Explore top 10 tips to secure your open-source projects now. Read More
×
This update for webkit2gtk3 fixes the following issues:
Update to version 2.52.1.
Security issues fixed:
* CVE-2023-43010: processing maliciously crafted web content may lead to
memory corruption (bsc#1259950).
* CVE-2025-31223: processing maliciously crafted web content may lead to
memory corruption (bsc#1259949).
* CVE-2025-31277: processing maliciously crafted web content may lead to
memory corruption (bsc#1259948).
* CVE-2025-43213: processing maliciously crafted web content may lead to an
unexpected crash (bsc#1259947).
* CVE-2025-43214: processing maliciously crafted web content may lead to an
unexpected crash (bsc#1259946).
* CVE-2025-43433: processing maliciously crafted web content may lead to
memory corruption (bsc#1259945).
* CVE-2025-43438: processing maliciously crafted web content may lead to an
unexpected crash (bsc#1259944).
* CVE-2025-43441: processing maliciously crafted web content may lead to an
unexpected process...
Read the Full Advisory## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1364=1 openSUSE-SLE-15.6-2026-1364=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1364=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1364=1
* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1364=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1364=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1364=1
* openSUSE Leap 15.6 (noarch)
* WebKitGTK-4.0-lang-2.52.1-150600.12.63.1
* WebKitGTK-6.0-lang-2.52.1-150600.12.63.1
* WebKitGTK-4.1-lang-2.52.1-150600.12.63.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* webkit2gtk-4_0-injected-bundles-debuginfo-2.52.1-150600.12.63.1
* webkit2gtk4-minibrowser-debuginfo-2.52.1-150600.12.63.1
* libwebkit2gtk-4_0-37-debuginfo-2.52.1-150600.12.63.1
* webkit-jsc-6.0-debuginfo-2.52.1-150600.12.63.1
* libwebkitgtk-6_0-4-2.52.1-150600.12.63.1
* webkit2gtk3-soup2-minibrowser-2.52.1-150600.12.63.1
* webkit2gtk4-devel-2.52.1-150600.12.63.1
* libjavascriptcoregtk-4_1-0-2.52.1-150600.12.63.1
* libjavascriptcoregtk-6_0-1-2.52.1-150600.12.63.1
* webkit2gtk-4_1-injected-bundles-2.52.1-150600.12.63.1
* webkit2gtk-4_0-injected-bundles-2.52.1-150600.12.63.1
* webkit2gtk3-soup2-devel-2.52.1-150600.12.63.1
* webkit2gtk4-debugsource-2.52.1-150600.12.63.1
* webkit-jsc-4-2.52.1-150600.12.63.1
* webkit-jsc-6.0-2.52.1-150600.12.63.1
*...
Read the Full Advisory* bsc#1259934
* bsc#1259935
* bsc#1259936
* bsc#1259937
* bsc#1259938
* bsc#1259939
* bsc#1259940
* bsc#1259941
* bsc#1259942
* bsc#1259943
* bsc#1259944
* bsc#1259945
* bsc#1259946
* bsc#1259947
* bsc#1259948
* bsc#1259949
* bsc#1259950
* bsc#1261172
* bsc#1261173
* bsc#1261174
* bsc#1261175
* bsc#1261176
* bsc#1261177
* bsc#1261178
* bsc#1261179
## References:
* https://www.suse.com/security/cve/CVE-2023-43010.html
* https://www.suse.com/security/cve/CVE-2025-31223.html
* https://www.suse.com/security/cve/CVE-2025-31277.html
* https://www.suse.com/security/cve/CVE-2025-43213.html
* https://www.suse.com/security/cve/CVE-2025-43214.html
* https://www.suse.com/security/cve/CVE-2025-43433.html
* https://www.suse.com/security/cve/CVE-2025-43438.html
* https://www.suse.com/security/cve/CVE-2025-43441.html
* https://www.suse.com/security/cve/CVE-2025-43457.html
* https://www.suse.com/security/cve/CVE-2025-43511.html
* https://www.suse.com/security/cve/CVE-2025-46299.html
* https://www.suse.com/security/cve/CVE-2026-20608.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.