Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
- CVE-2024-40776: Fixed a use-after-free issue with improved memory management (bsc#1228613).
- CVE-2024-40779: Fixed a out-of-bounds read with improved bounds checking (bsc#1228693).
- CVE-2024-40780: Fixed another out-of-bounds read with improved bounds checking (bsc#1228694).
- CVE-2024-40782: Fixed a second use-after-free issue with improved memory management (bsc#1228695).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
libwebkit2gtk-4_0-37-2.44.2-150600.12.6.1
libwebkitgtk-6_0-4-2.44.2-150600.12.6.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.6.1
typelib-1_0-WebKit2-4_0-2.44.2-150600.12.6.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.6.1
webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.6.1
webkit2gtk3-soup2-devel-2.44.2-150600.12.6.1
webkitgtk-6_0-injected-bundles-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
WebKitGTK-4.1-lang-2.44.2-150600.12.6.1
libjavascriptcoregtk-4_1-0-2.44.2-150600.12.6.1
libwebkit2gtk-4_1-0-2.44.2-150600.12.6.1
typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.6.1
typelib-1_0-WebKit2-4_1-2.44.2-150600.12.6.1
typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.6.1
webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.6.1
webkit2gtk3-devel-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Development Tools 15 SP6
typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.6.1
typelib-1_0-WebKit-6_0-2.44.2-150600.12.6.1
typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.6.1
webkit2gtk4-devel-2.44.2-150600.12.6.1
openSUSE Leap 15.6
WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
WebKitGTK-4.1-lang-2.44.2-150600.12.6.1
WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
libjavascriptcoregtk-4_0-18-32bit-2.44.2-150600.12.6.1
libjavascriptcoregtk-4_1-0-2.44.2-150600.12.6.1
libjavascriptcoregtk-4_1-0-32bit-2.44.2-150600.12.6.1
libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
libwebkit2gtk-4_0-37-2.44.2-150600.12.6.1
libwebkit2gtk-4_0-37-32bit-2.44.2-150600.12.6.1
libwebkit2gtk-4_1-0-2.44.2-150600.12.6.1
libwebkit2gtk-4_1-0-32bit-2.44.2-150600.12.6.1
libwebkitgtk-6_0-4-2.44.2-150600.12.6.1
typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.6.1
typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.6.1
typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.6.1
typelib-1_0-WebKit-6_0-2.44.2-150600.12.6.1
typelib-1_0-WebKit2-4_0-2.44.2-150600.12.6.1
typelib-1_0-WebKit2-4_1-2.44.2-150600.12.6.1
typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.6.1
typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.6.1
typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.6.1
webkit-jsc-4-2.44.2-150600.12.6.1
webkit-jsc-4.1-2.44.2-150600.12.6.1
webkit-jsc-6.0-2.44.2-150600.12.6.1
webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.6.1
webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.6.1
webkit2gtk3-devel-2.44.2-150600.12.6.1
webkit2gtk3-minibrowser-2.44.2-150600.12.6.1
webkit2gtk3-soup2-devel-2.44.2-150600.12.6.1
webkit2gtk3-soup2-minibrowser-2.44.2-150600.12.6.1
webkit2gtk4-devel-2.44.2-150600.12.6.1
webkit2gtk4-minibrowser-2.44.2-150600.12.6.1
webkitgtk-6_0-injected-bundles-2.44.2-150600.12.6.1
Ссылки
- Link for SUSE-SU-2024:2905-1
- E-Mail link for SUSE-SU-2024:2905-1
- SUSE Security Ratings
- SUSE Bug 1228613
- SUSE Bug 1228693
- SUSE Bug 1228694
- SUSE Bug 1228695
- SUSE CVE CVE-2024-40776 page
- SUSE CVE CVE-2024-40779 page
- SUSE CVE CVE-2024-40780 page
- SUSE CVE CVE-2024-40782 page
Описание
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
Ссылки
- CVE-2024-40776
- SUSE Bug 1228613
Описание
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
Ссылки
- CVE-2024-40779
- SUSE Bug 1228693
Описание
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
Ссылки
- CVE-2024-40780
- SUSE Bug 1228694
Описание
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
Ссылки
- CVE-2024-40782
- SUSE Bug 1228695