{"id":"SUSE-SU-2021:1990-1","summary":"Security update for webkit2gtk3","details":"This update for webkit2gtk3 fixes the following issues:\n\n- Update to version 2.32.1:\n  + Improve handling of Media Capture devices.\n  + Improve WebAudio playback.\n  + Improve video orientation handling.\n  + Improve seeking support for MSE playback.\n  + Improve flush support in EME decryptors.\n  + Fix HTTP status codes for requests done through a custom URI handler.\n  + Fix the Bubblewrap sandbox in certain 32-bit systems.\n  + Fix inconsistencies between the WebKitWebView.is-muted property\n    state and values returned by\n    webkit_web_view_is_playing_audio().\n  + Fix the build with ENABLE_VIDEO=OFF.\n  + Fix wrong timestamps for long-lived cookies.\n  + Fix UI process crash when failing to load favicons.\n  + Fix several crashes and rendering issues.\n- Including Security fixes for: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871,\n    CVE-2020-27918, CVE-2020-29623, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799,\n    CVE-2021-1801, CVE-2021-1870, CVE-2020-13558, CVE-2020-13584, CVE-2020-9983, \n    CVE-2020-13543, CVE-2020-9947, CVE-2020-9948, CVE-2020-9951.\n","modified":"2026-02-04T03:59:15.744625Z","published":"2021-06-17T07:52:17Z","related":["CVE-2020-13543","CVE-2020-13558","CVE-2020-13584","CVE-2020-27918","CVE-2020-29623","CVE-2020-9947","CVE-2020-9948","CVE-2020-9951","CVE-2020-9983","CVE-2021-1765","CVE-2021-1788","CVE-2021-1789","CVE-2021-1799","CVE-2021-1801","CVE-2021-1844","CVE-2021-1870","CVE-2021-1871"],"upstream":["CVE-2020-13543","CVE-2020-13558","CVE-2020-13584","CVE-2020-27918","CVE-2020-29623","CVE-2020-9947","CVE-2020-9948","CVE-2020-9951","CVE-2020-9983","CVE-2021-1765","CVE-2021-1788","CVE-2021-1789","CVE-2021-1799","CVE-2021-1801","CVE-2021-1844","CVE-2021-1870","CVE-2021-1871"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20211990-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1177087"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179122"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179451"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182286"},{"type":"REPORT","url":"https://bugzilla.suse.com/1184155"},{"type":"REPORT","url":"https://bugzilla.suse.com/1184262"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-13543"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-13558"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-13584"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-27918"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-29623"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-9947"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-9948"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-9951"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-9983"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1765"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1788"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1789"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1799"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1801"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1844"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1870"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1871"}],"affected":[{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:HPE Helion OpenStack 8","purl":"pkg:rpm/suse/webkit2gtk3&distro=HPE%20Helion%20OpenStack%208"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:OpenStack Cloud 8","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%208"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:OpenStack Cloud 9","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:OpenStack Cloud Crowbar 8","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:OpenStack Cloud Crowbar 9","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"webkit2gtk3-devel":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","webkit2gtk3-devel":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP3-LTSS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP3-BCL","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP4-LTSS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP5","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32.1-2.63.3"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.32.1-2.63.3","libjavascriptcoregtk-4_0-18":"2.32.1-2.63.3","typelib-1_0-WebKit2-4_0":"2.32.1-2.63.3","webkit2gtk-4_0-injected-bundles":"2.32.1-2.63.3","libwebkit2gtk-4_0-37":"2.32.1-2.63.3","libwebkit2gtk3-lang":"2.32.1-2.63.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.1-2.63.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1990-1.json"}}],"schema_version":"1.7.3"}