Oval Definition:oval:org.opensuse.security:def:65097
Revision Date:2020-12-01Version:1
Title:Security update for webkit2gtk3 (Important)
Description:

This update for webkit2gtk3 to version 2.26.4 fixes the following issues:

Security issues fixed:

- CVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719). - CVE-2019-8846: Fixed a use-after-free issue (bsc#1161719). - CVE-2020-3862: Fixed a memory handling issue (bsc#1163809). - CVE-2020-3864: Fixed a logic issue in the DOM object context handling (bsc#1163809). - CVE-2020-3865: Fixed a logic issue in the DOM object context handling (bsc#1163809). - CVE-2020-3867: Fixed an XSS issue (bsc#1163809). - CVE-2020-3868: Fixed multiple memory corruption issues that could have lead to arbitrary code execution (bsc#1163809).

Non-security issues fixed:

- Fixed issues while trying to play a video on NextCloud. - Fixed vertical alignment of text containing arabic diacritics. - Fixed build with icu 65.1. - Fixed page loading errors with websites using HSTS. - Fixed web process crash when displaying a KaTeX formula. - Fixed several crashes and rendering issues. - Switched to a single web process for Evolution and geary (bsc#1159329 glgo#GNOME/evolution#587).
Family:unixClass:patch
Status:Reference(s):1154401
1156188
1159329
1161719
1163809
1177943
CVE-2019-18804
CVE-2019-8835
CVE-2019-8844
CVE-2019-8846
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2020-3862
CVE-2020-3864
CVE-2020-3865
CVE-2020-3867
CVE-2020-3868
SUSE-SU-2019:3033-1
SUSE-SU-2020:0468-1
Platform(s):openSUSE Leap 15.2
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • java-11-openjdk-11.0.9.0-lp152.2.6 is installed
  • OR java-11-openjdk-accessibility-11.0.9.0-lp152.2.6 is installed
  • OR java-11-openjdk-demo-11.0.9.0-lp152.2.6 is installed
  • OR java-11-openjdk-devel-11.0.9.0-lp152.2.6 is installed
  • OR java-11-openjdk-headless-11.0.9.0-lp152.2.6 is installed
  • OR java-11-openjdk-javadoc-11.0.9.0-lp152.2.6 is installed
  • OR java-11-openjdk-jmods-11.0.9.0-lp152.2.6 is installed
  • OR java-11-openjdk-src-11.0.9.0-lp152.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.26.4-3.43 is installed
  • OR libwebkit2gtk-4_0-37-2.26.4-3.43 is installed
  • OR libwebkit2gtk3-lang-2.26.4-3.43 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.26.4-3.43 is installed
  • OR webkit2gtk3-2.26.4-3.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • djvulibre-3.5.27-3.8 is installed
  • OR libdjvulibre-devel-3.5.27-3.8 is installed
  • OR libdjvulibre21-3.5.27-3.8 is installed
    • BACK