openSUSE 安全性更新:webkitgtk (openSUSE-2016-412)

medium Nessus Plugin ID 90259

概要

遠端 openSUSE 主機缺少安全性更新。

說明

此 webkitgtk 更新可修正下列問題:

- webkitgtk 已更新至 2.4.10 版 (boo#971460):

+ 修正 GTK+ >= 3.19 的表單控制項和捲軸轉譯方式。

+ 修正 PPC64 的損毀。

+ 修正 powerpc 32 位元的版本。

+ 新增 ARM64 版本支援。

+ 安全性修正:CVE-2015-1120、CVE-2015-1076、CVE-2015-1071、CVE-2015-1081、CVE-2015-1122、CVE-2015-1155、CVE-2014-1748、CVE-2015-3752、CVE-2015-5809、CVE-2015-5928、CVE-2015-3749、CVE-2015-3659、CVE-2015-3748、CVE-2015-3743、CVE-2015-3731、CVE-2015-3745、CVE-2015-5822、CVE-2015-3658、CVE-2015-3741、CVE-2015-3727、CVE-2015-5801、CVE-2015-5788、CVE-2015-3747、CVE-2015-5794、CVE-2015-1127、CVE-2015-1153、CVE-2015-1083。

+ 已更新轉譯。

解決方案

更新受影響的 webkitgtk 套件。

另請參閱

https://bugzilla.opensuse.org/show_bug.cgi?id=971460

Plugin 詳細資訊

嚴重性: Medium

ID: 90259

檔案名稱: openSUSE-2016-412.nasl

版本: 1.4

類型: local

代理程式: unix

已發布: 2016/4/1

已更新: 2021/1/19

支援的感應器: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

風險資訊

VPR

風險因素: Medium

分數: 5.9

CVSS v2

風險因素: Medium

基本分數: 6.8

媒介: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

弱點資訊

CPE: p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-32bit, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-debuginfo, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-32bit, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-debuginfo, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0, p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-32bit, p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-debuginfo, p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0, p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-32bit, p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-debuginfo, p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libwebkitgtk-devel, p-cpe:/a:novell:opensuse:libwebkitgtk2-lang, p-cpe:/a:novell:opensuse:libwebkitgtk3-devel, p-cpe:/a:novell:opensuse:libwebkitgtk3-lang, p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-1_0, p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-3_0, p-cpe:/a:novell:opensuse:typelib-1_0-webkit-1_0, p-cpe:/a:novell:opensuse:typelib-1_0-webkit-3_0, p-cpe:/a:novell:opensuse:webkit-jsc-1, p-cpe:/a:novell:opensuse:webkit-jsc-1-debuginfo, p-cpe:/a:novell:opensuse:webkit-jsc-3, p-cpe:/a:novell:opensuse:webkit-jsc-3-debuginfo, cpe:/o:novell:opensuse:13.2, cpe:/o:novell:opensuse:42.1

必要的 KB 項目: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

修補程式發佈日期: 2016/3/30

參考資訊

CVE: CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081, CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801, CVE-2015-5809, CVE-2015-5822, CVE-2015-5928