{"id":"SUSE-SU-2023:2606-1","summary":"Security update for webkit2gtk3","details":"This update for webkit2gtk3 fixes the following issues:\n\nAdd security patches (bsc#1211846):                                                            \n                                                                                               \n- CVE-2023-28204: Fixed processing of web content that may disclose sensitive information (bsc#1211659).\n- CVE-2023-32373: Fixed processing of maliciously crafted web content that may lead to arbitrary code execution (bsc#1211658).\n","modified":"2026-02-04T03:20:30.058203Z","published":"2023-06-22T07:50:36Z","related":["CVE-2023-28204","CVE-2023-32373"],"upstream":["CVE-2023-28204","CVE-2023-32373"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20232606-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211658"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211659"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211846"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-28204"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-32373"}],"affected":[{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:OpenStack Cloud 9","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:OpenStack Cloud Crowbar 9","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"webkit2gtk3-devel":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"webkit2gtk3-devel":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP4-ESPOS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP4-LTSS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 12 SP5","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-2.139.1"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-2.139.1","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-2.139.1","typelib-1_0-WebKit2-4_0":"2.38.6-2.139.1","typelib-1_0-JavaScriptCore-4_0":"2.38.6-2.139.1","libwebkit2gtk-4_0-37":"2.38.6-2.139.1","webkit2gtk-4_0-injected-bundles":"2.38.6-2.139.1","libjavascriptcoregtk-4_0-18":"2.38.6-2.139.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2606-1.json"}}],"schema_version":"1.7.3"}