Security update for webkitgtk SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:0915-1 Final 1 1 2016-03-30T14:47:06Z current 2016-03-30T14:47:06Z 2016-03-30T14:47:06Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkitgtk This update for webkitgtk fixes the following issues: - webkitgtk was updated to version 2.4.10 (boo#971460): + Fix rendering of form controls and scrollbars with GTK+ >= 3.19. + Fix crashes on PPC64. + Fix the build on powerpc 32 bits. + Add ARM64 build support. + Security fixes: CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081, CVE-2015-1122, CVE-2015-1155, CVE-2014-1748, CVE-2015-3752, CVE-2015-5809, CVE-2015-5928, CVE-2015-3749, CVE-2015-3659, CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745, CVE-2015-5822, CVE-2015-3658, CVE-2015-3741, CVE-2015-3727, CVE-2015-5801, CVE-2015-5788, CVE-2015-3747, CVE-2015-5794, CVE-2015-1127, CVE-2015-1153, CVE-2015-1083. + Updated translations. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html E-Mail link for openSUSE-SU-2016:0915-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 libjavascriptcoregtk-1_0-0-2.4.10-7.2 libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 libjavascriptcoregtk-3_0-0-2.4.10-7.2 libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 libwebkitgtk-1_0-0-2.4.10-7.2 libwebkitgtk-1_0-0-32bit-2.4.10-7.2 libwebkitgtk-3_0-0-2.4.10-7.2 libwebkitgtk-3_0-0-32bit-2.4.10-7.2 libwebkitgtk-devel-2.4.10-7.2 libwebkitgtk2-lang-2.4.10-7.2 libwebkitgtk3-devel-2.4.10-7.2 libwebkitgtk3-lang-2.4.10-7.2 typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 typelib-1_0-WebKit-1_0-2.4.10-7.2 typelib-1_0-WebKit-3_0-2.4.10-7.2 webkit-jsc-1-2.4.10-7.2 webkit-jsc-3-2.4.10-7.2 webkitgtk-2.4.10-7.2 webkitgtk3-2.4.10-7.2 libjavascriptcoregtk-1_0-0-2.4.10-7.2 as a component of openSUSE Leap 42.1 libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 as a component of openSUSE Leap 42.1 libjavascriptcoregtk-3_0-0-2.4.10-7.2 as a component of openSUSE Leap 42.1 libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk-1_0-0-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk-1_0-0-32bit-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk-3_0-0-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk-3_0-0-32bit-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk-devel-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk2-lang-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk3-devel-2.4.10-7.2 as a component of openSUSE Leap 42.1 libwebkitgtk3-lang-2.4.10-7.2 as a component of openSUSE Leap 42.1 typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 as a component of openSUSE Leap 42.1 typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 as a component of openSUSE Leap 42.1 typelib-1_0-WebKit-1_0-2.4.10-7.2 as a component of openSUSE Leap 42.1 typelib-1_0-WebKit-3_0-2.4.10-7.2 as a component of openSUSE Leap 42.1 webkit-jsc-1-2.4.10-7.2 as a component of openSUSE Leap 42.1 webkit-jsc-3-2.4.10-7.2 as a component of openSUSE Leap 42.1 webkitgtk-2.4.10-7.2 as a component of openSUSE Leap 42.1 webkitgtk3-2.4.10-7.2 as a component of openSUSE Leap 42.1 The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame. CVE-2014-1748 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2014-1748.html CVE-2014-1748 https://bugzilla.suse.com/909707 SUSE Bug 909707 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. CVE-2015-1071 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1071.html CVE-2015-1071 https://bugzilla.suse.com/923223 SUSE Bug 923223 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. CVE-2015-1076 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1076.html CVE-2015-1076 https://bugzilla.suse.com/923223 SUSE Bug 923223 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. CVE-2015-1081 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1081.html CVE-2015-1081 https://bugzilla.suse.com/923223 SUSE Bug 923223 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. CVE-2015-1083 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1083.html CVE-2015-1083 https://bugzilla.suse.com/923223 SUSE Bug 923223 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. CVE-2015-1120 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1120.html CVE-2015-1120 https://bugzilla.suse.com/928380 SUSE Bug 928380 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. CVE-2015-1122 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1122.html CVE-2015-1122 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 https://bugzilla.suse.com/928380 SUSE Bug 928380 https://bugzilla.suse.com/971460 SUSE Bug 971460 The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries. CVE-2015-1127 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1127.html CVE-2015-1127 https://bugzilla.suse.com/928380 SUSE Bug 928380 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154. CVE-2015-1153 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1153.html CVE-2015-1153 https://bugzilla.suse.com/971460 SUSE Bug 971460 The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site. CVE-2015-1155 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-1155.html CVE-2015-1155 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 https://bugzilla.suse.com/971460 SUSE Bug 971460 The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site. CVE-2015-3658 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3658.html CVE-2015-3658 https://bugzilla.suse.com/971460 SUSE Bug 971460 The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. CVE-2015-3659 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3659.html CVE-2015-3659 https://bugzilla.suse.com/936835 SUSE Bug 936835 https://bugzilla.suse.com/936836 SUSE Bug 936836 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site. CVE-2015-3727 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3727.html CVE-2015-3727 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3731 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3731.html CVE-2015-3731 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3741 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3741.html CVE-2015-3741 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3743 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3743.html CVE-2015-3743 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3745 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3745.html CVE-2015-3745 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3747 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3747.html CVE-2015-3747 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3748 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3748.html CVE-2015-3748 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3749 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3749.html CVE-2015-3749 https://bugzilla.suse.com/971460 SUSE Bug 971460 The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request. CVE-2015-3752 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-3752.html CVE-2015-3752 https://bugzilla.suse.com/971460 SUSE Bug 971460 The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element. CVE-2015-5788 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-5788.html CVE-2015-5788 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5794 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-5794.html CVE-2015-5794 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5801 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-5801.html CVE-2015-5801 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5809 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-5809.html CVE-2015-5809 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5822 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-5822.html CVE-2015-5822 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. CVE-2015-5928 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-1_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-3_0-0-32bit-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk2-lang-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-devel-2.4.10-7.2 openSUSE Leap 42.1:libwebkitgtk3-lang-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-1_0-2.4.10-7.2 openSUSE Leap 42.1:typelib-1_0-WebKit-3_0-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-1-2.4.10-7.2 openSUSE Leap 42.1:webkit-jsc-3-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk-2.4.10-7.2 openSUSE Leap 42.1:webkitgtk3-2.4.10-7.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html https://www.suse.com/security/cve/CVE-2015-5928.html CVE-2015-5928 https://bugzilla.suse.com/971460 SUSE Bug 971460