| Revision Date: | 2020-12-17 | Version: | 1 |
| Title: | Security update for webkit2gtk3 (Important) |
| Description: |
This update for webkit2gtk3 fixes the following issues:
-webkit2gtk3 was updated to version 2.30.3 (bsc#1179122 bsc#1179451): - CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-13584: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-9948: Fixed a type confusion which could have led to arbitrary code execution. - CVE-2021-9951: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-9983: Fixed an out of bounds write which could have led to arbitrary code execution. - Have the libwebkit2gtk package require libjavascriptcoregtk of the same version (bsc#1171531). - Enable c_loop on aarch64: currently needed for compilation to succeed with JIT disabled. Also disable sampling profiler, since it conflicts with c_loop (bsc#1177087).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1171531
1177087
1179122
1179451
CVE-2020-13543
CVE-2020-13584
CVE-2020-9948
CVE-2020-9951
CVE-2020-9983
|
| Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
| Product(s): | |