Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0688-1

Опубликовано: 27 мар. 2015
Источник: suse-cvrf

Описание

Security update for webkitgtk

This update fixes the following security issues:

  • Fix SSL connection issues with some websites after the POODLE vulnerability fix.
  • Fix a crash when loading flash plugins.
  • Fix build on GNU Hurd - Fix build on OS X.
  • Fix documentation of webkit_print_operation_get_page_setup().
  • Security fixes: CVE-2014-1344, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390, CVE-2015-2330. (bnc#879607, bnc#871792)
  • Pass autoreconf and enable libtool BuildRequires: Needed for above patch since it touches the buildsystem.
  • Bugs fixed: boo#871792, boo#879607 and boo#879607.

Список пакетов

SUSE Linux Enterprise Desktop 12
libjavascriptcoregtk-1_0-0-2.4.8-16.2
libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
libjavascriptcoregtk-3_0-0-2.4.8-16.2
libwebkit2gtk-3_0-25-2.4.8-16.2
libwebkitgtk-1_0-0-2.4.8-16.2
libwebkitgtk-1_0-0-32bit-2.4.8-16.2
libwebkitgtk-3_0-0-2.4.8-16.2
libwebkitgtk2-lang-2.4.8-16.2
libwebkitgtk3-lang-2.4.8-16.2
typelib-1_0-JavaScriptCore-3_0-2.4.8-16.2
typelib-1_0-WebKit-3_0-2.4.8-16.2
SUSE Linux Enterprise Server 12
libjavascriptcoregtk-3_0-0-2.4.8-16.2
libwebkitgtk-3_0-0-2.4.8-16.2
libwebkitgtk3-lang-2.4.8-16.2
SUSE Linux Enterprise Server for SAP Applications 12
libjavascriptcoregtk-3_0-0-2.4.8-16.2
libwebkitgtk-3_0-0-2.4.8-16.2
libwebkitgtk3-lang-2.4.8-16.2
SUSE Linux Enterprise Software Development Kit 12
libjavascriptcoregtk-1_0-0-2.4.8-16.2
libwebkit2gtk-3_0-25-2.4.8-16.2
libwebkitgtk-1_0-0-2.4.8-16.2
libwebkitgtk-devel-2.4.8-16.2
libwebkitgtk3-devel-2.4.8-16.2
typelib-1_0-JavaScriptCore-1_0-2.4.8-16.2
typelib-1_0-JavaScriptCore-3_0-2.4.8-16.2
typelib-1_0-WebKit-1_0-2.4.8-16.2
typelib-1_0-WebKit-3_0-2.4.8-16.2
SUSE Linux Enterprise Workstation Extension 12
libjavascriptcoregtk-1_0-0-2.4.8-16.2
libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
libwebkit2gtk-3_0-25-2.4.8-16.2
libwebkitgtk-1_0-0-2.4.8-16.2
libwebkitgtk-1_0-0-32bit-2.4.8-16.2
libwebkitgtk2-lang-2.4.8-16.2
typelib-1_0-JavaScriptCore-3_0-2.4.8-16.2
typelib-1_0-WebKit-3_0-2.4.8-16.2

Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки

Описание

Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-1_0-0-32bit-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libjavascriptcoregtk-3_0-0-2.4.8-16.2
SUSE Linux Enterprise Desktop 12:libwebkit2gtk-3_0-25-2.4.8-16.2
Ссылки