Overview

File _patchinfo of Package patchinfo.10424

<patchinfo incident="10424">
  <issue tracker="bnc" id="1124937">VUL-0: webkit2gtk3: Security Advisory WSA-2019-0001</issue>
  <issue tracker="cve" id="2019-6233"/>
  <issue tracker="cve" id="2019-6212"/>
  <issue tracker="cve" id="2019-6227"/>
  <issue tracker="cve" id="2019-6229"/>
  <issue tracker="cve" id="2019-6217"/>
  <issue tracker="cve" id="2019-6216"/>
  <issue tracker="cve" id="2019-6215"/>
  <issue tracker="cve" id="2019-6226"/>
  <issue tracker="cve" id="2019-6234"/>
  <category>security</category>
  <rating>important</rating>
  <packager>mgorse</packager>
  <description>This update for webkit2gtk3 to version 2.22.6 fixes the following issues:

Security issues fixed:

- CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing
  of special crafted web-content.
- CVE-2019-6215: Fixed a type confusion vulnerability which could allow arbitrary code execution during the processing
  of special crafted web-content.
- CVE-2019-6216: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing
  of special crafted web-content. 
- CVE-2019-6217: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing
  of special crafted web-content. 
- CVE-2019-6226: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing
  of special crafted web-content.  
- CVE-2019-6227: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing
  of special crafted web-content.
- CVE-2019-6229: Fixed a logic issue by improving validation which could allow arbitrary code execution during the processing
  of special crafted web-content.
- CVE-2019-6233: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing
  of special crafted web-content.
- CVE-2019-6234: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing
  of special crafted web-content.

Other issues addressed:   
- Update to version 2.22.6 (bsc#1124937).
- Kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour.
- Fixed Web inspector magnifier under Wayland.
- Fixed garbled rendering of some websites (e.g. YouTube) while scrolling under X11.
- Fixed several crashes, race conditions, and rendering issues.

</description>
  <summary>Security update for webkit2gtk3</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places