Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2022:4641-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2022:4641-1

UNKNOWN

Security update for webkit2gtk3

Published Dec 30, 2022

Modified 3 years ago

Fix available

Details

This update for webkit2gtk3 fixes the following issues:

Update to version 2.38.3:

CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content (bsc#1206474).
CVE-2022-42852: Fixed disclosure of process memory by improved memory handling.
CVE-2022-42867: Fixed a use after free issue was addressed with improved memory management.
CVE-2022-46692: Fixed bypass of Same Origin Policy through improved state management.
CVE-2022-46698: Fixed disclosure of sensitive user information with improved checks.
CVE-2022-46699: Fixed an arbitrary code execution caused by memory corruption.
CVE-2022-46700: Fixed an arbitrary code execution caused by memory corruption.

Affected Packages

SUSE:Enterprise Storage 7libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Enterprise Storage 7.1webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSlibjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSlibwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSlibwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSStypelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSStypelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSStypelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSwebkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSwebkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSwebkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSlibjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSlibwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSlibwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOStypelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOStypelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOStypelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSwebkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSwebkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOSwebkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSlibjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSlibwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSlibwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSStypelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSStypelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSStypelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSwebkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSwebkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSwebkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Real Time 15 SP3webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSSlibjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSSlibwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSSlibwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSStypelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSStypelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSStypelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSSwebkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSSwebkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP2-LTSSwebkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSSlibjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSSlibwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSSlibwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSStypelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSStypelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSStypelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSSwebkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSSwebkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server 15 SP3-LTSSwebkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.1webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.2libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.2libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.2libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.2webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Proxy 4.2webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.1webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.2libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.2libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.2libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.2webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Retail Branch Server 4.2webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1typelib-1_0-JavaScriptCore-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1typelib-1_0-WebKit2-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1typelib-1_0-WebKit2WebExtension-4_0

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1webkit2gtk3

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.1webkit2gtk3-devel

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.2libjavascriptcoregtk-4_0-18

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.2libwebkit2gtk-4_0-37

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.2libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.2webkit2gtk-4_0-injected-bundles

Fixed in:

2.38.3-150200.57.1

SUSE:Manager Server 4.2webkit2gtk3

Fixed in:

2.38.3-150200.57.1

openSUSE:Leap 15.4libwebkit2gtk3-lang

Fixed in:

2.38.3-150200.57.1

openSUSE:Leap 15.4webkit2gtk3

Fixed in:

2.38.3-150200.57.1

References

Upstream

CVE-2022-42852 CVE-2022-42856 CVE-2022-42863 CVE-2022-42867 CVE-2022-46691 CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700

Ecosystems

Timeline

PublishedDec 30, 2022

ModifiedDec 30, 2022

SUSE-SU-2022:4641-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline