Security update for webkit2gtk3 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2991-1 Final 1 1 2017-11-10T13:25:29Z current 2017-11-10T13:25:29Z 2017-11-10T13:25:29Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkit2gtk3 This update for webkit2gtk3 to version 2.18.0 fixes the following issues: These security issues were fixed: - CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7018: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7030: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7037: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7034: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7055: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7056: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7064: An issue was fixed that allowed remote attackers to bypass intended memory-read restrictions via a crafted app (bsc#1050469). - CVE-2017-7061: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7048: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-7046: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1050469). - CVE-2017-2538: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1045460) - CVE-2017-2496: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. - CVE-2017-2539: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. - CVE-2017-2510: An issue was fixed that allowed remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with pageshow events. - CVE-2017-2365: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749) - CVE-2017-2366: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749) - CVE-2017-2373: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749) - CVE-2017-2363: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749) - CVE-2017-2362: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749) - CVE-2017-2350: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749) - CVE-2017-2350: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749) - CVE-2017-2354: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749). - CVE-2017-2355: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site (bsc#1024749) - CVE-2017-2356: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749) - CVE-2017-2371: An issue was fixed that allowed remote attackers to launch popups via a crafted web site (bsc#1024749) - CVE-2017-2364: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site (bsc#1024749) - CVE-2017-2369: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1024749) - CVE-2016-7656: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7635: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7654: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7639: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7645: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7652: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7641: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7632: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7599: An issue was fixed that allowed remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that used HTTP redirects (bsc#1020950) - CVE-2016-7592: An issue was fixed that allowed remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site (bsc#1020950) - CVE-2016-7589: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site (bsc#1020950) - CVE-2016-7623: An issue was fixed that allowed remote attackers to obtain sensitive information via a blob URL on a web site (bsc#1020950) - CVE-2016-7586: An issue was fixed that allowed remote attackers to obtain sensitive information via a crafted web site (bsc#1020950) For other non-security fixes please check the changelog. This update was imported from the SUSE:SLE-12-SP2:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html E-Mail link for openSUSE-SU-2017:2991-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 libjavascriptcoregtk-4_0-18-2.18.0-5.1 libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 libwebkit2gtk-4_0-37-2.18.0-5.1 libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 libwebkit2gtk3-lang-2.18.0-5.1 typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 typelib-1_0-WebKit2-4_0-2.18.0-5.1 typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 webkit-jsc-4-2.18.0-5.1 webkit2gtk-4_0-injected-bundles-2.18.0-5.1 webkit2gtk3-2.18.0-5.1 webkit2gtk3-devel-2.18.0-5.1 webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 libjavascriptcoregtk-4_0-18-2.18.0-5.1 as a component of openSUSE Leap 42.2 libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 as a component of openSUSE Leap 42.2 libwebkit2gtk-4_0-37-2.18.0-5.1 as a component of openSUSE Leap 42.2 libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 as a component of openSUSE Leap 42.2 libwebkit2gtk3-lang-2.18.0-5.1 as a component of openSUSE Leap 42.2 typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 as a component of openSUSE Leap 42.2 typelib-1_0-WebKit2-4_0-2.18.0-5.1 as a component of openSUSE Leap 42.2 typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 as a component of openSUSE Leap 42.2 webkit-jsc-4-2.18.0-5.1 as a component of openSUSE Leap 42.2 webkit2gtk-4_0-injected-bundles-2.18.0-5.1 as a component of openSUSE Leap 42.2 webkit2gtk3-2.18.0-5.1 as a component of openSUSE Leap 42.2 webkit2gtk3-devel-2.18.0-5.1 as a component of openSUSE Leap 42.2 webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 as a component of openSUSE Leap 42.2 libjavascriptcoregtk-4_0-18-2.18.0-5.1 as a component of openSUSE Leap 42.3 libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 as a component of openSUSE Leap 42.3 libwebkit2gtk-4_0-37-2.18.0-5.1 as a component of openSUSE Leap 42.3 libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 as a component of openSUSE Leap 42.3 libwebkit2gtk3-lang-2.18.0-5.1 as a component of openSUSE Leap 42.3 typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 as a component of openSUSE Leap 42.3 typelib-1_0-WebKit2-4_0-2.18.0-5.1 as a component of openSUSE Leap 42.3 typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 as a component of openSUSE Leap 42.3 webkit-jsc-4-2.18.0-5.1 as a component of openSUSE Leap 42.3 webkit2gtk-4_0-injected-bundles-2.18.0-5.1 as a component of openSUSE Leap 42.3 webkit2gtk3-2.18.0-5.1 as a component of openSUSE Leap 42.3 webkit2gtk3-devel-2.18.0-5.1 as a component of openSUSE Leap 42.3 webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 as a component of openSUSE Leap 42.3 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site. CVE-2016-7586 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7586.html CVE-2016-7586 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7589 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7589.html CVE-2016-7589 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site. CVE-2016-7592 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7592.html CVE-2016-7592 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP redirects. CVE-2016-7599 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7599.html CVE-2016-7599 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a blob URL on a web site. CVE-2016-7623 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7623.html CVE-2016-7623 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7632 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7632.html CVE-2016-7632 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7635 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7635.html CVE-2016-7635 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7639 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7639.html CVE-2016-7639 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7641 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7641.html CVE-2016-7641 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7645 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7645.html CVE-2016-7645 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7652 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7652.html CVE-2016-7652 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7654 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7654.html CVE-2016-7654 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2016-7656 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2016-7656.html CVE-2016-7656 https://bugzilla.suse.com/1020950 SUSE Bug 1020950 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. CVE-2017-2350 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2350.html CVE-2017-2350 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2354 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2354.html CVE-2017-2354 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site. CVE-2017-2355 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2355.html CVE-2017-2355 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2356 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2356.html CVE-2017-2356 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2362 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2362.html CVE-2017-2362 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. CVE-2017-2363 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2363.html CVE-2017-2363 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. CVE-2017-2364 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2364.html CVE-2017-2364 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. CVE-2017-2365 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2365.html CVE-2017-2365 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2366 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2366.html CVE-2017-2366 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2369 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2369.html CVE-2017-2369 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site. CVE-2017-2371 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2371.html CVE-2017-2371 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2373 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2373.html CVE-2017-2373 https://bugzilla.suse.com/1024749 SUSE Bug 1024749 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2496 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2496.html CVE-2017-2496 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with pageshow events. CVE-2017-2510 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2510.html CVE-2017-2510 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2538 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2538.html CVE-2017-2538 https://bugzilla.suse.com/1045460 SUSE Bug 1045460 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-2539 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-2539.html CVE-2017-2539 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7018 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7018.html CVE-2017-7018 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7030 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7030.html CVE-2017-7030 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7034 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7034.html CVE-2017-7034 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7037 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7037.html CVE-2017-7037 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7039 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7039.html CVE-2017-7039 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7046 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7046.html CVE-2017-7046 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7048 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7048.html CVE-2017-7048 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7055 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7055.html CVE-2017-7055 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7056 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7056.html CVE-2017-7056 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7061 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7061.html CVE-2017-7061 https://bugzilla.suse.com/1050469 SUSE Bug 1050469 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. CVE-2017-7064 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.2:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.2:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.2:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.2:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.2:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-2.18.0-5.1 openSUSE Leap 42.3:libjavascriptcoregtk-4_0-18-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk-4_0-37-32bit-2.18.0-5.1 openSUSE Leap 42.3:libwebkit2gtk3-lang-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-JavaScriptCore-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2-4_0-2.18.0-5.1 openSUSE Leap 42.3:typelib-1_0-WebKit2WebExtension-4_0-2.18.0-5.1 openSUSE Leap 42.3:webkit-jsc-4-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk-4_0-injected-bundles-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-devel-2.18.0-5.1 openSUSE Leap 42.3:webkit2gtk3-plugin-process-gtk2-2.18.0-5.1 critical 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00019.html https://www.suse.com/security/cve/CVE-2017-7064.html CVE-2017-7064 https://bugzilla.suse.com/1050469 SUSE Bug 1050469