Описание
Security update for webkit2gtk3
This update for webkit2gtk3 to version 2.22.4 fixes the following issues:
Security issues fixed:
CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4416, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386 (bsc#1110279, bsc#1116998).
Список пакетов
SUSE Enterprise Storage 4
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Workstation Extension 12 SP3
SUSE Linux Enterprise Workstation Extension 12 SP4
SUSE OpenStack Cloud 7
Ссылки
- Link for SUSE-SU-2019:0059-1
- E-Mail link for SUSE-SU-2019:0059-1
- SUSE Security Ratings
- SUSE Bug 1110279
- SUSE Bug 1116998
- SUSE CVE CVE-2018-4191 page
- SUSE CVE CVE-2018-4197 page
- SUSE CVE CVE-2018-4207 page
- SUSE CVE CVE-2018-4208 page
- SUSE CVE CVE-2018-4209 page
- SUSE CVE CVE-2018-4210 page
- SUSE CVE CVE-2018-4212 page
- SUSE CVE CVE-2018-4213 page
- SUSE CVE CVE-2018-4261 page
- SUSE CVE CVE-2018-4262 page
- SUSE CVE CVE-2018-4263 page
- SUSE CVE CVE-2018-4264 page
- SUSE CVE CVE-2018-4265 page
- SUSE CVE CVE-2018-4266 page
- SUSE CVE CVE-2018-4267 page
Описание
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4191
- SUSE Bug 1110279
Описание
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4197
- SUSE Bug 1110279
Описание
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
Затронутые продукты
Ссылки
- CVE-2018-4207
- SUSE Bug 1110279
Описание
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
Затронутые продукты
Ссылки
- CVE-2018-4208
- SUSE Bug 1110279
Описание
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
Затронутые продукты
Ссылки
- CVE-2018-4209
- SUSE Bug 1110279
Описание
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.
Затронутые продукты
Ссылки
- CVE-2018-4210
- SUSE Bug 1110279
Описание
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
Затронутые продукты
Ссылки
- CVE-2018-4212
- SUSE Bug 1110279
Описание
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
Затронутые продукты
Ссылки
- CVE-2018-4213
- SUSE Bug 1110279
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4261
- SUSE Bug 1104169
Описание
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
Затронутые продукты
Ссылки
- CVE-2018-4262
- SUSE Bug 1104169
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4263
- SUSE Bug 1104169
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4264
- SUSE Bug 1104169
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4265
- SUSE Bug 1104169
Описание
A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4266
- SUSE Bug 1104169
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4267
- SUSE Bug 1104169
Описание
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4270
- SUSE Bug 1104169
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4272
- SUSE Bug 1104169
Описание
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4273
- SUSE Bug 1104169
Описание
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
Затронутые продукты
Ссылки
- CVE-2018-4278
- SUSE Bug 1104169
Описание
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Затронутые продукты
Ссылки
- CVE-2018-4284
- SUSE Bug 1104169
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4299
- SUSE Bug 1110279
Описание
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4306
- SUSE Bug 1110279
Описание
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4309
- SUSE Bug 1110279
Описание
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4312
- SUSE Bug 1110279
Описание
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4314
- SUSE Bug 1110279
Описание
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4315
- SUSE Bug 1110279
Описание
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4316
- SUSE Bug 1110279
Описание
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4317
- SUSE Bug 1110279
Описание
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4318
- SUSE Bug 1110279
Описание
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4319
- SUSE Bug 1110279
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4323
- SUSE Bug 1110279
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4328
- SUSE Bug 1110279
Описание
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4345
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4358
- SUSE Bug 1110279
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4359
- SUSE Bug 1110279
Описание
A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Затронутые продукты
Ссылки
- CVE-2018-4361
- SUSE Bug 1110279
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4372
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4373
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4375
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4376
- SUSE Bug 1116998
Описание
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4378
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4382
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4386
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4392
- SUSE Bug 1116998
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Затронутые продукты
Ссылки
- CVE-2018-4416
- SUSE Bug 1116998