Oval Definition:oval:org.opensuse.security:def:74365
Revision Date:2021-08-03Version:1
Title:Security update for webkit2gtk3 (Important)
Description:

This update for webkit2gtk3 fixes the following issues:

- Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-21779: Fixed a use-after-free vulnerability in the way that WebKit GraphicsContext handles certain events. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (bsc#1188697) - CVE-2021-30663: An integer overflow was addressed with improved input validation. (bsc#1188697) - CVE-2021-30665: A memory corruption issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30689: A logic issue was addressed with improved state management. (bsc#1188697) - CVE-2021-30720: A logic issue was addressed with improved restrictions. (bsc#1188697) - CVE-2021-30734: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30744: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. (bsc#1188697) - CVE-2021-30749: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697) - CVE-2021-30758: A type confusion issue was addressed with improved state handling. (bsc#1188697) - CVE-2021-30795: A use after free issue was addressed with improved memory management. (bsc#1188697) - CVE-2021-30797: This issue was addressed with improved checks. (bsc#1188697) - CVE-2021-30799: Multiple memory corruption issues were addressed with improved memory handling. (bsc#1188697)
Family:unixClass:patch
Status:Reference(s):1100397
1123886
1144919
1146090
1146091
1146093
1146094
1146095
1146097
1146099
1146100
1188697
CVE-2019-9511
CVE-2019-9512
CVE-2019-9513
CVE-2019-9514
CVE-2019-9515
CVE-2019-9516
CVE-2019-9517
CVE-2019-9518
CVE-2021-21775
CVE-2021-21779
CVE-2021-30663
CVE-2021-30665
CVE-2021-30689
CVE-2021-30720
CVE-2021-30734
CVE-2021-30744
CVE-2021-30749
CVE-2021-30758
CVE-2021-30795
CVE-2021-30797
CVE-2021-30799
openSUSE-SU-2019:2115-1
openSUSE-SU-2019:2685-1
SUSE-SU-2021:2598-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • nodejs8-8.16.1-lp151.2.6 is installed
  • OR nodejs8-devel-8.16.1-lp151.2.6 is installed
  • OR nodejs8-docs-8.16.1-lp151.2.6 is installed
  • OR npm8-8.16.1-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed
  • AND Package Information
  • typelib-1_0-JavaScriptCore-4_0-2.32.3-9.1 is installed
  • OR typelib-1_0-WebKit2-4_0-2.32.3-9.1 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.32.3-9.1 is installed
  • OR webkit2gtk3-devel-2.32.3-9.1 is installed
    • BACK