Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2018:0326-1
HistoryFeb 01, 2018 - 12:14 a.m.

Security update for webkit2gtk3 (important)

2018-02-0100:14:30
lists.opensuse.org
205

0.976 High

EPSS

Percentile

100.0%

JSON

This update for webkit2gtk3 fixes the following issues:

Update to version 2.18.5:

 + Disable SharedArrayBuffers from Web API.
 + Reduce the precision of "high" resolution time to 1ms.
 + bsc#1075419 - Security fixes: includes improvements to mitigate the
   effects of Spectre and Meltdown (CVE-2017-5753 and CVE-2017-5715).

Update to version 2.18.4:

 + Make WebDriver implementation more spec compliant.
 + Fix a bug when trying to remove cookies before a web process is
   spawned.
 + WebKitWebDriver process no longer links to libjavascriptcoregtk.
 + Fix several memory leaks in GStreamer media backend.
 + bsc#1073654 - Security fixes: CVE-2017-13866, CVE-2017-13870,
   CVE-2017-7156, CVE-2017-13856.

Update to version 2.18.3:

 + Improve calculation of font metrics to prevent scrollbars from being
   shown unnecessarily in some cases.
 + Fix handling of null capabilities in WebDriver implementation.
 + Security fixes: CVE-2017-13798, CVE-2017-13788, CVE-2017-13803.

Update to version 2.18.2:

 + Fix rendering of arabic text.
 + Fix a crash in the web process when decoding GIF images.
 + Fix rendering of wind in Windy.com.
 + Fix several crashes and rendering issues.

Update to version 2.18.1:

 + Improve performance of GIF animations.
 + Fix garbled display in GMail.
 + Fix rendering of several material design icons when using the web font.
 + Fix flickering when resizing the window in Wayland.
 + Prevent default kerberos authentication credentials from being used in
   ephemeral sessions.
 + Fix a crash when webkit_web_resource_get_data() is cancelled.
 + Correctly handle touchmove and touchend events in WebKitWebView.
 + Fix the build with enchant 2.1.1.
 + Fix the build in HPPA and Alpha.
 + Fix several crashes and rendering issues.
 + Security fixes: CVE-2017-7081, CVE-2017-7087, CVE-2017-7089,
   CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093,
   CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098,
   CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104,
   CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117,
   CVE-2017-7120, CVE-2017-7142.
  • Enable gold linker on s390/s390x on SLE15/Tumbleweed.

This update was imported from the SUSE:SLE-12-SP2:Update update project.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.3x86_64libjavascriptcoregtk-4_0-18< 2.18.5-8.1libjavascriptcoregtk-4_0-18-2.18.5-8.1.x86_64.rpm
openSUSE Leap42.3noarchlibwebkit2gtk3-lang< 2.18.5-8.1libwebkit2gtk3-lang-2.18.5-8.1.noarch.rpm
openSUSE Leap42.3x86_64libwebkit2gtk-4_0-37< 2.18.5-8.1libwebkit2gtk-4_0-37-2.18.5-8.1.x86_64.rpm
openSUSE Leap42.3x86_64webkit2gtk-4_0-injected-bundles-debuginfo< 2.18.5-8.1webkit2gtk-4_0-injected-bundles-debuginfo-2.18.5-8.1.x86_64.rpm
openSUSE Leap42.3i586libjavascriptcoregtk-4_0-18< 2.18.5-8.1libjavascriptcoregtk-4_0-18-2.18.5-8.1.i586.rpm
openSUSE Leap42.3x86_64typelib-1_0-webkit2webextension-4_0< 2.18.5-8.1typelib-1_0-WebKit2WebExtension-4_0-2.18.5-8.1.x86_64.rpm
openSUSE Leap42.3i586webkit-jsc-4< 2.18.5-8.1webkit-jsc-4-2.18.5-8.1.i586.rpm
openSUSE Leap42.3x86_64webkit2gtk3-devel< 2.18.5-8.1webkit2gtk3-devel-2.18.5-8.1.x86_64.rpm
openSUSE Leap42.3x86_64webkit2gtk3-plugin-process-gtk2< 2.18.5-8.1webkit2gtk3-plugin-process-gtk2-2.18.5-8.1.x86_64.rpm
openSUSE Leap42.3i586libwebkit2gtk-4_0-37< 2.18.5-8.1libwebkit2gtk-4_0-37-2.18.5-8.1.i586.rpm
Rows per page:
1-10 of 351

Related

nessus 64
suse 5
openvas 43
kaspersky 3
freebsd 2
apple 32
zdt 1
ubuntu 7
gentoo 2
fedora 15
archlinux 3
mageia 4
lenovo 2
ibm 9
qualysblog 3
threatpost 1
symantec 1
f5 1
arista 1
nessus
nessus
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2018:0219-1) (Meltdown) (Spectre)
2018-01-26 00:00:00
openSUSE Security Update : webkit2gtk3 (openSUSE-2018-118) (Meltdown) (Spectre)
2018-02-01 00:00:00
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2017:2933-1)
2017-11-07 00:00:00
suse
suse
Security update for webkit2gtk3 (important)
2018-01-25 21:10:00
Security update for webkit2gtk3 (important)
2017-11-06 15:08:25
Security update for webkit2gtk3 (important)
2017-11-10 18:22:30
openvas
openvas
openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2018:0326-1)
2018-02-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0219-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2933-1)
2021-04-19 00:00:00
kaspersky
kaspersky
KLA11127 Multiple vulnerabilities in Apple iTunes
2017-09-25 00:00:00
KLA11126 Multiple vulnerabilities in Apple Safari
2017-10-23 00:00:00
KLA11075 Multiple vulnerabilities in Apple iTunes
2017-07-19 00:00:00
freebsd
freebsd
webkit2-gtk3 -- multiple vulnerabilities
2017-07-24 00:00:00
webkit2-gtk3 -- multiple vulnerabilities
2017-10-18 00:00:00
apple
apple
About the security content of Safari 10.1.2 - Apple Support
2017-07-29 06:22:02
About the security content of Safari 10.1.2
2017-07-19 00:00:00
About the security content of iCloud for Windows 6.2.2
2017-07-19 00:00:00
zdt
zdt
WebKitGTK+ Code Execution / Cookie Handling / Memory Corruption Vulnerabilities
2017-10-19 00:00:00
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2017-02-06 00:00:00
WebKitGTK+ vulnerabilities
2017-10-23 00:00:00
WebKitGTK+ vulnerabilities
2017-02-16 00:00:00
gentoo
gentoo
WebKitGTK+: Multiple Vulnerabilities
2017-10-13 00:00:00
WebkitGTK+: Multiple vulnerabilities
2018-01-07 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: webkitgtk4-2.14.3-1.fc24
2017-01-21 20:21:09
[SECURITY] Fedora 25 Update: webkitgtk4-2.14.3-1.fc25
2017-01-20 18:11:24
[SECURITY] Fedora 24 Update: webkitgtk4-2.16.6-1.fc24
2017-08-07 20:18:27
archlinux
archlinux
[ASA-201701-27] webkit2gtk: multiple issues
2017-01-18 00:00:00
[ASA-201707-25] webkit2gtk: multiple issues
2017-07-26 00:00:00
[ASA-201702-9] webkit2gtk: multiple issues
2017-02-11 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerability
2017-07-30 11:17:28
Updated webkit2 packages fix security vulnerabilities
2017-11-27 00:18:31
Updated webkit2 packages fix security vulnerabilities
2018-01-01 04:17:34
lenovo
lenovo
Reading Privileged Memory with a Side Channel - Lenovo Support US
2018-10-24 12:22:52
Reading Privileged Memory with a Side Channel - US
2018-10-24 12:22:52
ibm
ibm
Security Bulletin: IBM Information Server on Cloud is affected by the vulnerabilities known as Spectre and Meltdown.
2018-06-16 14:18:58
Security Bulletin: IBM QRadar SIEM has released 7.3.1 Patch 4, and 7.2.8 Patch 13 in response to the vulnerabilities known as Spectre and Meltdown.
2018-08-15 16:21:39
Security Bulletin: IBM Db2 Hosted is affected by the vulnerabilities known as Spectre and Meltdown
2018-06-16 14:18:59
qualysblog
qualysblog
Apple in the InfoSec Spotlight, as GitHub Falls Prey to Amplified DDoS Attack
2018-03-02 14:48:53
Meltdown/Spectre and Qualys Cloud Platform
2018-01-09 02:36:19
Processor Vulnerabilities – Meltdown and Spectre
2018-01-04 02:17:43
threatpost
threatpost
Experts Weigh In On Spectre Patch Challenges
2018-01-07 23:21:34
symantec
symantec
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-01-03 00:00:00
f5
f5
Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754
2018-01-04 04:46:00
arista
arista
Security Advisory 0031
2018-01-03 00:00:00

0.976 High

EPSS

Percentile

100.0%

JSON
Related for OPENSUSE-SU-2018:0326-1
nessus64suse5openvas43kaspersky3freebsd2apple32zdt1ubuntu7gentoo2fedora15archlinux3mageia4lenovo2ibm9qualysblog3threatpost1symantec1f51arista1