Overview

File _patchinfo of Package patchinfo.31972

<patchinfo incident="31972">
  <issue tracker="bnc" id="1215870">VUL-0: CVE-2023-41074: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009</issue>
  <issue tracker="bnc" id="1218032">VUL-0: CVE-2023-42883: webkitgtk: processing a malicious image may lead to a denial-of-service</issue>
  <issue tracker="bnc" id="1215868">VUL-0: CVE-2023-39928: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports</issue>
  <issue tracker="bnc" id="1218033">VUL-0: CVE-2023-42890: webkitgtk: processing malicious web content may lead to arbitrary code execution</issue>
  <issue tracker="cve" id="2023-41074"/>
  <issue tracker="cve" id="2023-32359"/>
  <issue tracker="cve" id="2023-42883"/>
  <issue tracker="cve" id="2023-42890"/>
  <issue tracker="cve" id="2023-39928"/>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for webkit2gtk3</summary>
  <description>This update for webkit2gtk3 fixes the following issues:

- CVE-2023-42890: Fixed processing malicious web content may lead to arbitrary code execution (bsc#1218033).
- CVE-2023-42883: Fixed processing a malicious image may lead to a denial-of-service (bsc#1218032).
- CVE-2023-41074: Fixed use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports (bsc#1215870).
- CVE-2023-40451, CVE-2023-41074: Update to version 2.42.4 (bsc#1215868).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places