Bugzilla – Bug 1119553
VUL-0: CVE-2018-4437: webkit2gtk3: multiple memory corruption issues were addressed with improved memory handling (WSA-2018-0009)
Last modified: 2019-10-18 18:49:14 UTC
https://webkitgtk.org/security/WSA-2018-0009.html WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0009 Date Reported: December 13, 2018 CVE-2018-4437 - Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before 2.22.3. - Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea. - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.
SUSE-SU-2019:0146-1: An update that fixes 6 vulnerabilities is now available. Category: security (important) Bug References: 1119553,1119554,1119555,1119556,1119557,1119558 CVE References: CVE-2018-4437,CVE-2018-4438,CVE-2018-4441,CVE-2018-4442,CVE-2018-4443,CVE-2018-4464 Sources used: SUSE OpenStack Cloud 7 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Workstation Extension 12-SP4 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Workstation Extension 12-SP3 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Server for SAP 12-SP2 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Server 12-SP4 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Server 12-SP3 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Server 12-SP2-LTSS (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Server 12-SP2-BCL (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Desktop 12-SP4 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Linux Enterprise Desktop 12-SP3 (src): webkit2gtk3-2.22.5-2.32.2 SUSE Enterprise Storage 4 (src): webkit2gtk3-2.22.5-2.32.2
openSUSE-SU-2019:0108-1: An update that fixes 6 vulnerabilities is now available. Category: security (important) Bug References: 1119553,1119554,1119555,1119556,1119557,1119558 CVE References: CVE-2018-4437,CVE-2018-4438,CVE-2018-4441,CVE-2018-4442,CVE-2018-4443,CVE-2018-4464 Sources used: openSUSE Leap 42.3 (src): webkit2gtk3-2.22.5-18.1
SUSE-SU-2019:0497-1: An update that fixes 15 vulnerabilities is now available. Category: security (moderate) Bug References: 1119553,1119554,1119555,1119556,1119557,1119558 CVE References: CVE-2018-4437,CVE-2018-4438,CVE-2018-4441,CVE-2018-4442,CVE-2018-4443,CVE-2018-4464,CVE-2019-6212,CVE-2019-6215,CVE-2019-6216,CVE-2019-6217,CVE-2019-6226,CVE-2019-6227,CVE-2019-6229,CVE-2019-6233,CVE-2019-6234 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): webkit2gtk3-2.22.6-3.18.2 SUSE Linux Enterprise Module for Desktop Applications 15 (src): webkit2gtk3-2.22.6-3.18.2 SUSE Linux Enterprise Module for Basesystem 15 (src): webkit2gtk3-2.22.6-3.18.2
openSUSE-SU-2019:0308-1: An update that fixes 15 vulnerabilities is now available. Category: security (moderate) Bug References: 1119553,1119554,1119555,1119556,1119557,1119558,1124937 CVE References: CVE-2018-4437,CVE-2018-4438,CVE-2018-4441,CVE-2018-4442,CVE-2018-4443,CVE-2018-4464,CVE-2019-6212,CVE-2019-6215,CVE-2019-6216,CVE-2019-6217,CVE-2019-6226,CVE-2019-6227,CVE-2019-6229,CVE-2019-6233,CVE-2019-6234 Sources used: openSUSE Leap 15.0 (src): webkit2gtk3-2.22.6-lp150.2.12.1
released