File _patchinfo of Package patchinfo.30126

<patchinfo incident="30126">
  <issue tracker="bnc" id="1212863">VUL-0: webkit2gtk3: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0005</issue>
  <issue tracker="bnc" id="1213905">VUL-0: webkit2gtk3: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0007</issue>
  <issue tracker="cve" id="2023-38600"/>
  <issue tracker="cve" id="2023-38572"/>
  <issue tracker="cve" id="2023-38599"/>
  <issue tracker="cve" id="2023-32439"/>
  <issue tracker="cve" id="2022-48503"/>
  <issue tracker="cve" id="2023-38594"/>
  <issue tracker="cve" id="2023-38592"/>
  <issue tracker="cve" id="2023-38611"/>
  <issue tracker="cve" id="2023-32435"/>
  <issue tracker="cve" id="2023-38133"/>
  <issue tracker="cve" id="2023-38595"/>
  <issue tracker="cve" id="2023-38597"/>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for webkit2gtk3</summary>
  <description>This update for webkit2gtk3 fixes the following issues:

Update to version 2.40.5 (bsc#1213905):

- CVE-2023-38133: Fixed information disclosure.
- CVE-2023-38572: Fixed Same-Origin-Policy bypass.
- CVE-2023-38592: Fixed arbitrary code execution.
- CVE-2023-38594: Fixed arbitrary code execution.
- CVE-2023-38595: Fixed arbitrary code execution.
- CVE-2023-38597: Fixed arbitrary code execution.
- CVE-2023-38599: Fixed sensitive user information tracking.
- CVE-2023-38600: Fixed arbitrary code execution.
- CVE-2023-38611: Fixed arbitrary code execution.

Update to version 2.40.3 (bsc#1212863):

- CVE-2023-32439: Fixed a bug where processing maliciously crafted web content may lead to arbitrary code execution. (bsc#1212863)
- CVE-2023-32435: Fixed a bug where processing web content may lead to arbitrary code execution. (bsc#1212863)
- CVE-2022-48503: Fixed a bug where processing web content may lead to arbitrary code execution. (bsc#1212863)
</description>
</patchinfo>