Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:0397-1

Опубликовано: 13 фев. 2023
Источник: suse-cvrf

Описание

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues:

Update to version 2.38.4 (boo#1207997):

  • CVE-2023-23517: Fixed web content processing that could have led to arbitrary code execution.
  • CVE-2023-23518: Fixed web content processing that could have led to arbitrary code execution.
  • CVE-2023-42826: Fixed a use-after-free issue that was caused by improper memory management.

Список пакетов

SUSE Linux Enterprise Server 12 SP5
libjavascriptcoregtk-4_0-18-2.38.4-2.126.1
libwebkit2gtk-4_0-37-2.38.4-2.126.1
libwebkit2gtk3-lang-2.38.4-2.126.1
typelib-1_0-JavaScriptCore-4_0-2.38.4-2.126.1
typelib-1_0-WebKit2-4_0-2.38.4-2.126.1
typelib-1_0-WebKit2WebExtension-4_0-2.38.4-2.126.1
webkit2gtk-4_0-injected-bundles-2.38.4-2.126.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libjavascriptcoregtk-4_0-18-2.38.4-2.126.1
libwebkit2gtk-4_0-37-2.38.4-2.126.1
libwebkit2gtk3-lang-2.38.4-2.126.1
typelib-1_0-JavaScriptCore-4_0-2.38.4-2.126.1
typelib-1_0-WebKit2-4_0-2.38.4-2.126.1
typelib-1_0-WebKit2WebExtension-4_0-2.38.4-2.126.1
webkit2gtk-4_0-injected-bundles-2.38.4-2.126.1
SUSE Linux Enterprise Software Development Kit 12 SP5
typelib-1_0-WebKit2WebExtension-4_0-2.38.4-2.126.1
webkit2gtk3-devel-2.38.4-2.126.1

Ссылки

Описание

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.4-2.126.1
Ссылки

Описание

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.4-2.126.1
Ссылки

Описание

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.38.4-2.126.1
SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.4-2.126.1
Ссылки
Уязвимость SUSE-SU-2023:0397-1