CVE-2019-11135 CVE-2019-11477 CVE-2019-13272 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-14821 CVE-2019-15216 CVE-2019-15219 CVE-2019-15220 CVE-2019-15239 CVE-2019-15291 CVE-2019-15505 CVE-2019-15666 CVE-2019-15807 CVE-2019-15924 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16413 CVE-2019-16995 CVE-2019-17055 CVE-2019-17056 CVE-2019-17133 CVE-2019-17639 CVE-2019-17666 CVE-2019-18348 CVE-2019-18420 CVE-2019-18421 CVE-2019-18422 CVE-2019-18423 CVE-2019-18424 CVE-2019-18425 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19582 CVE-2019-19583 CVE-2019-19604 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9456 CVE-2019-9506 CVE-2019-9674 CVE-2020-10018 CVE-2020-11793 CVE-2020-12321 CVE-2020-12653 CVE-2020-12654 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-15011 CVE-2020-1930 CVE-2020-1931 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-7598 CVE-2020-8174 CVE-2020-8492 SUSE-SU-2017:3115-1 SUSE-SU-2018:0255-1 SUSE-SU-2018:0438-1 SUSE-SU-2019:0776-1 SUSE-SU-2020:0810-1 SUSE-SU-2020:0854-1 SUSE-SU-2020:1135-1 SUSE-SU-2020:1623-1 SUSE-SU-2020:2048-1 SUSE-SU-2020:2482-1 SUSE-SU-2020:3354-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 NonFree SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information rmt-server-2.3.1-lp151.2.3 is installed OR rmt-server-config-2.3.1-lp151.2.3 is installed OR rmt-server-pubcloud-2.3.1-lp151.2.3 is installed Definition Synopsis openSUSE Leap 15.2 NonFree is installed AND opera-63.0.3368.88-lp152.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information xen-4.9.1_02-3.21 is installed OR xen-doc-html-4.9.1_02-3.21 is installed OR xen-libs-4.9.1_02-3.21 is installed OR xen-libs-32bit-4.9.1_02-3.21 is installed OR xen-tools-4.9.1_02-3.21 is installed OR xen-tools-domU-4.9.1_02-3.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND mailman-2.1.17-3.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information perl-Mail-SpamAssassin-3.4.2-44.8 is installed OR spamassassin-3.4.2-44.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND tcpdump-4.9.2-14.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libxerces-c-3_1-3.1.1-13.3 is installed OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed OR xerces-c-3.1.1-13.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed OR libwebkit2gtk3-lang-2.28.1-2.50 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed OR webkit2gtk3-2.28.1-2.50 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.12 is installed OR rubygem-actionview-4_2-4.2.9-9.12 is installed
BACK