Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2021.1990.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2021:1990-1)
Summary:The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2021:1990-1 advisory.
Description:Summary:
The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2021:1990-1 advisory.

Vulnerability Insight:
This update for webkit2gtk3 fixes the following issues:

Update to version 2.32.1:
+ Improve handling of Media Capture devices.
+ Improve WebAudio playback.
+ Improve video orientation handling.
+ Improve seeking support for MSE playback.
+ Improve flush support in EME decryptors.
+ Fix HTTP status codes for requests done through a custom URI handler.
+ Fix the Bubblewrap sandbox in certain 32-bit systems.
+ Fix inconsistencies between the WebKitWebView.is-muted property state
and values returned by webkit_web_view_is_playing_audio().
+ Fix the build with ENABLE_VIDEO=OFF.
+ Fix wrong timestamps for long-lived cookies.
+ Fix UI process crash when failing to load favicons.
+ Fix several crashes and rendering issues.

Including Security fixes for: CVE-2021-1788, CVE-2021-1844,
CVE-2021-1871, CVE-2020-27918, CVE-2020-29623, CVE-2021-1765,
CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870,
CVE-2020-13558, CVE-2020-13584, CVE-2020-9983, CVE-2020-13543,
CVE-2020-9947, CVE-2020-9948, CVE-2020-9951.

Affected Software/OS:
'webkit2gtk3' package(s) on HPE Helion Openstack 8, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-9947
https://security.gentoo.org/glsa/202104-03
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211845
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
http://www.openwall.com/lists/oss-security/2021/03/22/1
Common Vulnerability Exposure (CVE) ID: CVE-2020-9948
Debian Security Information: DSA-4797 (Google Search)
https://www.debian.org/security/2020/dsa-4797
http://seclists.org/fulldisclosure/2020/Nov/18
https://security.gentoo.org/glsa/202012-10
https://support.apple.com/HT211845
http://www.openwall.com/lists/oss-security/2020/11/23/3
Common Vulnerability Exposure (CVE) ID: CVE-2020-9951
http://seclists.org/fulldisclosure/2020/Nov/20
http://seclists.org/fulldisclosure/2020/Nov/19
http://seclists.org/fulldisclosure/2020/Nov/22
Common Vulnerability Exposure (CVE) ID: CVE-2020-9983
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDGBNKYT7NMW7CJ26YFUPUHPJVYGV7IQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BY2OBQZFMEFZOSWXPXHPEHOJXXILEEX2/
Common Vulnerability Exposure (CVE) ID: CVE-2021-1765
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU/
https://support.apple.com/en-us/HT212147
Common Vulnerability Exposure (CVE) ID: CVE-2021-1788
Debian Security Information: DSA-4923 (Google Search)
https://www.debian.org/security/2021/dsa-4923
https://support.apple.com/en-us/HT212146
https://support.apple.com/en-us/HT212148
https://support.apple.com/en-us/HT212149
https://support.apple.com/en-us/HT212152
Common Vulnerability Exposure (CVE) ID: CVE-2021-1789
Common Vulnerability Exposure (CVE) ID: CVE-2021-1799
Common Vulnerability Exposure (CVE) ID: CVE-2021-1801
Common Vulnerability Exposure (CVE) ID: CVE-2021-1844
http://seclists.org/fulldisclosure/2021/Apr/55
https://support.apple.com/en-us/HT212220
https://support.apple.com/en-us/HT212221
https://support.apple.com/en-us/HT212222
https://support.apple.com/en-us/HT212223
Common Vulnerability Exposure (CVE) ID: CVE-2021-1870
Common Vulnerability Exposure (CVE) ID: CVE-2021-1871
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.