OPENSUSE-SU-2019:2587-1
Vulnerability Summary
Timeline
Description
Security update for webkit2gtk3 This update for webkit2gtk3 to version 2.26.2 fixes the following issues: Webkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and WSA-2019-0006, bsc#1155321 bsc#1156318) Security issues addressed: - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8674: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8707: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8719: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8720: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8726: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8733: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8735: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8763: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8768: Fixed an issue where a user may be unable to delete browsing history items. - CVE-2019-8769: Fixed an issue where a maliciously crafted website may reveal browsing history. - CVE-2019-8771: Fixed an issue where a maliciously crafted web content may violate iframe sandboxing policy. - CVE-2019-8710: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8743: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8764: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8765: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8766: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8782: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8783: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8808: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8811: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8812: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8813: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8814: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8815: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8816: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8819: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8820: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8821: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8822: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8823: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•webkit2gtk3&distro=openSUSE Leap 15.0
< 2.26.2-lp150.2.28.1
References (45)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK
- https://bugzilla.suse.com/1155321
- https://bugzilla.suse.com/1156318
- https://www.suse.com/security/cve/CVE-2019-8551
- https://www.suse.com/security/cve/CVE-2019-8558
- https://www.suse.com/security/cve/CVE-2019-8559
- https://www.suse.com/security/cve/CVE-2019-8563
- https://www.suse.com/security/cve/CVE-2019-8625
- https://www.suse.com/security/cve/CVE-2019-8674
- https://www.suse.com/security/cve/CVE-2019-8681
- https://www.suse.com/security/cve/CVE-2019-8684
- https://www.suse.com/security/cve/CVE-2019-8686
- https://www.suse.com/security/cve/CVE-2019-8687
- https://www.suse.com/security/cve/CVE-2019-8688
- https://www.suse.com/security/cve/CVE-2019-8689
- https://www.suse.com/security/cve/CVE-2019-8690
- https://www.suse.com/security/cve/CVE-2019-8707
- https://www.suse.com/security/cve/CVE-2019-8710
- https://www.suse.com/security/cve/CVE-2019-8719
- https://www.suse.com/security/cve/CVE-2019-8720
- https://www.suse.com/security/cve/CVE-2019-8726
- https://www.suse.com/security/cve/CVE-2019-8733
- https://www.suse.com/security/cve/CVE-2019-8735
- https://www.suse.com/security/cve/CVE-2019-8743
- https://www.suse.com/security/cve/CVE-2019-8763
- https://www.suse.com/security/cve/CVE-2019-8764
- https://www.suse.com/security/cve/CVE-2019-8765
- https://www.suse.com/security/cve/CVE-2019-8766
- https://www.suse.com/security/cve/CVE-2019-8768
- https://www.suse.com/security/cve/CVE-2019-8769
- https://www.suse.com/security/cve/CVE-2019-8771
- https://www.suse.com/security/cve/CVE-2019-8782
- https://www.suse.com/security/cve/CVE-2019-8783
- https://www.suse.com/security/cve/CVE-2019-8808
- https://www.suse.com/security/cve/CVE-2019-8811
- https://www.suse.com/security/cve/CVE-2019-8812
- https://www.suse.com/security/cve/CVE-2019-8813
- https://www.suse.com/security/cve/CVE-2019-8814
- https://www.suse.com/security/cve/CVE-2019-8815
- https://www.suse.com/security/cve/CVE-2019-8816
- https://www.suse.com/security/cve/CVE-2019-8819
- https://www.suse.com/security/cve/CVE-2019-8820
- https://www.suse.com/security/cve/CVE-2019-8821
- https://www.suse.com/security/cve/CVE-2019-8822
- https://www.suse.com/security/cve/CVE-2019-8823