Lucene search

K
suseSuseOPENSUSE-SU-2020:0646-1
HistoryMay 11, 2020 - 12:00 a.m.

Security update for webkit2gtk3 (important)

2020-05-1100:00:00
lists.opensuse.org
52
webkit2gtk3
security update
cve-2020-3899
memory consumption
remote code execution
suse:sle-15:update
opensuse leap 15.1
patch

EPSS

0.011

Percentile

84.6%

An update that fixes one vulnerability is now available.

Description:

This update for webkit2gtk3 fixes the following issues:

Security issue fixed:

  • CVE-2020-3899: Fixed a memory consumption issue that could have led to
    remote code execution (bsc#1170643).

Non-security issues fixed:

  • Update to version 2.28.2 (bsc#1170643):
    • Fix excessive CPU usage due to GdkFrameClock not being stopped.
    • Fix UI process crash when EGL_WL_bind_wayland_display extension is not
      available.
    • Fix position of select popup menus in X11.
    • Fix playing of Youtube ‘live stream’/H264 URLs.
    • Fix a crash under X11 when cairo uses xcb.
    • Fix several crashes and rendering issues.

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2020-646=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1i586< - openSUSE Leap 15.1 (i586 x86_64):- openSUSE Leap 15.1 (i586 x86_64):.i586.rpm
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (i586 x86_64):- openSUSE Leap 15.1 (i586 x86_64):.x86_64.rpm
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm
openSUSE Leap15.1noarch< - openSUSE Leap 15.1 (noarch):- openSUSE Leap 15.1 (noarch):.noarch.rpm