Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:3137-1

Опубликовано: 07 сент. 2022
Источник: suse-cvrf

Описание

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues:

  • Updated to version 2.36.7 (bsc#1202807):

    • CVE-2022-32893: Fixed an issue that would be triggered when processing malicious web content and that could lead to arbitrary code execution.
    • Fixed several crashes and rendering issues.

  • Updated to version 2.36.6:

    • Fixed handling of touchpad scrolling on GTK4 builds
    • Fixed WebKitGTK not allowing to be used from non-main threads (bsc#1202169).
    • Fixed several crashes and rendering issues

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP4
libjavascriptcoregtk-4_0-18-2.36.7-150400.4.12.1
libwebkit2gtk-4_0-37-2.36.7-150400.4.12.1
typelib-1_0-JavaScriptCore-4_0-2.36.7-150400.4.12.1
typelib-1_0-WebKit2-4_0-2.36.7-150400.4.12.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.7-150400.4.12.1
webkit2gtk-4_0-injected-bundles-2.36.7-150400.4.12.1
webkit2gtk3-soup2-devel-2.36.7-150400.4.12.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4
libjavascriptcoregtk-4_1-0-2.36.7-150400.4.12.1
libwebkit2gtk-4_1-0-2.36.7-150400.4.12.1
typelib-1_0-JavaScriptCore-4_1-2.36.7-150400.4.12.1
typelib-1_0-WebKit2-4_1-2.36.7-150400.4.12.1
typelib-1_0-WebKit2WebExtension-4_1-2.36.7-150400.4.12.1
webkit2gtk-4_1-injected-bundles-2.36.7-150400.4.12.1
webkit2gtk3-devel-2.36.7-150400.4.12.1
SUSE Linux Enterprise Module for Development Tools 15 SP4
libjavascriptcoregtk-5_0-0-2.36.7-150400.4.12.1
libwebkit2gtk-5_0-0-2.36.7-150400.4.12.1
typelib-1_0-JavaScriptCore-5_0-2.36.7-150400.4.12.1
typelib-1_0-WebKit2-5_0-2.36.7-150400.4.12.1
webkit2gtk-5_0-injected-bundles-2.36.7-150400.4.12.1
openSUSE Leap 15.4
WebKit2GTK-4.0-lang-2.36.7-150400.4.12.1
WebKit2GTK-4.1-lang-2.36.7-150400.4.12.1
WebKit2GTK-5.0-lang-2.36.7-150400.4.12.1
libjavascriptcoregtk-4_0-18-2.36.7-150400.4.12.1
libjavascriptcoregtk-4_0-18-32bit-2.36.7-150400.4.12.1
libjavascriptcoregtk-4_1-0-2.36.7-150400.4.12.1
libjavascriptcoregtk-4_1-0-32bit-2.36.7-150400.4.12.1
libjavascriptcoregtk-5_0-0-2.36.7-150400.4.12.1
libwebkit2gtk-4_0-37-2.36.7-150400.4.12.1
libwebkit2gtk-4_0-37-32bit-2.36.7-150400.4.12.1
libwebkit2gtk-4_1-0-2.36.7-150400.4.12.1
libwebkit2gtk-4_1-0-32bit-2.36.7-150400.4.12.1
libwebkit2gtk-5_0-0-2.36.7-150400.4.12.1
typelib-1_0-JavaScriptCore-4_0-2.36.7-150400.4.12.1
typelib-1_0-JavaScriptCore-4_1-2.36.7-150400.4.12.1
typelib-1_0-JavaScriptCore-5_0-2.36.7-150400.4.12.1
typelib-1_0-WebKit2-4_0-2.36.7-150400.4.12.1
typelib-1_0-WebKit2-4_1-2.36.7-150400.4.12.1
typelib-1_0-WebKit2-5_0-2.36.7-150400.4.12.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.7-150400.4.12.1
typelib-1_0-WebKit2WebExtension-4_1-2.36.7-150400.4.12.1
typelib-1_0-WebKit2WebExtension-5_0-2.36.7-150400.4.12.1
webkit-jsc-4-2.36.7-150400.4.12.1
webkit-jsc-4.1-2.36.7-150400.4.12.1
webkit-jsc-5.0-2.36.7-150400.4.12.1
webkit2gtk-4_0-injected-bundles-2.36.7-150400.4.12.1
webkit2gtk-4_1-injected-bundles-2.36.7-150400.4.12.1
webkit2gtk-5_0-injected-bundles-2.36.7-150400.4.12.1
webkit2gtk3-devel-2.36.7-150400.4.12.1
webkit2gtk3-minibrowser-2.36.7-150400.4.12.1
webkit2gtk3-soup2-devel-2.36.7-150400.4.12.1
webkit2gtk3-soup2-minibrowser-2.36.7-150400.4.12.1
webkit2gtk4-devel-2.36.7-150400.4.12.1
webkit2gtk4-minibrowser-2.36.7-150400.4.12.1

Ссылки

Описание

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP4:libjavascriptcoregtk-4_0-18-2.36.7-150400.4.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:libwebkit2gtk-4_0-37-2.36.7-150400.4.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:typelib-1_0-JavaScriptCore-4_0-2.36.7-150400.4.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:typelib-1_0-WebKit2-4_0-2.36.7-150400.4.12.1
Ссылки
Уязвимость SUSE-SU-2022:3137-1