SUSE-SU-2022:3538-1

Опубликовано: 06 окт. 2022

Источник: suse-cvrf

Описание

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues:

Updated to version 2.36.8 (bsc#1203530):

CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution.
CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution.

Список пакетов

SUSE Enterprise Storage 7

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Linux Enterprise Module for Basesystem 15 SP3

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP3

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Linux Enterprise Server 15 SP2-BCL

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Linux Enterprise Server 15 SP2-LTSS

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Manager Proxy 4.1

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Manager Retail Branch Server 4.1

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

SUSE Manager Server 4.1

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

openSUSE Leap 15.3

libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

libjavascriptcoregtk-4_0-18-32bit-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-2.36.8-150200.47.1

libwebkit2gtk-4_0-37-32bit-2.36.8-150200.47.1

libwebkit2gtk3-lang-2.36.8-150200.47.1

typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2-4_0-2.36.8-150200.47.1

typelib-1_0-WebKit2WebExtension-4_0-2.36.8-150200.47.1

webkit-jsc-4-2.36.8-150200.47.1

webkit2gtk-4_0-injected-bundles-2.36.8-150200.47.1

webkit2gtk3-devel-2.36.8-150200.47.1

webkit2gtk3-minibrowser-2.36.8-150200.47.1

openSUSE Leap 15.4

libwebkit2gtk3-lang-2.36.8-150200.47.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223538-1/
Link for SUSE-SU-2022:3538-1
https://lists.suse.com/pipermail/sle-security-updates/2022-October/012501.html
E-Mail link for SUSE-SU-2022:3538-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1203530
SUSE Bug 1203530
https://www.suse.com/security/cve/CVE-2022-32886/
SUSE CVE CVE-2022-32886 page
https://www.suse.com/security/cve/CVE-2022-32912/
SUSE CVE CVE-2022-32912 page

Описание

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

SUSE Enterprise Storage 7:libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

SUSE Enterprise Storage 7:libwebkit2gtk-4_0-37-2.36.8-150200.47.1

SUSE Enterprise Storage 7:libwebkit2gtk3-lang-2.36.8-150200.47.1

SUSE Enterprise Storage 7:typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-32886.html
CVE-2022-32886
https://bugzilla.suse.com/1203530
SUSE Bug 1203530
https://bugzilla.suse.com/1204100
SUSE Bug 1204100

Описание

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

SUSE Enterprise Storage 7:libjavascriptcoregtk-4_0-18-2.36.8-150200.47.1

SUSE Enterprise Storage 7:libwebkit2gtk-4_0-37-2.36.8-150200.47.1

SUSE Enterprise Storage 7:libwebkit2gtk3-lang-2.36.8-150200.47.1

SUSE Enterprise Storage 7:typelib-1_0-JavaScriptCore-4_0-2.36.8-150200.47.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-32912.html
CVE-2022-32912
https://bugzilla.suse.com/1203530
SUSE Bug 1203530

SUSE-SU-2022:3538-1

Описание

Список пакетов

SUSE Enterprise Storage 7

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise Module for Basesystem 15 SP3

SUSE Linux Enterprise Module for Desktop Applications 15 SP3

SUSE Linux Enterprise Server 15 SP2-BCL

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP2

SUSE Manager Proxy 4.1

SUSE Manager Retail Branch Server 4.1

SUSE Manager Server 4.1

openSUSE Leap 15.3

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2022-32886

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-32912

Описание

Затронутые продукты

Ссылки