Security update for webkit2gtk3 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:1681-1 Final 1 1 2023-03-29T14:23:28Z current 2023-03-29T14:23:28Z 2023-03-29T14:23:28Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkit2gtk3 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.5 (boo#1208328): - CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content. - CVE-2023-23518: Processing maliciously crafted web content may lead to Previously fixed inside update to version 2.38.4 (boo#1207997): - CVE-2022-42826: Fixed a use-after-free issue that was caused by improper memory management. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2023-1681,SUSE-OpenStack-Cloud-9-2023-1681,SUSE-OpenStack-Cloud-Crowbar-9-2023-1681,SUSE-SLE-SAP-12-SP4-2023-1681,SUSE-SLE-SDK-12-SP5-2023-1681,SUSE-SLE-SERVER-12-SP2-BCL-2023-1681,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-1681,SUSE-SLE-SERVER-12-SP4-LTSS-2023-1681,SUSE-SLE-SERVER-12-SP5-2023-1681 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20231681-1/ Link for SUSE-SU-2023:1681-1 https://lists.suse.com/pipermail/sle-updates/2023-March/028468.html E-Mail link for SUSE-SU-2023:1681-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1207997 SUSE Bug 1207997 https://bugzilla.suse.com/1208328 SUSE Bug 1208328 https://www.suse.com/security/cve/CVE-2022-42826/ SUSE CVE CVE-2022-42826 page https://www.suse.com/security/cve/CVE-2023-23518/ SUSE CVE CVE-2023-23518 page https://www.suse.com/security/cve/CVE-2023-23529/ SUSE CVE CVE-2023-23529 page SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 libjavascriptcoregtk-4_0-18-32bit-2.38.5-2.131.4 libjavascriptcoregtk-4_0-18-64bit-2.38.5-2.131.4 libwebkit2gtk-4_0-37-2.38.5-2.131.4 libwebkit2gtk-4_0-37-32bit-2.38.5-2.131.4 libwebkit2gtk-4_0-37-64bit-2.38.5-2.131.4 libwebkit2gtk3-lang-2.38.5-2.131.4 typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 webkit-jsc-4-2.38.5-2.131.4 webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 webkit2gtk3-devel-2.38.5-2.131.4 webkit2gtk3-minibrowser-2.38.5-2.131.4 libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL webkit2gtk3-devel-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP2-BCL libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP5 libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP5 libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP5 typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP5 typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP5 typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP5 webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server 12 SP5 libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 webkit2gtk3-devel-2.38.5-2.131.4 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud 9 libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud 9 libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud 9 typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud 9 typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud 9 typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud 9 webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud 9 libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud Crowbar 9 libwebkit2gtk-4_0-37-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud Crowbar 9 libwebkit2gtk3-lang-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud Crowbar 9 typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud Crowbar 9 typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud Crowbar 9 typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud Crowbar 9 webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 as a component of SUSE OpenStack Cloud Crowbar 9 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-42826 SUSE Linux Enterprise Server 12 SP2-BCL:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:webkit2gtk3-devel-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 important 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20231681-1/ https://www.suse.com/security/cve/CVE-2022-42826.html CVE-2022-42826 https://bugzilla.suse.com/1207997 SUSE Bug 1207997 https://bugzilla.suse.com/1209330 SUSE Bug 1209330 The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2023-23518 SUSE Linux Enterprise Server 12 SP2-BCL:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:webkit2gtk3-devel-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 important 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20231681-1/ https://www.suse.com/security/cve/CVE-2023-23518.html CVE-2023-23518 https://bugzilla.suse.com/1207997 SUSE Bug 1207997 A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. CVE-2023-23529 SUSE Linux Enterprise Server 12 SP2-BCL:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP2-BCL:webkit2gtk3-devel-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-ESPOS:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP4-LTSS:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP4:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE OpenStack Cloud 9:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud 9:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libjavascriptcoregtk-4_0-18-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libwebkit2gtk-4_0-37-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:libwebkit2gtk3-lang-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-JavaScriptCore-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-WebKit2-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:typelib-1_0-WebKit2WebExtension-4_0-2.38.5-2.131.4 SUSE OpenStack Cloud Crowbar 9:webkit2gtk-4_0-injected-bundles-2.38.5-2.131.4 important 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20231681-1/ https://www.suse.com/security/cve/CVE-2023-23529.html CVE-2023-23529 https://bugzilla.suse.com/1208328 SUSE Bug 1208328