SUSE 5172 Published by

SUSE Linux has been updated with several security enhancements, which include updates for xen, neomutt, python310-tornado6, glib2, hplip, python-aiohttp, and webkit2gtk3:

openSUSE-SU-2024:14530-1: moderate: xen-4.19.0_06-1.1 on GA media
openSUSE-SU-2024:14527-1: moderate: neomutt-20241114-1.1 on GA media
openSUSE-SU-2024:14528-1: moderate: python310-tornado6-6.4.2-1.1 on GA media
SUSE-SU-2024:4078-1: important: Security update for glib2
SUSE-SU-2024:4076-1: low: Security update for hplip
SUSE-SU-2024:4077-1: moderate: Security update for python-aiohttp
SUSE-SU-2024:4084-1: important: Security update for webkit2gtk3




openSUSE-SU-2024:14530-1: moderate: xen-4.19.0_06-1.1 on GA media


# xen-4.19.0_06-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14530-1
Rating: moderate

Cross-References:

* CVE-2024-45818
* CVE-2024-45819

CVSS scores:

* CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the xen-4.19.0_06-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* xen 4.19.0_06-1.1
* xen-devel 4.19.0_06-1.1
* xen-doc-html 4.19.0_06-1.1
* xen-libs 4.19.0_06-1.1
* xen-tools 4.19.0_06-1.1
* xen-tools-domU 4.19.0_06-1.1
* xen-tools-xendomains-wait-disk 4.19.0_06-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-45818.html
* https://www.suse.com/security/cve/CVE-2024-45819.html



openSUSE-SU-2024:14527-1: moderate: neomutt-20241114-1.1 on GA media


# neomutt-20241114-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14527-1
Rating: moderate

Cross-References:

* CVE-2024-49393
* CVE-2024-49394

CVSS scores:

* CVE-2024-49393 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-49393 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-49394 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-49394 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the neomutt-20241114-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* neomutt 20241114-1.1
* neomutt-contrib 20241114-1.1
* neomutt-doc 20241114-1.1
* neomutt-lang 20241114-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-49393.html
* https://www.suse.com/security/cve/CVE-2024-49394.html



openSUSE-SU-2024:14528-1: moderate: python310-tornado6-6.4.2-1.1 on GA media


# python310-tornado6-6.4.2-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14528-1
Rating: moderate

Cross-References:

* CVE-2024-52804

CVSS scores:

* CVE-2024-52804 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-52804 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python310-tornado6-6.4.2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python310-tornado6 6.4.2-1.1
* python311-tornado6 6.4.2-1.1
* python312-tornado6 6.4.2-1.1
* python313-tornado6 6.4.2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-52804.html



SUSE-SU-2024:4078-1: important: Security update for glib2


# Security update for glib2

Announcement ID: SUSE-SU-2024:4078-1
Release Date: 2024-11-27T12:53:48Z
Rating: important
References:

* bsc#1233282

Cross-References:

* CVE-2024-52533

CVSS scores:

* CVE-2024-52533 ( SUSE ): 7.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2024-52533 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
* CVE-2024-52533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for glib2 fixes the following issues:

* CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-4078=1

* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4078=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4078=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-4078=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-4078=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-4078=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-4078=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-4078=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4078=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4078=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4078=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4078=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4078=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4078=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4078=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-4078=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4078=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* gio-branding-upstream-2.70.5-150400.3.17.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* glib2-tests-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* glib2-doc-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* glib2-tests-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* glib2-devel-static-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* openSUSE Leap 15.4 (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-32bit-2.70.5-150400.3.17.1
* glib2-devel-32bit-2.70.5-150400.3.17.1
* glib2-devel-32bit-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libgmodule-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-64bit-2.70.5-150400.3.17.1
* libgio-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1
* glib2-devel-64bit-2.70.5-150400.3.17.1
* glib2-devel-64bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-64bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-64bit-2.70.5-150400.3.17.1
* glib2-tools-64bit-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-64bit-2.70.5-150400.3.17.1
* libgio-2_0-0-64bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-64bit-2.70.5-150400.3.17.1
* libglib-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1
* openSUSE Leap Micro 5.5 (aarch64 s390x x86_64)
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* openSUSE Leap 15.5 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* gio-branding-upstream-2.70.5-150400.3.17.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* glib2-tests-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* glib2-doc-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* glib2-tests-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* glib2-devel-static-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* openSUSE Leap 15.5 (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-32bit-2.70.5-150400.3.17.1
* glib2-devel-32bit-2.70.5-150400.3.17.1
* glib2-devel-32bit-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* Basesystem Module 15-SP5 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* Basesystem Module 15-SP5 (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64)
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Manager Proxy 4.3 (x86_64)
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Manager Proxy 4.3 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* glib2-devel-debuginfo-2.70.5-150400.3.17.1
* libgmodule-2_0-0-2.70.5-150400.3.17.1
* glib2-debugsource-2.70.5-150400.3.17.1
* libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgthread-2_0-0-2.70.5-150400.3.17.1
* libgobject-2_0-0-2.70.5-150400.3.17.1
* glib2-tools-2.70.5-150400.3.17.1
* glib2-tools-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-2.70.5-150400.3.17.1
* libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgio-2_0-0-2.70.5-150400.3.17.1
* glib2-devel-2.70.5-150400.3.17.1
* libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1
* SUSE Manager Server 4.3 (noarch)
* glib2-lang-2.70.5-150400.3.17.1
* SUSE Manager Server 4.3 (x86_64)
* libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1
* libgio-2_0-0-32bit-2.70.5-150400.3.17.1
* libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-2.70.5-150400.3.17.1
* libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1
* libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1

## References:

* https://www.suse.com/security/cve/CVE-2024-52533.html
* https://bugzilla.suse.com/show_bug.cgi?id=1233282



SUSE-SU-2024:4076-1: low: Security update for hplip


# Security update for hplip

Announcement ID: SUSE-SU-2024:4076-1
Release Date: 2024-11-27T12:51:58Z
Rating: low
References:

* bsc#1209401

Affected Products:

* Basesystem Module 15-SP5
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that has one security fix can now be installed.

## Description:

This update for hplip fixes the following issues:

* hpmud: sanitize printer serial number (bsc#1209401)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-4076=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4076=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4076=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4076=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* hplip-devel-3.21.10-150400.3.14.1
* hplip-debuginfo-3.21.10-150400.3.14.1
* hplip-sane-3.21.10-150400.3.14.1
* hplip-scan-utils-debuginfo-3.21.10-150400.3.14.1
* hplip-scan-utils-3.21.10-150400.3.14.1
* hplip-sane-debuginfo-3.21.10-150400.3.14.1
* hplip-hpijs-3.21.10-150400.3.14.1
* hplip-hpijs-debuginfo-3.21.10-150400.3.14.1
* hplip-debugsource-3.21.10-150400.3.14.1
* hplip-3.21.10-150400.3.14.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* hplip-devel-3.21.10-150400.3.14.1
* hplip-debuginfo-3.21.10-150400.3.14.1
* hplip-sane-3.21.10-150400.3.14.1
* hplip-scan-utils-debuginfo-3.21.10-150400.3.14.1
* hplip-scan-utils-3.21.10-150400.3.14.1
* hplip-sane-debuginfo-3.21.10-150400.3.14.1
* hplip-hpijs-3.21.10-150400.3.14.1
* hplip-hpijs-debuginfo-3.21.10-150400.3.14.1
* hplip-debugsource-3.21.10-150400.3.14.1
* hplip-3.21.10-150400.3.14.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* hplip-devel-3.21.10-150400.3.14.1
* hplip-debuginfo-3.21.10-150400.3.14.1
* hplip-sane-3.21.10-150400.3.14.1
* hplip-sane-debuginfo-3.21.10-150400.3.14.1
* hplip-hpijs-3.21.10-150400.3.14.1
* hplip-hpijs-debuginfo-3.21.10-150400.3.14.1
* hplip-debugsource-3.21.10-150400.3.14.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* hplip-debuginfo-3.21.10-150400.3.14.1
* hplip-debugsource-3.21.10-150400.3.14.1
* hplip-3.21.10-150400.3.14.1

## References:

* https://bugzilla.suse.com/show_bug.cgi?id=1209401



SUSE-SU-2024:4077-1: moderate: Security update for python-aiohttp


# Security update for python-aiohttp

Announcement ID: SUSE-SU-2024:4077-1
Release Date: 2024-11-27T12:52:27Z
Rating: moderate
References:

* bsc#1233447

Cross-References:

* CVE-2024-52304

CVSS scores:

* CVE-2024-52304 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-52304 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2024-52304 ( NVD ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-aiohttp fixes the following issues:

* CVE-2024-52304: Fixed request smuggling due to incorrect parsing of chunk
extensions (bsc#1233447)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-4077=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4077=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4077=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-4077=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-4077=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-4077=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python-aiohttp-debugsource-3.9.3-150400.10.27.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.27.1
* python311-aiohttp-3.9.3-150400.10.27.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.27.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.27.1
* python311-aiohttp-3.9.3-150400.10.27.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.27.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.27.1
* python311-aiohttp-3.9.3-150400.10.27.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python311-aiohttp-3.9.3-150400.10.27.1
* Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.27.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.27.1
* python311-aiohttp-3.9.3-150400.10.27.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.27.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.27.1
* python311-aiohttp-3.9.3-150400.10.27.1

## References:

* https://www.suse.com/security/cve/CVE-2024-52304.html
* https://bugzilla.suse.com/show_bug.cgi?id=1233447



SUSE-SU-2024:4084-1: important: Security update for webkit2gtk3


# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2024:4084-1
Release Date: 2024-11-27T14:36:51Z
Rating: important
References:

* bsc#1231039
* bsc#1232747

Cross-References:

* CVE-2024-40866
* CVE-2024-44185
* CVE-2024-44187
* CVE-2024-44244
* CVE-2024-44296

CVSS scores:

* CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2024-44185 ( SUSE ): 5.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2024-44244 ( SUSE ): 5.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-44244 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-44244 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2024-44296 ( SUSE ): 2.1
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-44296 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected Products:

* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves five vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.3 (bsc#1232747):

* CVE-2024-44244: Processing maliciously crafted web content may lead to an
unexpected process crash.
* CVE-2024-44296: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced.
* CVE-2024-40866: Visiting a malicious website may lead to address bar
spoofing.

New references to version 2.46.0 (boo#1231039):

* CVE-2024-44187: A cross- origin issue existed with “iframe” elements. This
was addressed with improved tracking of security origins.
* CVE-2024-44185: Processing maliciously crafted web content may lead to an
unexpected process crash.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-4084=1 openSUSE-SLE-15.6-2024-4084=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4084=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4084=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4084=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* WebKitGTK-4.1-lang-2.46.3-150600.12.16.1
* WebKitGTK-6.0-lang-2.46.3-150600.12.16.1
* WebKitGTK-4.0-lang-2.46.3-150600.12.16.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libwebkitgtk-6_0-4-2.46.3-150600.12.16.1
* webkit2gtk3-soup2-debugsource-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_0-18-2.46.3-150600.12.16.1
* webkit2gtk4-devel-2.46.3-150600.12.16.1
* webkit-jsc-4.1-2.46.3-150600.12.16.1
* webkit2gtk3-soup2-minibrowser-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-2.46.3-150600.12.16.1
* webkitgtk-6_0-injected-bundles-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_1-0-2.46.3-150600.12.16.1
* webkit2gtk4-minibrowser-2.46.3-150600.12.16.1
* webkit2gtk-4_1-injected-bundles-2.46.3-150600.12.16.1
* typelib-1_0-JavaScriptCore-4_1-2.46.3-150600.12.16.1
* webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150600.12.16.1
* webkit-jsc-4-2.46.3-150600.12.16.1
* webkit2gtk-4_0-injected-bundles-2.46.3-150600.12.16.1
* typelib-1_0-JavaScriptCore-4_0-2.46.3-150600.12.16.1
* webkit-jsc-4.1-debuginfo-2.46.3-150600.12.16.1
* webkit2gtk3-soup2-devel-2.46.3-150600.12.16.1
* webkit2gtk3-minibrowser-2.46.3-150600.12.16.1
* webkit2gtk4-minibrowser-debuginfo-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150600.12.16.1
* libwebkitgtk-6_0-4-debuginfo-2.46.3-150600.12.16.1
* webkit-jsc-4-debuginfo-2.46.3-150600.12.16.1
* webkit2gtk3-soup2-minibrowser-2.46.3-150600.12.16.1
* typelib-1_0-JavaScriptCore-6_0-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2-4_1-2.46.3-150600.12.16.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150600.12.16.1
* webkit2gtk3-debugsource-2.46.3-150600.12.16.1
* webkit-jsc-6.0-debuginfo-2.46.3-150600.12.16.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1
* libjavascriptcoregtk-6_0-1-2.46.3-150600.12.16.1
* webkit2gtk3-minibrowser-debuginfo-2.46.3-150600.12.16.1
* typelib-1_0-WebKit-6_0-2.46.3-150600.12.16.1
* webkit2gtk4-debugsource-2.46.3-150600.12.16.1
* webkit2gtk3-devel-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2-4_0-2.46.3-150600.12.16.1
* webkit-jsc-6.0-2.46.3-150600.12.16.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-2.46.3-150600.12.16.1
* typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150600.12.16.1
* openSUSE Leap 15.6 (x86_64)
* libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-32bit-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_0-18-32bit-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-32bit-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_1-0-32bit-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.3-150600.12.16.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_1-0-64bit-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_0-18-64bit-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-64bit-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-64bit-2.46.3-150600.12.16.1
* Basesystem Module 15-SP6 (noarch)
* WebKitGTK-6.0-lang-2.46.3-150600.12.16.1
* WebKitGTK-4.0-lang-2.46.3-150600.12.16.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150600.12.16.1
* libwebkitgtk-6_0-4-2.46.3-150600.12.16.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1
* webkit2gtk3-soup2-debugsource-2.46.3-150600.12.16.1
* libwebkitgtk-6_0-4-debuginfo-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_0-18-2.46.3-150600.12.16.1
* libjavascriptcoregtk-6_0-1-2.46.3-150600.12.16.1
* webkit2gtk4-debugsource-2.46.3-150600.12.16.1
* webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2-4_0-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-debuginfo-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150600.12.16.1
* webkit2gtk-4_0-injected-bundles-2.46.3-150600.12.16.1
* libwebkit2gtk-4_0-37-2.46.3-150600.12.16.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150600.12.16.1
* typelib-1_0-JavaScriptCore-4_0-2.46.3-150600.12.16.1
* webkit2gtk3-soup2-devel-2.46.3-150600.12.16.1
* webkitgtk-6_0-injected-bundles-2.46.3-150600.12.16.1
* Desktop Applications Module 15-SP6 (noarch)
* WebKitGTK-4.1-lang-2.46.3-150600.12.16.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* webkit2gtk3-debugsource-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_1-0-2.46.3-150600.12.16.1
* webkit2gtk-4_1-injected-bundles-2.46.3-150600.12.16.1
* typelib-1_0-JavaScriptCore-4_1-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-debuginfo-2.46.3-150600.12.16.1
* libwebkit2gtk-4_1-0-2.46.3-150600.12.16.1
* webkit2gtk3-devel-2.46.3-150600.12.16.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2-4_1-2.46.3-150600.12.16.1
* typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150600.12.16.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150600.12.16.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* webkit2gtk4-debugsource-2.46.3-150600.12.16.1
* typelib-1_0-JavaScriptCore-6_0-2.46.3-150600.12.16.1
* typelib-1_0-WebKit-6_0-2.46.3-150600.12.16.1
* webkit2gtk4-devel-2.46.3-150600.12.16.1
* typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150600.12.16.1

## References:

* https://www.suse.com/security/cve/CVE-2024-40866.html
* https://www.suse.com/security/cve/CVE-2024-44185.html
* https://www.suse.com/security/cve/CVE-2024-44187.html
* https://www.suse.com/security/cve/CVE-2024-44244.html
* https://www.suse.com/security/cve/CVE-2024-44296.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231039
* https://bugzilla.suse.com/show_bug.cgi?id=1232747