Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
Update to version 2.30.5 (bsc#1182286):
- Bring back the WebKitPluginProcess installation that was removed by mistake.
- Fix RunLoop objects leaked in worker threads.
- Fix aarch64 llint build with JIT disabled.
- Use Internet Explorer quirk for Google Docs.
- Security fixes: CVE-2020-13558.
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP2
libjavascriptcoregtk-4_0-18-2.30.5-3.12.1
libwebkit2gtk-4_0-37-2.30.5-3.12.1
libwebkit2gtk3-lang-2.30.5-3.12.1
webkit2gtk-4_0-injected-bundles-2.30.5-3.12.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
typelib-1_0-JavaScriptCore-4_0-2.30.5-3.12.1
typelib-1_0-WebKit2-4_0-2.30.5-3.12.1
typelib-1_0-WebKit2WebExtension-4_0-2.30.5-3.12.1
webkit2gtk3-devel-2.30.5-3.12.1
Ссылки
- Link for SUSE-SU-2021:0536-1
- E-Mail link for SUSE-SU-2021:0536-1
- SUSE Security Ratings
- SUSE Bug 1182286
- SUSE CVE CVE-2020-13558 page
Описание
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP2:libjavascriptcoregtk-4_0-18-2.30.5-3.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libwebkit2gtk-4_0-37-2.30.5-3.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libwebkit2gtk3-lang-2.30.5-3.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:webkit2gtk-4_0-injected-bundles-2.30.5-3.12.1
Ссылки
- CVE-2020-13558
- SUSE Bug 1182286