Описание
Security update for webkit2gtk3
This update for webkit2gtk3 to version 2.22.6 fixes the following issues:
Security issues fixed:
- CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6215: Fixed a type confusion vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6216: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6217: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6226: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6227: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6229: Fixed a logic issue by improving validation which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6233: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.
- CVE-2019-6234: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.
Other issues addressed:
- Update to version 2.22.6 (bsc#1124937).
- Kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour.
- Fixed Web inspector magnifier under Wayland.
- Fixed garbled rendering of some websites (e.g. YouTube) while scrolling under X11.
- Fixed several crashes, race conditions, and rendering issues.
Список пакетов
SUSE Enterprise Storage 4
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Workstation Extension 12 SP3
SUSE Linux Enterprise Workstation Extension 12 SP4
SUSE OpenStack Cloud 7
Ссылки
- Link for SUSE-SU-2019:0511-1
- E-Mail link for SUSE-SU-2019:0511-1
- SUSE Security Ratings
- SUSE Bug 1124937
- SUSE CVE CVE-2019-6212 page
- SUSE CVE CVE-2019-6215 page
- SUSE CVE CVE-2019-6216 page
- SUSE CVE CVE-2019-6217 page
- SUSE CVE CVE-2019-6226 page
- SUSE CVE CVE-2019-6227 page
- SUSE CVE CVE-2019-6229 page
- SUSE CVE CVE-2019-6233 page
- SUSE CVE CVE-2019-6234 page
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6212
- SUSE Bug 1124937
Описание
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6215
- SUSE Bug 1124937
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6216
- SUSE Bug 1124937
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6217
- SUSE Bug 1124937
Описание
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6226
- SUSE Bug 1124937
Описание
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6227
- SUSE Bug 1124937
Описание
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting.
Затронутые продукты
Ссылки
- CVE-2019-6229
- SUSE Bug 1124937
Описание
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6233
- SUSE Bug 1124937
Описание
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2019-6234
- SUSE Bug 1124937