SUSE-SU-2023:0573-1

This update for webkit2gtk3 fixes the following issues:

Update to version 2.38.5 (boo#1208328):

• CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content.

Update to version 2.38.4 (boo#1207997):

• CVE-2023-23517: Fixed web content processing that could have led to arbitrary code execution.
• CVE-2023-23518: Fixed web content processing that could have led to arbitrary code execution.
• CVE-2022-42826: Fixed a use-after-free issue that was caused by improper memory management.

New CVE and bug references where added for already released updates:

Update to version 2.38.3 (boo#1206750):

• CVE-2022-42852: Fixed disclosure of process memory by improved memory handling.
• CVE-2022-42867: Fixed a use after free issue was addressed with improved memory management.
• CVE-2022-46692: Fixed bypass of Same Origin Policy through improved state management.
• CVE-2022-46698: Fixed disclosure of sensitive user information with improved checks.
• CVE-2022-46699: Fixed an arbitrary code execution caused by memory corruption.
• CVE-2022-46700: Fixed a potential arbitrary code execution when processing maliciously crafted web content.

Update to version 2.38.1:

• CVE-2022-46691: Fixed a potential arbitrary code execution when processing maliciously crafted web content.

Update to version 2.38.0:

• CVE-2022-42863: Fixed a potential arbitrary code execution when processing maliciously crafted web content.