{"id":"SUSE-SU-2023:2607-1","summary":"Security update for webkit2gtk3","details":"This update for webkit2gtk3 fixes the following issues:\n\nAdd security patches (bsc#1211846):                                                            \n                                                                                               \n- CVE-2023-28204: Fixed processing of web content that may disclose sensitive information (bsc#1211659).\n- CVE-2023-32373: Fixed processing of maliciously crafted web content that may lead to arbitrary code execution (bsc#1211658).\n","modified":"2026-02-04T02:43:29.745652Z","published":"2023-06-22T07:51:55Z","related":["CVE-2023-28204","CVE-2023-32373"],"upstream":["CVE-2023-28204","CVE-2023-32373"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20232607-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211658"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211659"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211846"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-28204"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-32373"}],"affected":[{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Real Time 15 SP3","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 15 SP2-LTSS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP2","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Manager Proxy 4.2","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Manager Server 4.2","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Enterprise Storage 7","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"SUSE:Enterprise Storage 7.1","purl":"pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"typelib-1_0-JavaScriptCore-4_0":"2.38.6-150200.75.2","typelib-1_0-WebKit2WebExtension-4_0":"2.38.6-150200.75.2","libwebkit2gtk3-lang":"2.38.6-150200.75.2","webkit2gtk3-devel":"2.38.6-150200.75.2","libjavascriptcoregtk-4_0-18":"2.38.6-150200.75.2","webkit2gtk-4_0-injected-bundles":"2.38.6-150200.75.2","typelib-1_0-WebKit2-4_0":"2.38.6-150200.75.2","libwebkit2gtk-4_0-37":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}},{"package":{"name":"webkit2gtk3","ecosystem":"openSUSE:Leap 15.4","purl":"pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38.6-150200.75.2"}]}],"ecosystem_specific":{"binaries":[{"libwebkit2gtk3-lang":"2.38.6-150200.75.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2607-1.json"}}],"schema_version":"1.7.3"}