SUSE-SU-2020:3864-1 -- SLES webkit2gtk3, libjavascriptcoregtkID: oval:org.secpod.oval:def:89002976 | Date: (C)2021-02-25 (M)2023-01-16 |
Class: PATCH | Family: unix |
This update for webkit2gtk3 fixes the following issues: -webkit2gtk3 was updated to version 2.30.3 : - CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-13584: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-9948: Fixed a type confusion which could have led to arbitrary code execution. - CVE-2021-9951: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-9983: Fixed an out of bounds write which could have led to arbitrary code execution. - Have the libwebkit2gtk package require libjavascriptcoregtk of the same version . - Enable c_loop on aarch64: currently needed for compilation to succeed with JIT disabled. Also disable sampling profiler, since it conflicts with c_loop .
Platform: |
SUSE Linux Enterprise Server 15 |
Product: |
webkit2gtk3 |
libjavascriptcoregtk |