Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
- CVE-2024-23222: Fixed type confusion that may lead to arbitrary code execution. (bsc#1219113)
Список пакетов
SUSE Enterprise Storage 7.1
libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
libwebkit2gtk-4_0-37-2.42.4-150200.100.1
libwebkit2gtk3-lang-2.42.4-150200.100.1
typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.4-150200.100.1
webkit2gtk-4_0-injected-bundles-2.42.4-150200.100.1
webkit2gtk3-devel-2.42.4-150200.100.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
libwebkit2gtk-4_0-37-2.42.4-150200.100.1
libwebkit2gtk3-lang-2.42.4-150200.100.1
typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.4-150200.100.1
webkit2gtk-4_0-injected-bundles-2.42.4-150200.100.1
webkit2gtk3-devel-2.42.4-150200.100.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
libwebkit2gtk-4_0-37-2.42.4-150200.100.1
libwebkit2gtk3-lang-2.42.4-150200.100.1
typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.4-150200.100.1
webkit2gtk-4_0-injected-bundles-2.42.4-150200.100.1
webkit2gtk3-devel-2.42.4-150200.100.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
libwebkit2gtk-4_0-37-2.42.4-150200.100.1
libwebkit2gtk3-lang-2.42.4-150200.100.1
typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.4-150200.100.1
webkit2gtk-4_0-injected-bundles-2.42.4-150200.100.1
webkit2gtk3-devel-2.42.4-150200.100.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
libwebkit2gtk-4_0-37-2.42.4-150200.100.1
libwebkit2gtk3-lang-2.42.4-150200.100.1
typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.4-150200.100.1
webkit2gtk-4_0-injected-bundles-2.42.4-150200.100.1
webkit2gtk3-devel-2.42.4-150200.100.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
libwebkit2gtk-4_0-37-2.42.4-150200.100.1
libwebkit2gtk3-lang-2.42.4-150200.100.1
typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.4-150200.100.1
webkit2gtk-4_0-injected-bundles-2.42.4-150200.100.1
webkit2gtk3-devel-2.42.4-150200.100.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
libwebkit2gtk-4_0-37-2.42.4-150200.100.1
libwebkit2gtk3-lang-2.42.4-150200.100.1
typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2-4_0-2.42.4-150200.100.1
typelib-1_0-WebKit2WebExtension-4_0-2.42.4-150200.100.1
webkit2gtk-4_0-injected-bundles-2.42.4-150200.100.1
webkit2gtk3-devel-2.42.4-150200.100.1
Ссылки
- Link for SUSE-SU-2024:0301-1
- E-Mail link for SUSE-SU-2024:0301-1
- SUSE Security Ratings
- SUSE Bug 1219113
- SUSE CVE CVE-2024-23222 page
Описание
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
Затронутые продукты
SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.42.4-150200.100.1
SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.42.4-150200.100.1
SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.42.4-150200.100.1
SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.42.4-150200.100.1
Ссылки
- CVE-2024-23222
- SUSE Bug 1219113
- SUSE Bug 1219604