Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 15 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian webkit2gtk Critical Process Crash and DoS Advisory DSA-6172-1

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-43214 shandikri discovered that processing maliciously crafted web content may lead to an unexpected process crash.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6172-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia March 21, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2025-43214 CVE-2025-43457 CVE-2025-43511 CVE-2026-20608 CVE-2026-20635 CVE-2026-20636 CVE-2026-20644 CVE-2026-20652 CVE-2026-20676 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-43214 shandikri discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43457 Gary Kwong and Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43511 Lee Dong Ha discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2026-20608 HanQing and Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2026-20635 EntryHi discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2026-20636 EntryHi discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2026-20644 HanQing and Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2026-20652 Nathaniel Oh discovered that a remote attacker may be able to cause a denial-of-service. CVE-2026-20676 Tom Van Goethem discovered that a websitemay be able to track users through web extensions. For the oldstable distribution (bookworm), these problems have been fixed in version 2.50.6-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in version 2.50.6-1~deb13u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian warns of critical vulnerabilities in webkit2gtk that may lead to unexpected crashes and denial of service.. Debian, WebKitGTK, process crash, denial of service, web application security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 21, 2026 Critical Debian
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 11: Critical Memory Corruption Vulnerability in WebKitGTK DLA-4414-1

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-14174 Apple and the Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to memory. Debian LTS Advisory DLA-4414-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 18, 2025 https://wiki.debian.org/LTS Package : webkit2gtk Version : 2.50.4-1~deb11u1 CVE ID : CVE-2025-14174 CVE-2025-43501 CVE-2025-43529 CVE-2025-43531 CVE-2025-43535 CVE-2025-43536 CVE-2025-43541 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-14174 Apple and the Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-43529 was also issued in response to this report. CVE-2025-43501 Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43529 The Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report. CVE-2025-43531 Phil Pizlo discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43535 Google Big Sleep / Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43536 Nan Wang discovered that processing maliciously craftedweb content may lead to an unexpected process crash. CVE-2025-43541 Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash. For Debian 11 bullseye, these problems have been fixed in version 2.50.4-1~deb11u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Address critical security risks in webkit2gtk for Debian LTS with patch updates against memory corruption and crash exploits.. Debian security, webkit2gtk, software patch, memory corruption, application security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 18, 2025 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianarbitrary code execution

Debian: webkit2gtk Important Memory Corruption Issues DSA-6083-1

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-14174 Apple and the Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to memory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6083-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia December 18, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2025-14174 CVE-2025-43501 CVE-2025-43529 CVE-2025-43531 CVE-2025-43535 CVE-2025-43536 CVE-2025-43541 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-14174 Apple and the Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-43529 was also issued in response to this report. CVE-2025-43501 Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43529 The Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report. CVE-2025-43531 Phil Pizlo discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43535 Google Big Sleep / Nan Wang discovered that processing maliciously crafted web contentmay lead to an unexpected process crash. CVE-2025-43536 Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43541 Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash. For the oldstable distribution (bookworm), these problems have been fixed in version 2.50.4-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in version 2.50.4-1~deb13u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Multiple vulnerabilities in WebKitGTK require attention. Upgrade advised to prevent memory corruption and crashes.. WebKitGTK, Debian Security, Memory Corruption, Code Execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 18, 2025 Important Debian
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasoftware update

Fedora 42 Update: qt5-qttranslations Bugfix 2025-976ccd79ae Released

Qt 5.15.18 bugfix release. Qt5 WebEngine update to 5.15.19.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-976ccd79ae 2025-11-06 02:22:59.541317+00:00 -------------------------------------------------------------------------------- Name : qt5-qttranslations Product : Fedora 42 Version : 5.15.18 Release : 1.fc42 URL : http://www.qt.io Summary : Qt5 - QtTranslations module Description : Qt5 - QtTranslations module. -------------------------------------------------------------------------------- Update Information: Qt 5.15.18 bugfix release. Qt5 WebEngine update to 5.15.19. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 4 2025 Jan Grulich - 5.15.18-1 - 5.15.18 * Fri Jul 25 2025 Fedora Release Engineering - 5.15.17-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-976ccd79ae' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Qt 5.15.18 bugfix release and WebEngine update for Fedora 42. Install via dnf upgrade for improvements and fixes.. Qt5 Update, Fedora 42, Software Bugfix, QtTranslations Module. . Severity: Informational. LinuxSecurity.com Team

Calendar 2 Nov 06, 2025 Informational Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 43: qtwebkit Significant Optimization Enhancement 2025-892134hfed

Update to 2.50.0: Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads. Enable damage propagation to the UI process by default. CSS property font-variant-emoji is now enabled by default.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-793513dcf7 2025-10-03 00:14:50.085786+00:00 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 43 Version : 2.50.0 Release : 2.fc43 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: Update to 2.50.0: Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads. Enable damage propagation to the UI process by default. CSS property font-variant-emoji is now enabled by default. Font synthesis properties (bold/italic) are now properly handled. Ensure web view is focused on tap gesture. Added new API to get the theme color of a WebKitWebView. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 18 2025 Michael Catanzaro - 2.50.0-2 - Fix build on i686 * Wed Sep 17 2025 Michael Catanzaro - 2.50.0-1 - Update to 2.50.0 * Tue Sep 2 2025 Michael Catanzaro - 2.49.90-1 - Update to 2.49.90 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-793513dcf7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical Fedora 43 webkitgtk update improves rendering performance and includes new CSS features.. Fedora Update, webkitgtk Performance, Web Rendering Engine. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 03, 2025 Important Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianmemory corruption

Debian WebKitGTK DSA-5937-1: Addresses Critical Memory Corruption

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-24223 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5937-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia June 06, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2025-24223 CVE-2025-31204 CVE-2025-31205 CVE-2025-31206 CVE-2025-31215 CVE-2025-31257 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-24223 rheza and an anonymous researcher discovered that processing maliciously crafted web content may lead to memory corruption. CVE-2025-31204 Nan Wang discovered that processing maliciously crafted web content may lead to memory corruption. CVE-2025-31205 Ivan Fratric discovered that a malicious website may exfiltrate data cross-origin. CVE-2025-31206 An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-31215 Jiming Wang and Jikai Ren discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-31257 Juergen Schmied discovered that processing maliciously crafted web content may lead to an unexpected process crash. For the stable distribution (bookworm), these problems have been fixed in version 2.48.3-1~deb12u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at:https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Risks linked to WebKitGTK could compromise Debian's integrity and security, potentially leading to system failures and revealing sensitive information.. WebKitGTK Vulnerabilities, Debian Security Update, Memory Corruption Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 06, 2025 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowcross-site scripting

SUSE 2025:1336-1 Critical: webkit2gtk3 vulnerabilities with XSS and memory

* bsc#1240958 * bsc#1240961 * bsc#1240962 * bsc#1240963 * bsc#1240964 . # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:1336-1 Release Date: 2025-04-17T11:01:57Z Rating: important References: * bsc#1240958 * bsc#1240961 * bsc#1240962 * bsc#1240963 * bsc#1240964 * bsc#1240986 * bsc#1240987 Cross-References: * CVE-2024-54551 * CVE-2025-24208 * CVE-2025-24209 * CVE-2025-24213 * CVE-2025-24216 * CVE-2025-24264 * CVE-2025-30427 CVSS scores: * CVE-2024-54551 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54551 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54551 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-24208 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-24208 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-24208 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-24209 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24209 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24209 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-24213 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24213 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24216 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-24216 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-24216 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-24264 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24264 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24264 ( NVD ): 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-30427 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-30427 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-30427 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves seven vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * Update to version 2.48.1 * CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content (bsc#1240962) * CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a malicious iframe (bsc#1240961) * CVE-2025-24209: buffer overflow may lead to crash when processing maliciously crafted web content (bsc#1240964) * CVE-2025-24213: type confusion issue may lead to memory corruption (bsc#1240963) * CVE-2025-24216: improper memory handling may lead to an unexpected crash when processing certain web content (bsc#1240986) * CVE-2025-24264: improper memory handling may lead to unexpected crash when processing certain web content (bsc#1240987) * CVE-2025-30427:use-after-free issue may lead to an unexpected Safari crash when processing maliciously crafted web content (bsc#1240958) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1336=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1336=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1336=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1336=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1336=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1336=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1336=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1336=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1336=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1336=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1336=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1336=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit-jsc-4-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * webkit-jsc-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-minibrowser-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk4-devel-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit-jsc-4.1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-minibrowser-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit-6_0-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-6_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk4-minibrowser-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * webkit-jsc-6.0-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * webkit-jsc-6.0-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * webkit2gtk4-minibrowser-2.48.1-150400.4.115.2 *webkit2gtk3-minibrowser-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * webkit-jsc-4.1-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-minibrowser-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * openSUSE Leap 15.4 (x86_64) * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-32bit-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-32bit-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-32bit-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-32bit-2.48.1-150400.4.115.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-64bit-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-64bit-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-64bit-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 *libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 *webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 *libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 *typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 *webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 *libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 *libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * WebKitGTK-4.1-lang-2.48.1-150400.4.115.2 * WebKitGTK-6.0-lang-2.48.1-150400.4.115.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.1-150400.4.115.2 * webkit2gtk3-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * webkitgtk-6_0-injected-bundles-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-2.48.1-150400.4.115.2 * webkit2gtk-4_1-injected-bundles-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 *libwebkit2gtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk3-devel-2.48.1-150400.4.115.2 * libwebkitgtk-6_0-4-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_1-0-2.48.1-150400.4.115.2 * webkit2gtk4-debugsource-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_1-2.48.1-150400.4.115.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * SUSE Manager Proxy 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 *libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.48.1-150400.4.115.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2-4_0-2.48.1-150400.4.115.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-2.48.1-150400.4.115.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-debugsource-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.1-150400.4.115.2 * webkit2gtk-4_0-injected-bundles-2.48.1-150400.4.115.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.1-150400.4.115.2 * typelib-1_0-JavaScriptCore-4_0-2.48.1-150400.4.115.2 * webkit2gtk3-soup2-devel-2.48.1-150400.4.115.2 ## References: * https://www.suse.com/security/cve/CVE-2024-54551.html * https://www.suse.com/security/cve/CVE-2025-24208.html * https://www.suse.com/security/cve/CVE-2025-24209.html * https://www.suse.com/security/cve/CVE-2025-24213.html * https://www.suse.com/security/cve/CVE-2025-24216.html * https://www.suse.com/security/cve/CVE-2025-24264.html * https://www.suse.com/security/cve/CVE-2025-30427.html * https://bugzilla.suse.com/show_bug.cgi?id=1240958 * https://bugzilla.suse.com/show_bug.cgi?id=1240961 * https://bugzilla.suse.com/show_bug.cgi?id=1240962 * https://bugzilla.suse.com/show_bug.cgi?id=1240963 * https://bugzilla.suse.com/show_bug.cgi?id=1240964 * https://bugzilla.suse.com/show_bug.cgi?id=1240986 * https://bugzilla.suse.com/show_bug.cgi?id=1240987 . An important patch for webkit2gtk3 tackles various vulnerabilities and improves the reliability of Linux systems.. SUSE, webkit2gtk, security update, cross-site scripting, buffer overflow. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 17, 2025 Critical SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of serviceDebian

Debian: DSA-5899-1 moderate: webkit2gtk denial of service and xss

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-54551 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5899-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia April 10, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2024-54551 CVE-2025-24208 CVE-2025-24209 CVE-2025-24213 CVE-2025-24216 CVE-2025-24264 CVE-2025-30427 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-54551 ajajfxhj discovered that processing web content may lead to a denial-of-service. CVE-2025-24208 Muhammad Zaid Ghifari and Kalimantan Utara discovered that loading a malicious iframe may lead to a cross-site scripting attack. CVE-2025-24209 Francisco Alonso and an anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-24213 The Google V8 Security Team discovered that a type confusion issue could lead to memory corruption. Note that this CVE is fixed only on ARM architectures. x86_64 is not vulnerable, x86 is not vulnerable when the SSE2 instruction set is enabled; but other architectures remain vulnerable. CVE-2025-24216 Paul Bakker discovered that processing maliciously crafted web content may lead to an unexpected Safari crash. CVE-2025-24264 Gary Kwong and an anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected crash. CVE-2025-30427 rheza discovered that processing maliciously crafted web content may lead to an unexpected crash. For the stable distribution (bookworm), these problems have been fixed in version2.48.1-2~deb12u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance the webkit2gtk package in Debian to resolve severe security vulnerabilities and mitigate risks of attacks stemming from harmful content.. Debian Security Advisory, WebKitGTK Security, Denial of Service Fix. . LinuxSecurity.com Team

Calendar 2 Apr 10, 2025 Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here