[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2024:0003-1 -- SLES webkit2gtk3, typelib-1_0-WebKit2-4_0, typelib-1_0-JavaScriptCore-4_0, libjavascriptcoregtk-4_0-18, typelib-1_0-WebKit2WebExtension-4_0, webkit2gtk-4_0-injected-bundles, libwebkit2gtk-4_0-37, libwebkit2gtk3-lang

ID: oval:org.secpod.oval:def:89051322Date: (C)2024-01-23   (M)2024-02-26
Class: PATCHFamily: unix




This update for webkit2gtk3 fixes the following issues: * CVE-2023-42890: Fixed processing malicious web content may lead to arbitrary code execution . * CVE-2023-42883: Fixed processing a malicious image may lead to a denial-of- service . * CVE-2023-41074: Fixed use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports . * CVE-2023-40451, CVE-2023-41074: Update to version 2.42.4 .

Platform:
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
Product:
webkit2gtk3
typelib-1_0-WebKit2-4_0
typelib-1_0-JavaScriptCore-4_0
libjavascriptcoregtk-4_0-18
typelib-1_0-WebKit2WebExtension-4_0
webkit2gtk-4_0-injected-bundles
libwebkit2gtk-4_0-37
libwebkit2gtk3-lang
Reference:
SUSE-SU-2024:0003-1
CVE-2023-32359
CVE-2023-39928
CVE-2023-41074
CVE-2023-42883
CVE-2023-42890
CVE-2023-40451
CVE    6
CVE-2023-40451
CVE-2023-41074
CVE-2023-39928
CVE-2023-32359
...
CPE    9
cpe:/a:webkit2gtk-4_0-injected-bundles:webkit2gtk-4_0-injected-bundles
cpe:/a:libwebkit2gtk3-lang:libwebkit2gtk3-lang
cpe:/a:webkitgtk:webkit2gtk3
cpe:/a:libwebkit2gtk-4_0-37:libwebkit2gtk-4_0-37
...

© SecPod Technologies