Oval Definition:	oval:org.opensuse.security:def:64552
Revision Date: 2021-08-03 Version: 1 Title: Security update for webkit2gtk3 (Important) Description: This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-21779: Fixed a use-after-free vulnerability in the way that WebKit GraphicsContext handles certain events. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-30663: An integer overflow was addressed with improved input validation. (bsc#1188697) - CVE-2021-30665: A memory corruption issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30689: A logic issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30720: A logic issue was addressed with improved restrictions. (bsc#1188697) - CVE-2021-30734: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30744: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. (bsc#1188697) - CVE-2021-30749: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30758: A type confusion issue was addressed with improved state handling. (bsc#1188697) - CVE-2021-30795: A use after free issue was addressed with improved memory management. (bsc#1188697) - CVE-2021-30797: This issue was addressed with improved checks. (bsc#1188697) - CVE-2021-30799: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) Family: unix Class: patch Status: Reference(s): 1094138 1113160 1138822 1141132 1141777 1142038 1143839 1148177 1153090 1153277 1154940 1154968 1155372 1159833 1159920 1159973 1163871 1165921 1167631 1168310 1170231 1170557 1170824 1171687 1172383 1172384 1172386 1172462 1172495 1172710 1178375 1188697 CVE-2005-4900 CVE-2015-8216 CVE-2015-8217 CVE-2015-8218 CVE-2015-8219 CVE-2015-8363 CVE-2015-8364 CVE-2015-8365 CVE-2015-8661 CVE-2015-8662 CVE-2015-8663 CVE-2016-10128 CVE-2016-10129 CVE-2016-10130 CVE-2016-10190 CVE-2016-10191 CVE-2016-10192 CVE-2016-1897 CVE-2016-1898 CVE-2016-8568 CVE-2016-8569 CVE-2017-11399 CVE-2017-11665 CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223 CVE-2017-14225 CVE-2017-15186 CVE-2017-15672 CVE-2017-16840 CVE-2017-17081 CVE-2017-17555 CVE-2017-5338 CVE-2017-5339 CVE-2017-7859 CVE-2017-7862 CVE-2017-7863 CVE-2017-7865 CVE-2017-7866 CVE-2018-10887 CVE-2018-10888 CVE-2018-11235 CVE-2018-11243 CVE-2018-12458 CVE-2018-13300 CVE-2018-13302 CVE-2018-13305 CVE-2018-15822 CVE-2018-17456 CVE-2018-1999010 CVE-2018-1999011 CVE-2018-1999012 CVE-2018-1999013 CVE-2018-6392 CVE-2018-6621 CVE-2018-8098 CVE-2018-8099 CVE-2019-1010048 CVE-2019-10215 CVE-2019-13508 CVE-2019-14296 CVE-2019-15043 CVE-2019-20021 CVE-2019-20053 CVE-2020-10761 CVE-2020-12245 CVE-2020-13361 CVE-2020-13362 CVE-2020-13379 CVE-2020-13659 CVE-2020-13800 CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16007 CVE-2020-16008 CVE-2020-16009 CVE-2020-16011 CVE-2020-1752 CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797 CVE-2021-30799 openSUSE-SU-2020:0163-1 openSUSE-SU-2020:0250-1 openSUSE-SU-2020:0467-1 openSUSE-SU-2020:0741-1 openSUSE-SU-2020:1105-1 openSUSE-SU-2020:1108-1 openSUSE-SU-2020:1831-1 SUSE-SU-2021:2598-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND upx-3.96-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND dracut-saltboot-0.1.1590413773.a959db7-lp152.2.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.32.3-9.1 is installed OR libwebkit2gtk-4_0-37-2.32.3-9.1 is installed OR libwebkit2gtk3-lang-2.32.3-9.1 is installed OR webkit2gtk-4_0-injected-bundles-2.32.3-9.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libavcodec57-3.4.2-4.12 is installed OR libavutil-devel-3.4.2-4.12 is installed OR libavutil55-3.4.2-4.12 is installed OR libpostproc-devel-3.4.2-4.12 is installed OR libpostproc54-3.4.2-4.12 is installed OR libswresample-devel-3.4.2-4.12 is installed OR libswresample2-3.4.2-4.12 is installed OR libswscale-devel-3.4.2-4.12 is installed OR libswscale4-3.4.2-4.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information libgit2-26-0.26.8-3.8 is installed OR libgit2-devel-0.26.8-3.8 is installed
BACK