Security update for webkit2gtk3 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:2587-1 Final 1 1 2019-11-30T15:15:57Z current 2019-11-30T15:15:57Z 2019-11-30T15:15:57Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkit2gtk3 This update for webkit2gtk3 to version 2.26.2 fixes the following issues: Webkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and WSA-2019-0006, bsc#1155321 bsc#1156318) Security issues addressed: - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8674: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8707: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8719: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8720: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8726: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8733: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8735: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8763: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8768: Fixed an issue where a user may be unable to delete browsing history items. - CVE-2019-8769: Fixed an issue where a maliciously crafted website may reveal browsing history. - CVE-2019-8771: Fixed an issue where a maliciously crafted web content may violate iframe sandboxing policy. - CVE-2019-8710: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8743: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8764: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8765: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8766: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8782: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8783: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8808: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8811: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8812: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8813: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8814: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8815: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8816: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8819: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8820: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8821: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8822: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8823: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution. This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-2587 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK E-Mail link for openSUSE-SU-2019:2587-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1155321 SUSE Bug 1155321 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 https://www.suse.com/security/cve/CVE-2019-8551/ SUSE CVE CVE-2019-8551 page https://www.suse.com/security/cve/CVE-2019-8558/ SUSE CVE CVE-2019-8558 page https://www.suse.com/security/cve/CVE-2019-8559/ SUSE CVE CVE-2019-8559 page https://www.suse.com/security/cve/CVE-2019-8563/ SUSE CVE CVE-2019-8563 page https://www.suse.com/security/cve/CVE-2019-8625/ SUSE CVE CVE-2019-8625 page https://www.suse.com/security/cve/CVE-2019-8674/ SUSE CVE CVE-2019-8674 page https://www.suse.com/security/cve/CVE-2019-8681/ SUSE CVE CVE-2019-8681 page https://www.suse.com/security/cve/CVE-2019-8684/ SUSE CVE CVE-2019-8684 page https://www.suse.com/security/cve/CVE-2019-8686/ SUSE CVE CVE-2019-8686 page https://www.suse.com/security/cve/CVE-2019-8687/ SUSE CVE CVE-2019-8687 page https://www.suse.com/security/cve/CVE-2019-8688/ SUSE CVE CVE-2019-8688 page https://www.suse.com/security/cve/CVE-2019-8689/ SUSE CVE CVE-2019-8689 page https://www.suse.com/security/cve/CVE-2019-8690/ SUSE CVE CVE-2019-8690 page https://www.suse.com/security/cve/CVE-2019-8707/ SUSE CVE CVE-2019-8707 page https://www.suse.com/security/cve/CVE-2019-8710/ SUSE CVE CVE-2019-8710 page https://www.suse.com/security/cve/CVE-2019-8719/ SUSE CVE CVE-2019-8719 page https://www.suse.com/security/cve/CVE-2019-8720/ SUSE CVE CVE-2019-8720 page https://www.suse.com/security/cve/CVE-2019-8726/ SUSE CVE CVE-2019-8726 page https://www.suse.com/security/cve/CVE-2019-8733/ SUSE CVE CVE-2019-8733 page https://www.suse.com/security/cve/CVE-2019-8735/ SUSE CVE CVE-2019-8735 page https://www.suse.com/security/cve/CVE-2019-8743/ SUSE CVE CVE-2019-8743 page https://www.suse.com/security/cve/CVE-2019-8763/ SUSE CVE CVE-2019-8763 page https://www.suse.com/security/cve/CVE-2019-8764/ SUSE CVE CVE-2019-8764 page https://www.suse.com/security/cve/CVE-2019-8765/ SUSE CVE CVE-2019-8765 page https://www.suse.com/security/cve/CVE-2019-8766/ SUSE CVE CVE-2019-8766 page https://www.suse.com/security/cve/CVE-2019-8768/ SUSE CVE CVE-2019-8768 page https://www.suse.com/security/cve/CVE-2019-8769/ SUSE CVE CVE-2019-8769 page https://www.suse.com/security/cve/CVE-2019-8771/ SUSE CVE CVE-2019-8771 page https://www.suse.com/security/cve/CVE-2019-8782/ SUSE CVE CVE-2019-8782 page https://www.suse.com/security/cve/CVE-2019-8783/ SUSE CVE CVE-2019-8783 page https://www.suse.com/security/cve/CVE-2019-8808/ SUSE CVE CVE-2019-8808 page https://www.suse.com/security/cve/CVE-2019-8811/ SUSE CVE CVE-2019-8811 page https://www.suse.com/security/cve/CVE-2019-8812/ SUSE CVE CVE-2019-8812 page https://www.suse.com/security/cve/CVE-2019-8813/ SUSE CVE CVE-2019-8813 page https://www.suse.com/security/cve/CVE-2019-8814/ SUSE CVE CVE-2019-8814 page https://www.suse.com/security/cve/CVE-2019-8815/ SUSE CVE CVE-2019-8815 page https://www.suse.com/security/cve/CVE-2019-8816/ SUSE CVE CVE-2019-8816 page https://www.suse.com/security/cve/CVE-2019-8819/ SUSE CVE CVE-2019-8819 page https://www.suse.com/security/cve/CVE-2019-8820/ SUSE CVE CVE-2019-8820 page https://www.suse.com/security/cve/CVE-2019-8821/ SUSE CVE CVE-2019-8821 page https://www.suse.com/security/cve/CVE-2019-8822/ SUSE CVE CVE-2019-8822 page https://www.suse.com/security/cve/CVE-2019-8823/ SUSE CVE CVE-2019-8823 page openSUSE Leap 15.0 libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 webkit-jsc-4-2.26.2-lp150.2.28.1 webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 webkit2gtk3-devel-2.26.2-lp150.2.28.1 webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 webkit-jsc-4-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 webkit2gtk3-devel-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 as a component of openSUSE Leap 15.0 A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8551 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8551.html CVE-2019-8551 https://bugzilla.suse.com/1132256 SUSE Bug 1132256 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8558 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8558.html CVE-2019-8558 https://bugzilla.suse.com/1132256 SUSE Bug 1132256 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8559 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8559.html CVE-2019-8559 https://bugzilla.suse.com/1132256 SUSE Bug 1132256 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8563 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8563.html CVE-2019-8563 https://bugzilla.suse.com/1132256 SUSE Bug 1132256 A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8625 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8625.html CVE-2019-8625 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8674 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8674.html CVE-2019-8674 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8681 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8681.html CVE-2019-8681 https://bugzilla.suse.com/1148931 SUSE Bug 1148931 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8684 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8684.html CVE-2019-8684 https://bugzilla.suse.com/1148931 SUSE Bug 1148931 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8686 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8686.html CVE-2019-8686 https://bugzilla.suse.com/1148931 SUSE Bug 1148931 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8687 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8687.html CVE-2019-8687 https://bugzilla.suse.com/1148931 SUSE Bug 1148931 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8688 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8688.html CVE-2019-8688 https://bugzilla.suse.com/1148931 SUSE Bug 1148931 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8689 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8689.html CVE-2019-8689 https://bugzilla.suse.com/1148931 SUSE Bug 1148931 A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8690 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8690.html CVE-2019-8690 https://bugzilla.suse.com/1148931 SUSE Bug 1148931 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8707 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8707.html CVE-2019-8707 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8710 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8710.html CVE-2019-8710 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8719 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8719.html CVE-2019-8719 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. CVE-2019-8720 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8720.html CVE-2019-8720 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8726 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8726.html CVE-2019-8726 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8733 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8733.html CVE-2019-8733 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8735 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8735.html CVE-2019-8735 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8743 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8743.html CVE-2019-8743 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8763 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8763.html CVE-2019-8763 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8764 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8764.html CVE-2019-8764 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8765 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8765.html CVE-2019-8765 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8766 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8766.html CVE-2019-8766 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. CVE-2019-8768 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8768.html CVE-2019-8768 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. CVE-2019-8769 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8769.html CVE-2019-8769 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. CVE-2019-8771 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8771.html CVE-2019-8771 https://bugzilla.suse.com/1155321 SUSE Bug 1155321 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8782 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8782.html CVE-2019-8782 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8783 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8783.html CVE-2019-8783 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8808 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8808.html CVE-2019-8808 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8811 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8811.html CVE-2019-8811 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8812 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8812.html CVE-2019-8812 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8813 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8813.html CVE-2019-8813 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8814 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8814.html CVE-2019-8814 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8815 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8815.html CVE-2019-8815 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8816 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8816.html CVE-2019-8816 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8819 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8819.html CVE-2019-8819 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8820 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8820.html CVE-2019-8820 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8821 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8821.html CVE-2019-8821 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8822 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8822.html CVE-2019-8822 https://bugzilla.suse.com/1156318 SUSE Bug 1156318 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8823 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:libwebkit2gtk3-lang-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit-jsc-4-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-devel-2.26.2-lp150.2.28.1 openSUSE Leap 15.0:webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK/#YLQI2W5TS56J3JQ5FT62EA3IH5W2VNRK https://www.suse.com/security/cve/CVE-2019-8823.html CVE-2019-8823 https://bugzilla.suse.com/1156318 SUSE Bug 1156318