SUSE-SU-2023:0490-1 -- SLES webkit2gtk3, typelib-1_0-WebKit2-4_0, libjavascriptcoregtk, libwebkit2gtk-4_0-37, typelib-1_0-JavaScriptCore-4_0, webkit2gtk-4_0-injected-bundles, typelib-1_0-WebKit2WebExtension-4_0, libwebkit2gtk3-langID: oval:org.secpod.oval:def:89048576 | Date: (C)2023-04-11 (M)2024-05-16 |
Class: PATCH | Family: unix |
This update for webkit2gtk3 fixes the following issues: Update to version 2.38.5 : * CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content. Update to version 2.38.4 : * CVE-2023-23517: Fixed web content processing that could have led to arbitrary code execution. * CVE-2023-23518: Fixed web content processing that could have led to arbitrary code execution. * CVE-2022-42826: Fixed a use-after-free issue that was caused by improper memory management. New CVE and bug references where added for already released updates: Update to version 2.38.3 : * CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. * CVE-2022-42867: Fixed a use after free issue was addressed with improved memory management. * CVE-2022-46692: Fixed bypass of Same Origin Policy through improved state management. * CVE-2022-46698: Fixed disclosure of sensitive user information with improved checks. * CVE-2022-46699: Fixed an arbitrary code execution caused by memory corruption. * CVE-2022-46700: Fixed a potential arbitrary code execution when processing maliciously crafted web content. Update to version 2.38.1: * CVE-2022-46691: Fixed a potential arbitrary code execution when processing maliciously crafted web content. Update to version 2.38.0: * CVE-2022-42863: Fixed a potential arbitrary code execution when processing maliciously crafted web content.
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
Product: |
webkit2gtk3 |
typelib-1_0-WebKit2-4_0 |
libjavascriptcoregtk |
libwebkit2gtk-4_0-37 |
typelib-1_0-JavaScriptCore-4_0 |
webkit2gtk-4_0-injected-bundles |
typelib-1_0-WebKit2WebExtension-4_0 |
libwebkit2gtk3-lang |