Security update for webkit2gtk3 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:3005-1 Final 1 1 2024-08-23T11:28:04Z current 2024-08-23T11:28:04Z 2024-08-23T11:28:04Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkit2gtk3 This update for webkit2gtk3 fixes the following issues: Update to version 2.44.3 (bsc#1228696 bsc#1228697 bsc#1228698): - Fix web process cache suspend/resume when sandbox is enabled. - Fix accelerated images dissapearing after scrolling. - Fix video flickering with DMA-BUF sink. - Fix pointer lock on X11. - Fix movement delta on mouse events in GTK3. - Undeprecate console message API and make it available in 2022 API. - Fix several crashes and rendering issues. - Security fixes: CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2023-40782, CVE-2024-40785, CVE-2024-40789, CVE-2024-40794, CVE-2024-4558. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-3005,SUSE-SLE-SDK-12-SP5-2024-3005,SUSE-SLE-SERVER-12-SP5-2024-3005,SUSE-SLE-WE-12-SP5-2024-3005 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ Link for SUSE-SU-2024:3005-1 https://lists.suse.com/pipermail/sle-updates/2024-August/036666.html E-Mail link for SUSE-SU-2024:3005-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1228613 SUSE Bug 1228613 https://bugzilla.suse.com/1228693 SUSE Bug 1228693 https://bugzilla.suse.com/1228694 SUSE Bug 1228694 https://bugzilla.suse.com/1228695 SUSE Bug 1228695 https://bugzilla.suse.com/1228696 SUSE Bug 1228696 https://bugzilla.suse.com/1228697 SUSE Bug 1228697 https://bugzilla.suse.com/1228698 SUSE Bug 1228698 https://www.suse.com/security/cve/CVE-2023-40782/ SUSE CVE CVE-2023-40782 page https://www.suse.com/security/cve/CVE-2024-40776/ SUSE CVE CVE-2024-40776 page https://www.suse.com/security/cve/CVE-2024-40779/ SUSE CVE CVE-2024-40779 page https://www.suse.com/security/cve/CVE-2024-40780/ SUSE CVE CVE-2024-40780 page https://www.suse.com/security/cve/CVE-2024-40785/ SUSE CVE CVE-2024-40785 page https://www.suse.com/security/cve/CVE-2024-40789/ SUSE CVE CVE-2024-40789 page https://www.suse.com/security/cve/CVE-2024-40794/ SUSE CVE CVE-2024-40794 page https://www.suse.com/security/cve/CVE-2024-4558/ SUSE CVE CVE-2024-4558 page SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 libjavascriptcoregtk-4_0-18-64bit-2.44.3-4.12.1 libwebkit2gtk-4_0-37-2.44.3-4.12.1 libwebkit2gtk-4_0-37-32bit-2.44.3-4.12.1 libwebkit2gtk-4_0-37-64bit-2.44.3-4.12.1 libwebkit2gtk3-lang-2.44.3-4.12.1 typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 webkit-jsc-4-2.44.3-4.12.1 webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 webkit2gtk3-devel-2.44.3-4.12.1 webkit2gtk3-minibrowser-2.44.3-4.12.1 libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server 12 SP5 libwebkit2gtk-4_0-37-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server 12 SP5 libwebkit2gtk3-lang-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server 12 SP5 typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server 12 SP5 typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server 12 SP5 typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server 12 SP5 webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server 12 SP5 libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libwebkit2gtk-4_0-37-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libwebkit2gtk3-lang-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 webkit2gtk3-devel-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2023-40782 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2023-40782.html CVE-2023-40782 A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-40776 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2024-40776.html CVE-2024-40776 https://bugzilla.suse.com/1228613 SUSE Bug 1228613 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-40779 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2024-40779.html CVE-2024-40779 https://bugzilla.suse.com/1228693 SUSE Bug 1228693 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-40780 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 not set To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2024-40780.html CVE-2024-40780 https://bugzilla.suse.com/1228694 SUSE Bug 1228694 This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack. CVE-2024-40785 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2024-40785.html CVE-2024-40785 https://bugzilla.suse.com/1228696 SUSE Bug 1228696 An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-40789 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2024-40789.html CVE-2024-40789 https://bugzilla.suse.com/1228697 SUSE Bug 1228697 This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication. CVE-2024-40794 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2024-40794.html CVE-2024-40794 https://bugzilla.suse.com/1228698 SUSE Bug 1228698 Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-4558 SUSE Linux Enterprise Server 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libjavascriptcoregtk-4_0-18-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk-4_0-37-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebkit2gtk3-lang-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:webkit2gtk-4_0-injected-bundles-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.44.3-4.12.1 SUSE Linux Enterprise Software Development Kit 12 SP5:webkit2gtk3-devel-2.44.3-4.12.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libjavascriptcoregtk-4_0-18-32bit-2.44.3-4.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243005-1/ https://www.suse.com/security/cve/CVE-2024-4558.html CVE-2024-4558 https://bugzilla.suse.com/1224045 SUSE Bug 1224045