SUSE-SU-2023:4294-1
Vulnerability Summary
Timeline
Description
Security update for webkit2gtk3 This update for webkit2gtk3 ships missing Lang packages to SUSE Linux Enterprise 15 SP4 and SP5. Security fixes: - CVE-2023-41993: Fixed an issue where processing malicious web content could have lead to arbitrary code execution (bsc#1215661). - CVE-2023-39928: Fixed a use-after-free that could be exploited to execute arbitrary code when visiting a malicious webpage (bsc#1215868). - CVE-2023-41074: Fixed an issue where processing malicious web content could have lead to arbitrary code execution (bsc#1215870). Other fixes: - Fixed missing package dependencies (bsc#1215072).
Affected Systems
- opensuse•webkit2gtk3-soup2&distro=openSUSE Leap 15.4
< 2.42.1-150400.4.57.2
- opensuse•webkit2gtk3-soup2&distro=openSUSE Leap 15.5
< 2.42.1-150400.4.57.2
- opensuse•webkit2gtk3&distro=openSUSE Leap 15.4
< 2.42.1-150400.4.57.2
- opensuse•webkit2gtk3&distro=openSUSE Leap 15.5
< 2.42.1-150400.4.57.2
- opensuse•webkit2gtk4&distro=openSUSE Leap 15.4
< 2.42.1-150400.4.57.3
- opensuse•webkit2gtk4&distro=openSUSE Leap 15.5
< 2.42.1-150400.4.57.3
- suse•webkit2gtk3-soup2&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4
< 2.42.1-150400.4.57.2
- suse•webkit2gtk3-soup2&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 2.42.1-150400.4.57.2
- suse•webkit2gtk3&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP4
< 2.42.1-150400.4.57.2
- suse•webkit2gtk3&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP5
< 2.42.1-150400.4.57.2
- suse•webkit2gtk4&distro=SUSE Linux Enterprise Module for Development Tools 15 SP4
< 2.42.1-150400.4.57.3
- suse•webkit2gtk4&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 2.42.1-150400.4.57.3
References (18)
- https://www.suse.com/support/update/announcement/2023/suse-su-20234294-1/
- https://bugzilla.suse.com/1214093
- https://bugzilla.suse.com/1214640
- https://bugzilla.suse.com/1214835
- https://bugzilla.suse.com/1215072
- https://bugzilla.suse.com/1215661
- https://bugzilla.suse.com/1215866
- https://bugzilla.suse.com/1215867
- https://bugzilla.suse.com/1215868
- https://bugzilla.suse.com/1215869
- https://bugzilla.suse.com/1215870
- https://bugzilla.suse.com/1216483
- https://www.suse.com/security/cve/CVE-2023-35074
- https://www.suse.com/security/cve/CVE-2023-39434
- https://www.suse.com/security/cve/CVE-2023-39928
- https://www.suse.com/security/cve/CVE-2023-40451
- https://www.suse.com/security/cve/CVE-2023-41074
- https://www.suse.com/security/cve/CVE-2023-41993