Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
- CVE-2021-30846: Fixed memory corruption issue that could lead to arbitrary code execution when processing maliciously crafted web content (bsc#1192063).
- CVE-2021-30851: Fixed memory corruption vulnerability that could lead to arbitrary code execution when processing maliciously crafted web content (bsc#1192063).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP2
libjavascriptcoregtk-4_0-18-2.34.1-18.1
libwebkit2gtk-4_0-37-2.34.1-18.1
libwebkit2gtk3-lang-2.34.1-18.1
webkit2gtk-4_0-injected-bundles-2.34.1-18.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
libjavascriptcoregtk-4_0-18-2.34.1-18.1
libwebkit2gtk-4_0-37-2.34.1-18.1
libwebkit2gtk3-lang-2.34.1-18.1
webkit2gtk-4_0-injected-bundles-2.34.1-18.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
typelib-1_0-JavaScriptCore-4_0-2.34.1-18.1
typelib-1_0-WebKit2-4_0-2.34.1-18.1
typelib-1_0-WebKit2WebExtension-4_0-2.34.1-18.1
webkit2gtk3-devel-2.34.1-18.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
typelib-1_0-JavaScriptCore-4_0-2.34.1-18.1
typelib-1_0-WebKit2-4_0-2.34.1-18.1
typelib-1_0-WebKit2WebExtension-4_0-2.34.1-18.1
webkit2gtk3-devel-2.34.1-18.1
Ссылки
- Link for SUSE-SU-2021:3874-1
- E-Mail link for SUSE-SU-2021:3874-1
- SUSE Security Ratings
- SUSE Bug 1192063
- SUSE CVE CVE-2021-30846 page
- SUSE CVE CVE-2021-30851 page
Описание
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP2:libjavascriptcoregtk-4_0-18-2.34.1-18.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libwebkit2gtk-4_0-37-2.34.1-18.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libwebkit2gtk3-lang-2.34.1-18.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:webkit2gtk-4_0-injected-bundles-2.34.1-18.1
Ссылки
- CVE-2021-30846
- SUSE Bug 1192063
Описание
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP2:libjavascriptcoregtk-4_0-18-2.34.1-18.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libwebkit2gtk-4_0-37-2.34.1-18.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libwebkit2gtk3-lang-2.34.1-18.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:webkit2gtk-4_0-injected-bundles-2.34.1-18.1
Ссылки
- CVE-2021-30851
- SUSE Bug 1192063