Security update for webkit2gtk3 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:0761-1 Final 1 1 2016-03-15T08:26:49Z current 2016-03-15T08:26:49Z 2016-03-15T08:26:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkit2gtk3 This update for webkit2gtk3 fixes the following issues: - Update to version 2.10.7: + Fix the build with GTK+ < 3.16. - Changes from version 2.10.6: + Fix a deadlock in the Web Process when JavaScript garbage collector was running for a web worker thread that made google maps to hang. + Fix media controls displaying without controls attribute. + Fix a Web Process crash when quickly attempting many DnD operations. - Changes from version 2.10.5: + Disable DNS prefetch when a proxy is configured. + Reduce the maximum simultaneous network connections to match other browsers. + Make WebKitWebView always propagate motion-notify-event signal. + Add a way to force accelerating compositing mode at runtime using an environment variable. + Fix input elements and scrollbars rendering with GTK+ 3.19. + Fix rendering of lines when using solid colors. + Fix UI process crashes related to not having a main resource response when the load is committed for pages restored from the history cache. + Fix a WebProcess crash when loading large contents with custom URI schemes API. + Fix a crash in the UI process when the WebView is destroyed while the screensaver DBus proxy is being created. + Fix WebProcess crashes due to BadDrawable X errors in accelerated compositing mode. + Fix crashes on PPC64 due to mprotect() on address not aligned to the page size. + Fix std::bad_function_call exception raised in dispatchDecidePolicyForNavigationAction. + Fix downloads of data URLs. + Fix runtime critical warnings when closing a page containing windowed plugins. + Fix several crashes and rendering issues. + Translation updates: French, German, Italian, Turkish. + Security fixes: CVE-2015-7096, CVE-2015-7098. - Update to version 2.10.4, notable changes: + New HTTP disk cache for the Network Process. + New Web Inspector UI. + Automatic ScreenServer inhibition when playing fullscreen videos. + Initial Editor API. + Performance improvements. - This update addresses the following security issues: CVE-2015-1122, CVE-2015-1152, CVE-2015-1155, CVE-2015-3660, CVE-2015-3730, CVE-2015-3738, CVE-2015-3740, CVE-2015-3742, CVE-2015-3744, CVE-2015-3746, CVE-2015-3750, CVE-2015-3751, CVE-2015-3754, CVE-2015-3755, CVE-2015-5804, CVE-2015-5805, CVE-2015-5807, CVE-2015-5810, CVE-2015-5813, CVE-2015-5814, CVE-2015-5815, CVE-2015-5817, CVE-2015-5818, CVE-2015-5825, CVE-2015-5827, CVE-2015-5828, CVE-2015-5929, CVE-2015-5930, CVE-2015-5931, CVE-2015-7002, CVE-2015-7013, CVE-2015-7014, CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7102, CVE-2015-7103, CVE-2015-7104 - Add BuildRequires: hyphen-devel to pick up hyphenation support. Note this is broken upstream. - Build with -DENABLE_DATABASE_PROCESS=OFF and -DENABLE_INDEXED_DATABASE=OFF to avoid an issue with GCC 4.8. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html E-Mail link for openSUSE-SU-2016:0761-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 libjavascriptcoregtk-4_0-18-2.10.7-7.1 libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 libwebkit2gtk-4_0-37-2.10.7-7.1 libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 libwebkit2gtk3-lang-2.10.7-7.1 typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 typelib-1_0-WebKit2-4_0-2.10.7-7.1 typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 webkit-jsc-4-2.10.7-7.1 webkit2gtk-4_0-injected-bundles-2.10.7-7.1 webkit2gtk3-2.10.7-7.1 webkit2gtk3-devel-2.10.7-7.1 libjavascriptcoregtk-4_0-18-2.10.7-7.1 as a component of openSUSE Leap 42.1 libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 as a component of openSUSE Leap 42.1 libwebkit2gtk-4_0-37-2.10.7-7.1 as a component of openSUSE Leap 42.1 libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 as a component of openSUSE Leap 42.1 libwebkit2gtk3-lang-2.10.7-7.1 as a component of openSUSE Leap 42.1 typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 as a component of openSUSE Leap 42.1 typelib-1_0-WebKit2-4_0-2.10.7-7.1 as a component of openSUSE Leap 42.1 typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 as a component of openSUSE Leap 42.1 webkit-jsc-4-2.10.7-7.1 as a component of openSUSE Leap 42.1 webkit2gtk-4_0-injected-bundles-2.10.7-7.1 as a component of openSUSE Leap 42.1 webkit2gtk3-2.10.7-7.1 as a component of openSUSE Leap 42.1 webkit2gtk3-devel-2.10.7-7.1 as a component of openSUSE Leap 42.1 WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. CVE-2015-1122 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-1122.html CVE-2015-1122 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 https://bugzilla.suse.com/928380 SUSE Bug 928380 https://bugzilla.suse.com/971460 SUSE Bug 971460 WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154. CVE-2015-1152 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-1152.html CVE-2015-1152 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site. CVE-2015-1155 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-1155.html CVE-2015-1155 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 https://bugzilla.suse.com/971460 SUSE Bug 971460 Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content. CVE-2015-3660 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3660.html CVE-2015-3660 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3730 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3730.html CVE-2015-3730 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3738 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3738.html CVE-2015-3738 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3740 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3740.html CVE-2015-3740 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3742 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3742.html CVE-2015-3742 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3744 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3744.html CVE-2015-3744 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. CVE-2015-3746 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3746.html CVE-2015-3746 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requests, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof a report by modifying the client-server data stream. CVE-2015-3750 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3750.html CVE-2015-3750 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element. CVE-2015-3751 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3751.html CVE-2015-3751 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 The private-browsing implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials, which makes it easier for remote attackers to track users via a crafted web site. CVE-2015-3754 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3754.html CVE-2015-3754 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL. CVE-2015-3755 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-3755.html CVE-2015-3755 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5804 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5804.html CVE-2015-5804 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5805 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5805.html CVE-2015-5805 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5807 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5807.html CVE-2015-5807 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5810 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5810.html CVE-2015-5810 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5813 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5813.html CVE-2015-5813 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5814 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5814.html CVE-2015-5814 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3. CVE-2015-5815 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5815.html CVE-2015-5815 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5817 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5817.html CVE-2015-5817 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. CVE-2015-5818 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5818.html CVE-2015-5818 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code. CVE-2015-5825 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5825.html CVE-2015-5825 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event. CVE-2015-5827 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5827.html CVE-2015-5827 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site. CVE-2015-5828 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5828.html CVE-2015-5828 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. CVE-2015-5929 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5929.html CVE-2015-5929 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. CVE-2015-5930 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5930.html CVE-2015-5930 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. CVE-2015-5931 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-5931.html CVE-2015-5931 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. CVE-2015-7002 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7002.html CVE-2015-7002 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. CVE-2015-7013 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7013.html CVE-2015-7013 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. CVE-2015-7014 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7014.html CVE-2015-7014 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. CVE-2015-7048 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7048.html CVE-2015-7048 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. CVE-2015-7095 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7095.html CVE-2015-7095 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. CVE-2015-7096 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7096.html CVE-2015-7096 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. CVE-2015-7097 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7097.html CVE-2015-7097 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. CVE-2015-7098 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7098.html CVE-2015-7098 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. CVE-2015-7099 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7099.html CVE-2015-7099 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. CVE-2015-7100 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7100.html CVE-2015-7100 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7103. CVE-2015-7102 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7102.html CVE-2015-7102 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7102. CVE-2015-7103 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7103.html CVE-2015-7103 https://bugzilla.suse.com/1082221 SUSE Bug 1082221 WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2015-7104 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-2.10.7-7.1 openSUSE Leap 42.1:libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk-4_0-37-32bit-2.10.7-7.1 openSUSE Leap 42.1:libwebkit2gtk3-lang-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2-4_0-2.10.7-7.1 openSUSE Leap 42.1:typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1 openSUSE Leap 42.1:webkit-jsc-4-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk-4_0-injected-bundles-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-2.10.7-7.1 openSUSE Leap 42.1:webkit2gtk3-devel-2.10.7-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html https://www.suse.com/security/cve/CVE-2015-7104.html CVE-2015-7104 https://bugzilla.suse.com/1082221 SUSE Bug 1082221