openSUSE-SU-2021:3874-1

Опубликовано: 02 дек. 2021

Источник: suse-cvrf

Описание

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues:

CVE-2021-30846: Fixed memory corruption issue that could lead to arbitrary code execution when processing maliciously crafted web content (bsc#1192063).
CVE-2021-30851: Fixed memory corruption vulnerability that could lead to arbitrary code execution when processing maliciously crafted web content (bsc#1192063).

Список пакетов

openSUSE Leap 15.3

libjavascriptcoregtk-4_0-18-2.34.1-18.1

libjavascriptcoregtk-4_0-18-32bit-2.34.1-18.1

libwebkit2gtk-4_0-37-2.34.1-18.1

libwebkit2gtk-4_0-37-32bit-2.34.1-18.1

libwebkit2gtk3-lang-2.34.1-18.1

typelib-1_0-JavaScriptCore-4_0-2.34.1-18.1

typelib-1_0-WebKit2-4_0-2.34.1-18.1

typelib-1_0-WebKit2WebExtension-4_0-2.34.1-18.1

webkit-jsc-4-2.34.1-18.1

webkit2gtk-4_0-injected-bundles-2.34.1-18.1

webkit2gtk3-devel-2.34.1-18.1

webkit2gtk3-minibrowser-2.34.1-18.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CNTYOXRXVCTEGNIBJB3F6WZPD4CNOQI7/
E-Mail link for openSUSE-SU-2021:3874-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1192063
SUSE Bug 1192063
https://www.suse.com/security/cve/CVE-2021-30846/
SUSE CVE CVE-2021-30846 page
https://www.suse.com/security/cve/CVE-2021-30851/
SUSE CVE CVE-2021-30851 page

Описание

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.1-18.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.1-18.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.1-18.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.1-18.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30846.html
CVE-2021-30846
https://bugzilla.suse.com/1192063
SUSE Bug 1192063

Описание

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.1-18.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.1-18.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.1-18.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.1-18.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30851.html
CVE-2021-30851
https://bugzilla.suse.com/1192063
SUSE Bug 1192063

openSUSE-SU-2021:3874-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-30846

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-30851

Описание

Затронутые продукты

Ссылки