Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
Update to version 2.42.3 (bsc#1217844):
- Fix flickering while playing videos with DMA-BUF sink.
- Fix color picker being triggered in the inspector when typing 'tan'.
- Do not special case the 'sans' font family name.
- Fix build failure with libxml2 version 2.12.0 due to an API change.
- Fix several crashes and rendering issues.
- Security fixes: CVE-2023-42916, CVE-2023-42917.
Список пакетов
SUSE Enterprise Storage 7.1
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
libwebkit2gtk-4_0-37-2.42.3-150200.94.1
libwebkit2gtk3-lang-2.42.3-150200.94.1
typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2-4_0-2.42.3-150200.94.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.3-150200.94.1
webkit2gtk-4_0-injected-bundles-2.42.3-150200.94.1
webkit2gtk3-devel-2.42.3-150200.94.1
Ссылки
- Link for SUSE-SU-2023:4824-1
- E-Mail link for SUSE-SU-2023:4824-1
- SUSE Security Ratings
- SUSE Bug 1217844
- SUSE CVE CVE-2023-42916 page
- SUSE CVE CVE-2023-42917 page
Описание
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Затронутые продукты
SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.42.3-150200.94.1
SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.42.3-150200.94.1
SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
Ссылки
- CVE-2023-42916
- SUSE Bug 1217844
Описание
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Затронутые продукты
SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.42.3-150200.94.1
SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.42.3-150200.94.1
SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.42.3-150200.94.1
SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.42.3-150200.94.1
Ссылки
- CVE-2023-42917
- SUSE Bug 1217844
- SUSE Bug 1218407