Overview

File _patchinfo of Package patchinfo.30424

<patchinfo incident="30424">
  <issue tracker="bnc" id="1216483">VUL-0: webkit2gtk3: regression in security fix</issue>
  <issue tracker="bnc" id="1213581">VUL-0: CVE-2023-32393: webkit2gtk3: Processing web content may lead to arbitrary code execution</issue>
  <issue tracker="bnc" id="1213379">VUL-0: CVE-2023-37450: webkit2gtk3: arbitrary code execution</issue>
  <issue tracker="cve" id="2023-37450"/>
  <issue tracker="cve" id="2023-32393"/>
  <issue tracker="bnc" id="1215661">VUL-0: CVE-2023-41993: webkit2gtk3,libqt5-qtwebkit,libQtWebKit4,webkitgtk: processing malicious web content may lead to arbitrary code execution</issue>
  <issue tracker="bnc" id="1215868">VUL-0: CVE-2023-39928: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports</issue>
  <issue tracker="bnc" id="1215870">VUL-0: CVE-2023-41074: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="bnc" id="1215072">error when starting emacs, because dependency missing to wayland package.</issue>
  <issue tracker="bnc" id="1215866">VUL-0: CVE-2023-35074: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="bnc" id="1215867">VUL-0: CVE-2023-39434: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="bnc" id="1215869">VUL-0: CVE-2023-40451: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="cve" id="2023-41993"/>
  <issue tracker="cve" id="2023-39928"/>
  <issue tracker="cve" id="2023-41074"/>
  <issue tracker="cve" id="2023-39434"/>
  <issue tracker="cve" id="2023-40451"/>
  <issue tracker="cve" id="2023-35074"/>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for webkit2gtk3</summary>
  <description>This update for webkit2gtk3 fixes the following issues:

- CVE-2023-41993: Fixed an issue where processing malicious web
  content could have lead to arbitrary code execution (bsc#1215661).
- CVE-2023-39928: Fixed a use-after-free that could be exploited to
  execute arbitrary code when visiting a malicious webpage
  (bsc#1215868).
- CVE-2023-41074: Fixed an issue where processing malicious web
  content could have lead to arbitrary code execution (bsc#1215870).

Non-security fixes:

- Fixed missing package dependencies (bsc#1215072).

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places