Security update for webkit2gtk3 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:1064-1 Final 1 1 2020-07-26T10:20:38Z current 2020-07-26T10:20:38Z 2020-07-26T10:20:38Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkit2gtk3 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 (bsc#1173998): + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753. This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-1064 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ E-Mail link for openSUSE-SU-2020:1064-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1173998 SUSE Bug 1173998 https://www.suse.com/security/cve/CVE-2020-13753/ SUSE CVE CVE-2020-13753 page https://www.suse.com/security/cve/CVE-2020-9802/ SUSE CVE CVE-2020-9802 page https://www.suse.com/security/cve/CVE-2020-9803/ SUSE CVE CVE-2020-9803 page https://www.suse.com/security/cve/CVE-2020-9805/ SUSE CVE CVE-2020-9805 page https://www.suse.com/security/cve/CVE-2020-9806/ SUSE CVE CVE-2020-9806 page https://www.suse.com/security/cve/CVE-2020-9807/ SUSE CVE CVE-2020-9807 page https://www.suse.com/security/cve/CVE-2020-9843/ SUSE CVE CVE-2020-9843 page https://www.suse.com/security/cve/CVE-2020-9850/ SUSE CVE CVE-2020-9850 page openSUSE Leap 15.1 libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 webkit-jsc-4-2.28.3-lp151.2.21.1 webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 webkit2gtk3-devel-2.28.3-lp151.2.21.1 webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 webkit-jsc-4-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 webkit2gtk3-devel-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 as a component of openSUSE Leap 15.1 The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226. CVE-2020-13753 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-13753.html CVE-2020-13753 https://bugzilla.suse.com/1173998 SUSE Bug 1173998 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9802 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-9802.html CVE-2020-9802 https://bugzilla.suse.com/1173998 SUSE Bug 1173998 A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9803 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-9803.html CVE-2020-9803 https://bugzilla.suse.com/1173998 SUSE Bug 1173998 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2020-9805 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 important 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-9805.html CVE-2020-9805 https://bugzilla.suse.com/1173998 SUSE Bug 1173998 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9806 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-9806.html CVE-2020-9806 https://bugzilla.suse.com/1173998 SUSE Bug 1173998 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9807 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-9807.html CVE-2020-9807 https://bugzilla.suse.com/1173998 SUSE Bug 1173998 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. CVE-2020-9843 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 important 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-9843.html CVE-2020-9843 https://bugzilla.suse.com/1173998 SUSE Bug 1173998 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. CVE-2020-9850 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libjavascriptcoregtk-4_0-18-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk-4_0-37-32bit-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:libwebkit2gtk3-lang-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-JavaScriptCore-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:typelib-1_0-WebKit2WebExtension-4_0-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit-jsc-4-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk-4_0-injected-bundles-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-devel-2.28.3-lp151.2.21.1 openSUSE Leap 15.1:webkit2gtk3-minibrowser-2.28.3-lp151.2.21.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND4YI5SEPKTGBXP5QOCJIWYUALJWMVUK/ https://www.suse.com/security/cve/CVE-2020-9850.html CVE-2020-9850 https://bugzilla.suse.com/1173998 SUSE Bug 1173998