Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
- CVE-2025-43343: improved memory handling in web content processing to prevent process crash (bsc#1251975)
- CVE-2025-43272: improved memory handling to prevent unexpected process crash (bsc#1250439)
- CVE-2025-43342: correctness issue was addressed with improved checks to prevent unexcepted process crash (bsc#1250440)
- CVE-2025-43356: improved handling of caches to prevent sensor access without consent (bsc#1250441)
- CVE-2025-43368: improved memory management to prevent a use-after-free (bsc#1250442)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
libwebkit2gtk-4_0-37-2.50.1-150600.12.48.3
libwebkitgtk-6_0-4-2.50.1-150600.12.48.3
typelib-1_0-JavaScriptCore-4_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit2-4_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150600.12.48.3
webkit2gtk-4_0-injected-bundles-2.50.1-150600.12.48.3
webkit2gtk3-soup2-devel-2.50.1-150600.12.48.3
webkitgtk-6_0-injected-bundles-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP7
WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
libwebkit2gtk-4_0-37-2.50.1-150600.12.48.3
libwebkitgtk-6_0-4-2.50.1-150600.12.48.3
typelib-1_0-JavaScriptCore-4_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit2-4_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150600.12.48.3
webkit2gtk-4_0-injected-bundles-2.50.1-150600.12.48.3
webkit2gtk3-soup2-devel-2.50.1-150600.12.48.3
webkitgtk-6_0-injected-bundles-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
WebKitGTK-4.1-lang-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_1-0-2.50.1-150600.12.48.3
libwebkit2gtk-4_1-0-2.50.1-150600.12.48.3
typelib-1_0-JavaScriptCore-4_1-2.50.1-150600.12.48.3
typelib-1_0-WebKit2-4_1-2.50.1-150600.12.48.3
typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150600.12.48.3
webkit2gtk-4_1-injected-bundles-2.50.1-150600.12.48.3
webkit2gtk3-devel-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Desktop Applications 15 SP7
WebKitGTK-4.1-lang-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_1-0-2.50.1-150600.12.48.3
libwebkit2gtk-4_1-0-2.50.1-150600.12.48.3
typelib-1_0-JavaScriptCore-4_1-2.50.1-150600.12.48.3
typelib-1_0-WebKit2-4_1-2.50.1-150600.12.48.3
typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150600.12.48.3
webkit2gtk-4_1-injected-bundles-2.50.1-150600.12.48.3
webkit2gtk3-devel-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Development Tools 15 SP6
typelib-1_0-JavaScriptCore-6_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit-6_0-2.50.1-150600.12.48.3
typelib-1_0-WebKitWebProcessExtension-6_0-2.50.1-150600.12.48.3
webkit2gtk4-devel-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Development Tools 15 SP7
typelib-1_0-JavaScriptCore-6_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit-6_0-2.50.1-150600.12.48.3
typelib-1_0-WebKitWebProcessExtension-6_0-2.50.1-150600.12.48.3
webkit2gtk4-devel-2.50.1-150600.12.48.3
openSUSE Leap 15.6
WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
WebKitGTK-4.1-lang-2.50.1-150600.12.48.3
WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_0-18-32bit-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_1-0-2.50.1-150600.12.48.3
libjavascriptcoregtk-4_1-0-32bit-2.50.1-150600.12.48.3
libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
libwebkit2gtk-4_0-37-2.50.1-150600.12.48.3
libwebkit2gtk-4_0-37-32bit-2.50.1-150600.12.48.3
libwebkit2gtk-4_1-0-2.50.1-150600.12.48.3
libwebkit2gtk-4_1-0-32bit-2.50.1-150600.12.48.3
libwebkitgtk-6_0-4-2.50.1-150600.12.48.3
typelib-1_0-JavaScriptCore-4_0-2.50.1-150600.12.48.3
typelib-1_0-JavaScriptCore-4_1-2.50.1-150600.12.48.3
typelib-1_0-JavaScriptCore-6_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit-6_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit2-4_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit2-4_1-2.50.1-150600.12.48.3
typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150600.12.48.3
typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150600.12.48.3
typelib-1_0-WebKitWebProcessExtension-6_0-2.50.1-150600.12.48.3
webkit-jsc-4-2.50.1-150600.12.48.3
webkit-jsc-4.1-2.50.1-150600.12.48.3
webkit-jsc-6.0-2.50.1-150600.12.48.3
webkit2gtk-4_0-injected-bundles-2.50.1-150600.12.48.3
webkit2gtk-4_1-injected-bundles-2.50.1-150600.12.48.3
webkit2gtk3-devel-2.50.1-150600.12.48.3
webkit2gtk3-minibrowser-2.50.1-150600.12.48.3
webkit2gtk3-soup2-devel-2.50.1-150600.12.48.3
webkit2gtk3-soup2-minibrowser-2.50.1-150600.12.48.3
webkit2gtk4-devel-2.50.1-150600.12.48.3
webkit2gtk4-minibrowser-2.50.1-150600.12.48.3
webkitgtk-6_0-injected-bundles-2.50.1-150600.12.48.3
Ссылки
- Link for SUSE-SU-2025:3701-1
- E-Mail link for SUSE-SU-2025:3701-1
- SUSE Security Ratings
- SUSE Bug 1250439
- SUSE Bug 1250440
- SUSE Bug 1250441
- SUSE Bug 1250442
- SUSE Bug 1251975
- SUSE CVE CVE-2025-43272 page
- SUSE CVE CVE-2025-43342 page
- SUSE CVE CVE-2025-43343 page
- SUSE CVE CVE-2025-43356 page
- SUSE CVE CVE-2025-43368 page
Описание
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
Ссылки
- CVE-2025-43272
- SUSE Bug 1250439
Описание
A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
Ссылки
- CVE-2025-43342
- SUSE Bug 1250440
Описание
The issue was addressed with improved memory handling. This issue is fixed in tvOS 26, Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
Ссылки
- CVE-2025-43343
- SUSE Bug 1251975
Описание
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
Ссылки
- CVE-2025-43356
- SUSE Bug 1250441
Описание
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-4.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:WebKitGTK-6.0-lang-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-4_0-18-2.50.1-150600.12.48.3
SUSE Linux Enterprise Module for Basesystem 15 SP6:libjavascriptcoregtk-6_0-1-2.50.1-150600.12.48.3
Ссылки
- CVE-2025-43368
- SUSE Bug 1250442