Overview

File _patchinfo of Package patchinfo.31035

<patchinfo incident="31035">
  <category>security</category>
  <rating>important</rating>
  <packager>msmeissn</packager>
  <issue tracker="bnc" id="1216483">VUL-0: webkit2gtk3: regression in security fix</issue>
  <issue tracker="bnc" id="1214835">15.5 patch cant get handled automatically? - openSUSE-SLE-15.5-2023-3413-1</issue>
  <issue tracker="bnc" id="1214640">Dependency issue with WebKit2GTK in patch:openSUSE-SLE-15.4-2023-3419-1.noarch</issue>
  <issue tracker="bnc" id="1214093">openSUSE-SLE-15.4-2023-3233 fails to install due to missing libwebkit2gtk3 = 2.40.5</issue>
  <issue tracker="bnc" id="1215661">VUL-0: CVE-2023-41993: webkit2gtk3,libqt5-qtwebkit,libQtWebKit4,webkitgtk: processing malicious web content may lead to arbitrary code execution</issue>
  <issue tracker="bnc" id="1215868">VUL-0: CVE-2023-39928: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports</issue>
  <issue tracker="bnc" id="1215870">VUL-0: CVE-2023-41074: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="bnc" id="1215072">error when starting emacs, because dependency missing to wayland package.</issue>
  <issue tracker="bnc" id="1215866">VUL-0: CVE-2023-35074: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="bnc" id="1215867">VUL-0: CVE-2023-39434: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="bnc" id="1215869">VUL-0: CVE-2023-40451: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="cve" id="2023-41993"/>
  <issue tracker="cve" id="2023-39928"/>
  <issue tracker="cve" id="2023-41074"/>
  <issue tracker="cve" id="2023-39434"/>
  <issue tracker="cve" id="2023-40451"/>
  <issue tracker="cve" id="2023-35074"/>
  <summary>Security update for webkit2gtk3</summary>
<description>
This update for webkit2gtk3 ships missing Lang packages to SUSE Linux Enterprise 15 SP4 and SP5.

Security fixes:

- CVE-2023-41993: Fixed an issue where processing malicious web
  content could have lead to arbitrary code execution (bsc#1215661).
- CVE-2023-39928: Fixed a use-after-free that could be exploited to
  execute arbitrary code when visiting a malicious webpage
  (bsc#1215868).
- CVE-2023-41074: Fixed an issue where processing malicious web
  content could have lead to arbitrary code execution (bsc#1215870).

Other fixes:

- Fixed missing package dependencies (bsc#1215072).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places