Download
| Alert*
|
oval:org.secpod.oval:def:89045092
This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.1: + Improve handling of Media Capture devices. + Improve WebAudio playback. + Improve video orientation handling. + Improve seeking support for MSE playback. + Improve flush support in EME decryptors. + Fix HTTP status ... oval:org.secpod.oval:def:67921 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a multiple vectors. Successful exploitation could allow attackers to cause multiple impacts. oval:org.secpod.oval:def:67926 The host is installed with Apple iTunes before 12.11 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to properly handle a memory management issue. Successful exploitation allows a remote attacker may be able to cause arbitrary code execution. oval:org.secpod.oval:def:71246 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:71223 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-27918 Liu Long discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-29623 Simon Hunt discovered that users may be unable to fully delete their bro ... oval:org.secpod.oval:def:89044296 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 : * Fix the authentication request port when URL omits the port. * Fix iframe scrolling when main frame is scrolled in async * scrolling mode. * Stop using g_memdup. * Show a warning message when overriding signal han ... oval:org.secpod.oval:def:1801938 *CVE-2020-27918 Versions affected: WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Processing maliciously crafted web content may lead to arbitrary code execution. A use after free issue was addressed with improved memory management. *CVE-2020-29623 Versions affected: WebKitGTK before 2.30.6 a ... oval:org.secpod.oval:def:119688 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. oval:org.secpod.oval:def:119664 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. oval:org.secpod.oval:def:67600 The host is installed with Apple MacOS 11 before 11.0.1 or Apple Safari before 14.0.1 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to properly handle a memory management issue. Successful exploitation could allow attackers to cause arbitrary code ... oval:org.secpod.oval:def:67218 The host is missing a security update according to Apple advisory, APPLE-SA-2020-09-16-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious web content. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:67217 The host is installed with Safari before 14.0 on Apple Mac OS X 10.14.6 or 10.15.6 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to properly handle a memory management issue. Successful exploitation could allow attackers to cause arbitrary code exe ... oval:org.secpod.oval:def:2106548 Oracle Solaris 11 - ( CVE-2021-1870 ) oval:org.secpod.oval:def:89047162 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 : * Fix the authentication request port when URL omits the port. * Fix iframe scrolling when main frame is scrolled in async * scrolling mode. * Stop using g_memdup. * Show a warning message when overriding signal han ... oval:org.secpod.oval:def:705947 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:605473 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-27918 Liu Long discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-29623 Simon Hunt discovered that users may be unable to fully delete their bro ... oval:org.secpod.oval:def:506478 GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version: gdm , webkit2gtk3 . Security Fix: * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution * LibRaw: Stack buffer over ... oval:org.secpod.oval:def:2500376 GNOME is the default desktop environment of AlmaLinux. oval:org.secpod.oval:def:76232 GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version: gdm , webkit2gtk3 . Security Fix: * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution * LibRaw: Stack buffer over ... oval:org.secpod.oval:def:1505266 accountsservice [0.6.55-2] - Add support for user templates so user can specify default session Resolves: #1812788 gdm [40.0-14] - Fix XDMCP Resolves: #2004170 - Fix crash at shutdown Related: #2004170 [40.0-13] - Disable Wayland on HyperV - Fix Xorg fallback Related: #1998989 [40.0-12] - Redisable ... oval:org.secpod.oval:def:89045920 This update for webkit2gtk3 fixes the following issues: - Update to version 2.34.3 . - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy when processing maliciously crafted web content. - CVE-2021-30890: Fixed logic issue allowing universal cross site scripti ... oval:org.secpod.oval:def:89047402 This update for webkit2gtk3 fixes the following issues: - Update to version 2.34.3 . - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy when processing maliciously crafted web content. - CVE-2021-30890: Fixed logic issue allowing universal cross site scripti ... oval:org.secpod.oval:def:89045928 This update for webkit2gtk3 fixes the following issues: - Update to version 2.34.3 . - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy when processing maliciously crafted web content. - CVE-2021-30890: Fixed logic issue allowing universal cross site scripti ... oval:org.secpod.oval:def:89045909 This update for webkit2gtk3 fixes the following issues: - Update to version 2.34.3 . - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy when processing maliciously crafted web content. - CVE-2021-30890: Fixed logic issue allowing universal cross site scripti ... oval:org.secpod.oval:def:3300361 SUSE Security Update: Security update for webkit2gtk3 oval:org.secpod.oval:def:1701375 A logic issue was addressed with improved state management. A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processin ... oval:org.secpod.oval:def:67567 The host is missing a security update according to Apple advisory, APPLE-SA-2020-11-13-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code or caus ... |
