Описание
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues:
Update to version 2.30.5 (bsc#1182286):
- Bring back the WebKitPluginProcess installation that was removed by mistake.
- Fix RunLoop objects leaked in worker threads.
- Fix aarch64 llint build with JIT disabled.
- Use Internet Explorer quirk for Google Docs.
- Security fixes: CVE-2020-13558.
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Список пакетов
openSUSE Leap 15.2
libjavascriptcoregtk-4_0-18-2.30.5-lp152.2.10.5
libjavascriptcoregtk-4_0-18-32bit-2.30.5-lp152.2.10.5
libwebkit2gtk-4_0-37-2.30.5-lp152.2.10.5
libwebkit2gtk-4_0-37-32bit-2.30.5-lp152.2.10.5
libwebkit2gtk3-lang-2.30.5-lp152.2.10.5
typelib-1_0-JavaScriptCore-4_0-2.30.5-lp152.2.10.5
typelib-1_0-WebKit2-4_0-2.30.5-lp152.2.10.5
typelib-1_0-WebKit2WebExtension-4_0-2.30.5-lp152.2.10.5
webkit-jsc-4-2.30.5-lp152.2.10.5
webkit2gtk-4_0-injected-bundles-2.30.5-lp152.2.10.5
webkit2gtk3-devel-2.30.5-lp152.2.10.5
webkit2gtk3-minibrowser-2.30.5-lp152.2.10.5
Ссылки
- E-Mail link for openSUSE-SU-2021:0376-1
- SUSE Security Ratings
- SUSE Bug 1182286
- SUSE CVE CVE-2020-13558 page
Описание
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.
Затронутые продукты
openSUSE Leap 15.2:libjavascriptcoregtk-4_0-18-2.30.5-lp152.2.10.5
openSUSE Leap 15.2:libjavascriptcoregtk-4_0-18-32bit-2.30.5-lp152.2.10.5
openSUSE Leap 15.2:libwebkit2gtk-4_0-37-2.30.5-lp152.2.10.5
openSUSE Leap 15.2:libwebkit2gtk-4_0-37-32bit-2.30.5-lp152.2.10.5
Ссылки
- CVE-2020-13558
- SUSE Bug 1182286