Oval Definition:	oval:org.opensuse.security:def:73674
Revision Date: 2021-08-03 Version: 1 Title: Security update for webkit2gtk3 (Important) Description: This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-21779: Fixed a use-after-free vulnerability in the way that WebKit GraphicsContext handles certain events. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-30663: An integer overflow was addressed with improved input validation. (bsc#1188697) - CVE-2021-30665: A memory corruption issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30689: A logic issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30720: A logic issue was addressed with improved restrictions. (bsc#1188697) - CVE-2021-30734: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30744: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. (bsc#1188697) - CVE-2021-30749: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30758: A type confusion issue was addressed with improved state handling. (bsc#1188697) - CVE-2021-30795: A use after free issue was addressed with improved memory management. (bsc#1188697) - CVE-2021-30797: This issue was addressed with improved checks. (bsc#1188697) - CVE-2021-30799: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) Family: unix Class: patch Status: Reference(s): 1173026 1173027 1174628 1188697 CVE-2020-14344 CVE-2020-8169 CVE-2020-8177 CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797 CVE-2021-30799 SUSE-SU-2020:1733-1 SUSE-SU-2020:2116-1 SUSE-SU-2021:2598-1 Platform(s): SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed AND Package Information libxcb-1.13-3.5 is installed OR libxcb-render0-32bit-1.13-3.5 is installed OR libxcb-shm0-32bit-1.13-3.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information curl-7.66.0-4.3 is installed OR libcurl-devel-7.66.0-4.3 is installed OR libcurl4-7.66.0-4.3 is installed OR libcurl4-32bit-7.66.0-4.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.32.3-9.1 is installed OR libwebkit2gtk-4_0-37-2.32.3-9.1 is installed OR libwebkit2gtk3-lang-2.32.3-9.1 is installed OR webkit2gtk-4_0-injected-bundles-2.32.3-9.1 is installed
BACK