You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa webkit2gtk3

Sigurnosni nedostaci programskog paketa webkit2gtk3

openSUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:0108-1
Rating: important
References: #1119553 #1119554 #1119555 #1119556 #1119557
#1119558
Cross-References: CVE-2018-4437 CVE-2018-4438 CVE-2018-4441
CVE-2018-4442 CVE-2018-4443 CVE-2018-4464

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update for webkit2gtk3 to version 2.22.5 fixes the following issues:

Security issues fixed:

– CVE-2018-4438: Fixed a logic issue which lead to memory corruption
(bsc#1119554)
– CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443,
CVE-2018-4464: Fixed multiple memory corruption issues with improved
memory handling (bsc#1119553, bsc#1119555, bsc#1119556, bsc#1119557,
bsc#1119558)

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2019-108=1

Package List:

– openSUSE Leap 42.3 (i586 x86_64):

libjavascriptcoregtk-4_0-18-2.22.5-18.1
libjavascriptcoregtk-4_0-18-debuginfo-2.22.5-18.1
libwebkit2gtk-4_0-37-2.22.5-18.1
libwebkit2gtk-4_0-37-debuginfo-2.22.5-18.1
typelib-1_0-JavaScriptCore-4_0-2.22.5-18.1
typelib-1_0-WebKit2-4_0-2.22.5-18.1
typelib-1_0-WebKit2WebExtension-4_0-2.22.5-18.1
webkit-jsc-4-2.22.5-18.1
webkit-jsc-4-debuginfo-2.22.5-18.1
webkit2gtk-4_0-injected-bundles-2.22.5-18.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.22.5-18.1
webkit2gtk3-debugsource-2.22.5-18.1
webkit2gtk3-devel-2.22.5-18.1
webkit2gtk3-minibrowser-2.22.5-18.1
webkit2gtk3-minibrowser-debuginfo-2.22.5-18.1
webkit2gtk3-plugin-process-gtk2-2.22.5-18.1
webkit2gtk3-plugin-process-gtk2-debuginfo-2.22.5-18.1

– openSUSE Leap 42.3 (noarch):

libwebkit2gtk3-lang-2.22.5-18.1

– openSUSE Leap 42.3 (x86_64):

libjavascriptcoregtk-4_0-18-32bit-2.22.5-18.1
libjavascriptcoregtk-4_0-18-debuginfo-32bit-2.22.5-18.1
libwebkit2gtk-4_0-37-32bit-2.22.5-18.1
libwebkit2gtk-4_0-37-debuginfo-32bit-2.22.5-18.1

References:

https://www.suse.com/security/cve/CVE-2018-4437.html
https://www.suse.com/security/cve/CVE-2018-4438.html
https://www.suse.com/security/cve/CVE-2018-4441.html
https://www.suse.com/security/cve/CVE-2018-4442.html
https://www.suse.com/security/cve/CVE-2018-4443.html
https://www.suse.com/security/cve/CVE-2018-4464.html
https://bugzilla.suse.com/1119553
https://bugzilla.suse.com/1119554
https://bugzilla.suse.com/1119555
https://bugzilla.suse.com/1119556
https://bugzilla.suse.com/1119557
https://bugzilla.suse.com/1119558


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni nedostatak jezgre operacijskog sustava

Otkriven je sigurnosni nedostatak jezgre operacijskog sustava Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja, izvršavanje proizvoljnog programskog koda...

Close