Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
- Update to version 2.44.2
- CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. (bsc#1225071)
Список пакетов
SUSE Enterprise Storage 7.1
libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
libwebkit2gtk-4_0-37-2.44.2-150200.112.1
libwebkit2gtk3-lang-2.44.2-150200.112.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150200.112.1
webkit2gtk-4_0-injected-bundles-2.44.2-150200.112.1
webkit2gtk3-devel-2.44.2-150200.112.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
libwebkit2gtk-4_0-37-2.44.2-150200.112.1
libwebkit2gtk3-lang-2.44.2-150200.112.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150200.112.1
webkit2gtk-4_0-injected-bundles-2.44.2-150200.112.1
webkit2gtk3-devel-2.44.2-150200.112.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
libwebkit2gtk-4_0-37-2.44.2-150200.112.1
libwebkit2gtk3-lang-2.44.2-150200.112.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150200.112.1
webkit2gtk-4_0-injected-bundles-2.44.2-150200.112.1
webkit2gtk3-devel-2.44.2-150200.112.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
libwebkit2gtk-4_0-37-2.44.2-150200.112.1
libwebkit2gtk3-lang-2.44.2-150200.112.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150200.112.1
webkit2gtk-4_0-injected-bundles-2.44.2-150200.112.1
webkit2gtk3-devel-2.44.2-150200.112.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
libwebkit2gtk-4_0-37-2.44.2-150200.112.1
libwebkit2gtk3-lang-2.44.2-150200.112.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150200.112.1
webkit2gtk-4_0-injected-bundles-2.44.2-150200.112.1
webkit2gtk3-devel-2.44.2-150200.112.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
libwebkit2gtk-4_0-37-2.44.2-150200.112.1
libwebkit2gtk3-lang-2.44.2-150200.112.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150200.112.1
webkit2gtk-4_0-injected-bundles-2.44.2-150200.112.1
webkit2gtk3-devel-2.44.2-150200.112.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
libwebkit2gtk-4_0-37-2.44.2-150200.112.1
libwebkit2gtk3-lang-2.44.2-150200.112.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2-4_0-2.44.2-150200.112.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150200.112.1
webkit2gtk-4_0-injected-bundles-2.44.2-150200.112.1
webkit2gtk3-devel-2.44.2-150200.112.1
Ссылки
- Link for SUSE-SU-2024:2043-1
- E-Mail link for SUSE-SU-2024:2043-1
- SUSE Security Ratings
- SUSE Bug 1222905
- SUSE Bug 1225071
- SUSE CVE CVE-2024-23226 page
- SUSE CVE CVE-2024-27834 page
Описание
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. Processing web content may lead to arbitrary code execution.
Затронутые продукты
SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.44.2-150200.112.1
SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.44.2-150200.112.1
SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
Ссылки
- CVE-2024-23226
- SUSE Bug 1222905
Описание
The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
Затронутые продукты
SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.44.2-150200.112.1
SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.44.2-150200.112.1
SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.44.2-150200.112.1
SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.44.2-150200.112.1
Ссылки
- CVE-2024-27834
- SUSE Bug 1225071