Overview
Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues:

-webkit2gtk3 was updated to version 2.30.3 (bsc#1179122 bsc#1179451):
- CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution.
- CVE-2021-13584: Fixed a use after free which could have led to arbitrary code execution.
- CVE-2021-9948: Fixed a type confusion which could have led to arbitrary code execution.
- CVE-2021-9951: Fixed a use after free which could have led to arbitrary code execution.
- CVE-2021-9983: Fixed an out of bounds write which could have led to arbitrary code execution.
- Have the libwebkit2gtk package require libjavascriptcoregtk of
the same version (bsc#1171531).
- Enable c_loop on aarch64: currently needed for compilation to
succeed with JIT disabled. Also disable sampling profiler, since
it conflicts with c_loop (bsc#1177087).

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Fixed bugs
bnc#1171531
[bug] libwebkit2gtk 2.26.2 to 2.28.2 is a major change, not minor
bnc#1177087
webkit2gtk3 fails to build on aarch64 since update to 2.30.0
bnc#1179122
VUL-0: CVE-2020-13584, CVE-2020-9948, CVE-2020-9951, CVE-2020-9952, CVE-2020-9983: webkit2gtk3: WebKitGTK and WPE WebKit Security Advisory WSA-2020-0008
bnc#1179451
VUL-0: CVE-2020-13543: webkit2gtk3: WebKitGTK and WPE WebKit Security Advisory WSA-2020-0009
CVE-2020-9948
CVE-2020-9951
CVE-2020-9983
CVE-2020-13543
CVE-2020-13584
Selected Binaries
openSUSE Build Service is sponsored by
Places