Explore top 10 tips to secure your open-source projects now. Read More
×
This update for webkit2gtk3 to version 2.20.3 fixes the issues:
The following security vulnerabilities were addressed:
- CVE-2018-12911: Fixed an off-by-one error in xdg_mime_get_simple_globs
(boo#1101999)
- CVE-2017-13884: An unspecified issue allowed remote attackers to execute
arbitrary code or cause a denial of service (memory corruption and
application crash) via a crafted web site (bsc#1075775).
- CVE-2017-13885: An unspecified issue allowed remote attackers to execute
arbitrary code or cause a denial of service (memory corruption and
application crash) via a crafted web site (bsc#1075775).
- CVE-2017-7153: An unspecified issue allowed remote attackers to spoof
user-interface information (about whether the entire content is derived
from a valid TLS session) via a crafted web site that sends a 401
Unauthorized redirect (bsc#1077535).
- CVE-2017-7160: An unspecified issue allowed remote attackers to execute
...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-1288=1
- openSUSE Leap 42.3 (i586 x86_64):
libjavascriptcoregtk-4_0-18-2.20.3-11.1
libjavascriptcoregtk-4_0-18-debuginfo-2.20.3-11.1
libwebkit2gtk-4_0-37-2.20.3-11.1
libwebkit2gtk-4_0-37-debuginfo-2.20.3-11.1
typelib-1_0-JavaScriptCore-4_0-2.20.3-11.1
typelib-1_0-WebKit2-4_0-2.20.3-11.1
typelib-1_0-WebKit2WebExtension-4_0-2.20.3-11.1
webkit-jsc-4-2.20.3-11.1
webkit-jsc-4-debuginfo-2.20.3-11.1
webkit2gtk-4_0-injected-bundles-2.20.3-11.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.20.3-11.1
webkit2gtk3-debugsource-2.20.3-11.1
webkit2gtk3-devel-2.20.3-11.1
webkit2gtk3-plugin-process-gtk2-2.20.3-11.1
webkit2gtk3-plugin-process-gtk2-debuginfo-2.20.3-11.1
- openSUSE Leap 42.3 (noarch):
libwebkit2gtk3-lang-2.20.3-11.1
- openSUSE Leap 42.3 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.20.3-11.1
libjavascriptcoregtk-4_0-18-debuginfo-32bit-2.20.3-11.1
libwebkit2gtk-4_0-37-32bit-2.20.3-11.1
libwebkit2gtk-4_0-37-debuginfo-32bit-2.20.3-11.1
https://www.suse.com/security/cve/CVE-2017-13884.html
https://www.suse.com/security/cve/CVE-2017-13885.html
https://www.suse.com/security/cve/CVE-2017-7153.html
https://www.suse.com/security/cve/CVE-2017-7160.html
https://www.suse.com/security/cve/CVE-2017-7161.html
https://www.suse.com/security/cve/CVE-2017-7165.html
https://www.suse.com/security/cve/CVE-2018-11646.html
https://www.suse.com/security/cve/CVE-2018-11712.html
https://www.suse.com/security/cve/CVE-2018-11713.html
https://www.suse.com/security/cve/CVE-2018-12911.html
https://www.suse.com/security/cve/CVE-2018-4088.html
https://www.suse.com/security/cve/CVE-2018-4096.html
https://www.suse.com/security/cve/CVE-2018-4101.html
https://www.suse.com/security/cve/CVE-2018-4113.html
https://www.suse.com/security/cve/CVE-2018-4114.html
https://www.suse.com/security/cve/CVE-2018-4117.html
https://www.suse.com/security/cve/CVE-2018-4118.html
https://www.suse.com/security/cve/CVE-2018-4119.html
https://www.suse.com/security/cve/CVE-2018-4120.html
https:...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.