Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

SUSE: 2018:3387-1 Moderate: WebKit2Gtk3 Update for 40 Issues

suse
Calendar Grey October 24, 2018
Dist Suse Esm H88
SUSE has released a critical security patch for webkit2gtk3 addressing several vulnerabilities. Update without delay to ensure robust security.
An update that fixes 40 vulnerabilities is now available

Summary

This update for webkit2gtk3 to version 2.20.3 fixes the issues: The following security vulnerabilities were addressed: - CVE-2018-12911: Fixed an off-by-one error in xdg_mime_get_simple_globs (boo#1101999) - CVE-2017-13884: An unspecified issue allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1075775). - CVE-2017-13885: An unspecified issue allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1075775). - CVE-2017-7153: An unspecified issue allowed remote attackers to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401

References

#1075775 #1077535 #1079512 #1088182 #1088932

#1092278 #1092279 #1092280 #1095611 #1096060

#1096061 #1097693 #1101999 #1102530 #1104169

Cross- CVE-2017-13884 CVE-2017-13885 CVE-2017-7153

CVE-2017-7160 CVE-2017-7161 CVE-2017-7165

CVE-2018-11646 CVE-2018-11712 CVE-2018-11713

CVE-2018-12911 CVE-2018-4088 CVE-2018-4096

CVE-2018-4101 CVE-2018-4113 CVE-2018-4114

CVE-2018-4117 CVE-2018-4118 CVE-2018-4119

CVE-2018-4120 CVE-2018-4121 CVE-2018-4122

CVE-2018-4125 CVE-2018-4127 CVE-2018-4128

CVE-2018-4129 CVE-2018-4133 CVE-2018-4146

CVE-2018-4161 CVE-2018-4162 CVE-2018-4163

CVE-2018-4165 CVE-2018-4190 CVE-2018-4199

CVE-2018-4200 CVE-2018-4204 CVE-2018-4218

CVE-2018-4222 CVE-2018-4232 CVE-2018-4233

...

Read the Full Advisory

Announcement ID: SUSE-SU-2018:3387-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.