Oval Definition:oval:org.opensuse.security:def:63914
Revision Date:2020-12-01Version:1
Title:Security update for webkit2gtk3 (Important)
Description:

This update for webkit2gtk3 to version 2.28.1 fixes the following issues:

Security issues fixed:

- CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled (bsc#1165528). - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free vulnerability (bsc#1169658). - CVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8846: Fixed a use-after-free issue (bsc#1161719). - CVE-2020-3862: Fixed a memory handling issue (bsc#1163809). - CVE-2020-3867: Fixed an XSS issue (bsc#1163809). - CVE-2020-3868: Fixed multiple memory corruption issues that could have lead to arbitrary code execution (bsc#1163809). - CVE-2020-3864,CVE-2020-3865: Fixed logic issues in the DOM object context handling (bsc#1163809).

Non-security issues fixed:

- Add API to enable Process Swap on (Cross-site) Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox support. - Make ondemand hardware acceleration policy never leave accelerated compositing mode. - Always use a light theme for rendering form controls. - Add about:gpu to show information about the graphics stack. - Fixed issues while trying to play a video on NextCloud. - Fixed vertical alignment of text containing arabic diacritics. - Fixed build with icu 65.1. - Fixed page loading errors with websites using HSTS. - Fixed web process crash when displaying a KaTeX formula. - Fixed several crashes and rendering issues. - Switched to a single web process for Evolution and geary (bsc#1159329).
Family:unixClass:patch
Status:Reference(s):1068664
1100331
1121967
1134157
1134853
1136183
1138920
1139649
1142160
1142413
1143409
1143463
1143777
1143817
1143818
1143819
1143820
1143821
1143823
1143824
1143825
1143827
1143828
1143830
1143831
1144656
1144675
1154824
1154884
1154887
1155321
1156318
1156353
1159208
1159329
1159550
1159623
1161719
1162198
1163019
1163809
1165528
1167209
1169658
1172466
1174543
1175986
CVE-2012-0876
CVE-2016-0718
CVE-2016-4472
CVE-2016-9063
CVE-2017-1000158
CVE-2017-9233
CVE-2018-10892
CVE-2019-11059
CVE-2019-11690
CVE-2019-12290
CVE-2019-13103
CVE-2019-13104
CVE-2019-13106
CVE-2019-13509
CVE-2019-14192
CVE-2019-14193
CVE-2019-14194
CVE-2019-14195
CVE-2019-14196
CVE-2019-14197
CVE-2019-14198
CVE-2019-14199
CVE-2019-14200
CVE-2019-14201
CVE-2019-14202
CVE-2019-14203
CVE-2019-14204
CVE-2019-14271
CVE-2019-18224
CVE-2019-19724
CVE-2019-5736
CVE-2019-8625
CVE-2019-8710
CVE-2019-8720
CVE-2019-8743
CVE-2019-8764
CVE-2019-8766
CVE-2019-8769
CVE-2019-8771
CVE-2019-8782
CVE-2019-8783
CVE-2019-8808
CVE-2019-8811
CVE-2019-8812
CVE-2019-8813
CVE-2019-8814
CVE-2019-8815
CVE-2019-8816
CVE-2019-8819
CVE-2019-8820
CVE-2019-8823
CVE-2019-8835
CVE-2019-8844
CVE-2019-8846
CVE-2020-0543
CVE-2020-0548
CVE-2020-0549
CVE-2020-10018
CVE-2020-10648
CVE-2020-11793
CVE-2020-25032
CVE-2020-3862
CVE-2020-3864
CVE-2020-3865
CVE-2020-3867
CVE-2020-3868
CVE-2020-8432
CVE-2020-8608
openSUSE-SU-2019:1491-1
openSUSE-SU-2019:2021-1
openSUSE-SU-2019:2611-1
openSUSE-SU-2020:0057-1
openSUSE-SU-2020:1393-1
SUSE-SU-2020:0497-1
SUSE-SU-2020:1135-1
SUSE-SU-2020:1595-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • GraphicsMagick-1.3.29-lp151.4.3 is installed
  • OR GraphicsMagick-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick3-config-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3 is installed
  • OR perl-GraphicsMagick-1.3.29-lp151.4.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • python-Flask-Cors-3.0.8-lp152.2.3 is installed
  • OR python2-Flask-Cors-3.0.8-lp152.2.3 is installed
  • OR python3-Flask-Cors-3.0.8-lp152.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed
  • OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed
  • OR libwebkit2gtk3-lang-2.28.1-2.50 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed
  • OR webkit2gtk3-2.28.1-2.50 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • xen-4.11.4_06-2.33 is installed
  • OR xen-doc-html-4.11.4_06-2.33 is installed
  • OR xen-libs-4.11.4_06-2.33 is installed
  • OR xen-libs-32bit-4.11.4_06-2.33 is installed
  • OR xen-tools-4.11.4_06-2.33 is installed
  • OR xen-tools-domU-4.11.4_06-2.33 is installed
  • BACK