Oval Definition:	oval:org.opensuse.security:def:5215
Revision Date: 2022-01-18 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547). Family: unix Class: patch Status: Reference(s): 1172004 1173786 1177351 1177352 1194547 CVE-2006-7250 CVE-2006-7250 CVE-2008-1686 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2009-0590 CVE-2009-0590 CVE-2009-0591 CVE-2009-0591 CVE-2009-0789 CVE-2009-0789 CVE-2009-1377 CVE-2009-1377 CVE-2009-1378 CVE-2009-1378 CVE-2009-1379 CVE-2009-1379 CVE-2009-1386 CVE-2009-1386 CVE-2009-1387 CVE-2009-1387 CVE-2009-3245 CVE-2009-3245 CVE-2009-3555 CVE-2009-3555 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4355 CVE-2009-4355 CVE-2009-4536 CVE-2009-4538 CVE-2009-5146 CVE-2010-0740 CVE-2010-0740 CVE-2010-1146 CVE-2010-1436 CVE-2010-1641 CVE-2010-2066 CVE-2010-2522 CVE-2010-2523 CVE-2010-2939 CVE-2010-2939 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-3864 CVE-2010-3864 CVE-2010-4180 CVE-2010-4180 CVE-2010-4252 CVE-2010-4252 CVE-2011-0014 CVE-2011-0014 CVE-2011-0712 CVE-2011-1020 CVE-2011-1577 CVE-2011-2203 CVE-2011-3210 CVE-2011-3210 CVE-2011-4108 CVE-2011-4108 CVE-2011-4109 CVE-2011-4109 CVE-2011-4354 CVE-2011-4354 CVE-2011-4576 CVE-2011-4576 CVE-2011-4577 CVE-2011-4577 CVE-2011-4619 CVE-2011-4619 CVE-2011-5095 CVE-2011-5095 CVE-2012-0037 CVE-2012-0050 CVE-2012-0050 CVE-2012-0056 CVE-2012-0884 CVE-2012-0884 CVE-2012-1165 CVE-2012-1165 CVE-2012-2110 CVE-2012-2110 CVE-2012-2131 CVE-2012-2131 CVE-2012-2333 CVE-2012-2333 CVE-2012-2369 CVE-2012-2372 CVE-2012-4425 CVE-2012-4929 CVE-2012-4929 CVE-2012-5134 CVE-2013-0160 CVE-2013-0166 CVE-2013-0166 CVE-2013-0169 CVE-2013-0169 CVE-2013-0231 CVE-2013-0913 CVE-2013-1985 CVE-2013-2064 CVE-2013-2850 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6376 CVE-2013-6405 CVE-2014-00691 CVE-2014-0076 CVE-2014-0076 CVE-2014-0102 CVE-2014-0131 CVE-2014-0196 CVE-2014-0221 CVE-2014-0221 CVE-2014-0224 CVE-2014-0224 CVE-2014-1932 CVE-2014-2523 CVE-2014-2568 CVE-2014-3185 CVE-2014-3470 CVE-2014-3470 CVE-2014-3505 CVE-2014-3505 CVE-2014-3506 CVE-2014-3506 CVE-2014-3507 CVE-2014-3507 CVE-2014-3508 CVE-2014-3508 CVE-2014-3510 CVE-2014-3510 CVE-2014-3534 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-3610 CVE-2014-3611 CVE-2014-3647 CVE-2014-3673 CVE-2014-3687 CVE-2014-3690 CVE-2014-3917 CVE-2014-3940 CVE-2014-4171 CVE-2014-4608 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4699 CVE-2014-4943 CVE-2014-5045 CVE-2014-5077 CVE-2014-5206 CVE-2014-5207 CVE-2014-5471 CVE-2014-5472 CVE-2014-7300 CVE-2014-7822 CVE-2014-7826 CVE-2014-7841 CVE-2014-8086 CVE-2014-8133 CVE-2014-8159 CVE-2014-8160 CVE-2014-8275 CVE-2014-8559 CVE-2014-8709 CVE-2014-9090 CVE-2014-9419 CVE-2014-9420 CVE-2014-9584 CVE-2014-9585 CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 CVE-2014-9731 CVE-2015-0204 CVE-2015-0205 CVE-2015-0209 CVE-2015-0272 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-0777 CVE-2015-1465 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1805 CVE-2015-2041 CVE-2015-2042 CVE-2015-2150 CVE-2015-2666 CVE-2015-2830 CVE-2015-2922 CVE-2015-3212 CVE-2015-3216 CVE-2015-3331 CVE-2015-3332 CVE-2015-3339 CVE-2015-3636 CVE-2015-4000 CVE-2015-4036 CVE-2015-4167 CVE-2015-4692 CVE-2015-5156 CVE-2015-5157 CVE-2015-5283 CVE-2015-5307 CVE-2015-5364 CVE-2015-5366 CVE-2015-6252 CVE-2015-6937 CVE-2015-7613 CVE-2015-8104 CVE-2019-19727 CVE-2020-12693 CVE-2020-7069 CVE-2020-7070 CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22744 CVE-2022-22745 CVE-2022-22746 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 SUSE-SU-2020:2602-1 SUSE-SU-2020:2997-1 SUSE-SU-2022:0115-1 Platform(s): openSUSE 13.1 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-Jinja2-2.7.3-4.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND puppet-2.6.18-0.12.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information krb5-1.6.3-133.49.68.1 is installed OR krb5-32bit-1.6.3-133.49.68.1 is installed OR krb5-client-1.6.3-133.49.68.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.99-0.20.2 is installed OR java-1_7_0-openjdk-demo-1.7.0.99-0.20.2 is installed OR java-1_7_0-openjdk-devel-1.7.0.99-0.20.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libopenssl0_9_8-0.9.8j-59 is installed OR libopenssl0_9_8-32bit-0.9.8j-59 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information gnome-settings-daemon-3.10.2-20 is installed OR gnome-settings-daemon-lang-3.10.2-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_55-52_45-default-2-2.3 is installed OR kgraft-patch-3_12_55-52_45-xen-2-2.3 is installed OR kgraft-patch-SLE12_Update_13-2-2.3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND python-PyYAML-3.10-17 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND fence-agents-4.0.25+git.1485179354.eb43835-2 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND libpcreposix0-8.39-8.3 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND libpmi0-17.11.13-6.31 is installed OR libslurm32-17.11.13-6.31 is installed OR perl-slurm-17.11.13-6.31 is installed OR slurm-17.11.13-6.31 is installed OR slurm-auth-none-17.11.13-6.31 is installed OR slurm-config-17.11.13-6.31 is installed OR slurm-devel-17.11.13-6.31 is installed OR slurm-doc-17.11.13-6.31 is installed OR slurm-lua-17.11.13-6.31 is installed OR slurm-munge-17.11.13-6.31 is installed OR slurm-node-17.11.13-6.31 is installed OR slurm-pam_slurm-17.11.13-6.31 is installed OR slurm-plugins-17.11.13-6.31 is installed OR slurm-slurmdbd-17.11.13-6.31 is installed OR slurm-sql-17.11.13-6.31 is installed OR slurm-torque-17.11.13-6.31 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND libpmi0-17.11.13-6.31 is installed OR libslurm32-17.11.13-6.31 is installed OR perl-slurm-17.11.13-6.31 is installed OR slurm-17.11.13-6.31 is installed OR slurm-auth-none-17.11.13-6.31 is installed OR slurm-config-17.11.13-6.31 is installed OR slurm-devel-17.11.13-6.31 is installed OR slurm-doc-17.11.13-6.31 is installed OR slurm-lua-17.11.13-6.31 is installed OR slurm-munge-17.11.13-6.31 is installed OR slurm-node-17.11.13-6.31 is installed OR slurm-pam_slurm-17.11.13-6.31 is installed OR slurm-plugins-17.11.13-6.31 is installed OR slurm-slurmdbd-17.11.13-6.31 is installed OR slurm-sql-17.11.13-6.31 is installed OR slurm-torque-17.11.13-6.31 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_67-60_64_21-default-1-2 is installed OR kgraft-patch-3_12_67-60_64_21-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_10-1-2 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_6-default-3-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_2-3-2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information sles12-docker-image-1.1.2-20160727 is installed OR sles12sp1-docker-image-1.0.5-20160727 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information cups154-1.5.4-5.1 is installed OR cups154-client-1.5.4-5.1 is installed OR cups154-filters-1.5.4-5.1 is installed OR cups154-libs-1.5.4-5.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-setuptools-1.1.7-7.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9 is installed OR gcc5-5.3.1+r233831-9 is installed OR gcc5-c++-5.3.1+r233831-9 is installed OR gcc5-fortran-5.3.1+r233831-9 is installed OR gcc5-info-5.3.1+r233831-9 is installed OR gcc5-locale-5.3.1+r233831-9 is installed OR libffi-devel-gcc5-5.3.1+r233831-9 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs4-4.5.0-5 is installed OR nodejs4-devel-4.5.0-5 is installed OR nodejs4-docs-4.5.0-5 is installed OR npm4-4.5.0-5 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.69-60.30 is installed OR kernel-compute-base-3.12.69-60.30 is installed OR kernel-compute-devel-3.12.69-60.30 is installed OR kernel-compute_debug-3.12.69-60.30 is installed OR kernel-compute_debug-devel-3.12.69-60.30 is installed OR kernel-devel-rt-3.12.69-60.30 is installed OR kernel-rt-3.12.69-60.30 is installed OR kernel-rt-base-3.12.69-60.30 is installed OR kernel-rt-devel-3.12.69-60.30 is installed OR kernel-rt_debug-3.12.69-60.30 is installed OR kernel-rt_debug-devel-3.12.69-60.30 is installed OR kernel-source-rt-3.12.69-60.30 is installed OR kernel-syms-rt-3.12.69-60.30 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information e2fsprogs-1.41.9-2.14.3 is installed OR libcom_err2-1.41.9-2.14.3 is installed OR libcom_err2-32bit-1.41.9-2.14.3 is installed OR libcom_err2-x86-1.41.9-2.14.3 is installed OR libext2fs2-1.41.9-2.14.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR avahi-utils-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information git-1.8.5.6-15.1 is installed OR git-core-1.8.5.6-15.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND wpa_supplicant-2.2-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND autofs-5.0.9-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND MozillaFirefox-devel-91.5.0-112.86.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_55-52_42-default-3-2.1 is installed OR kgraft-patch-3_12_55-52_42-xen-3-2.1 is installed OR kgraft-patch-SLE12_Update_12-3-2.1 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libsndfile-1.0.25-36.7 is installed OR libsndfile1-1.0.25-36.7 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information kgraft-patch-3_12_48-52_27-default-5-2 is installed OR kgraft-patch-3_12_48-52_27-xen-5-2 is installed OR kgraft-patch-SLE12_Update_8-5-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information libid3tag-devel-0.15.1b-182 is installed OR libid3tag0-0.15.1b-182 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND augeas-devel-1.2.0-15 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information cups-ddk-1.7.5-20.17 is installed OR cups-devel-1.7.5-20.17 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.424-15.1 is installed OR flash-player-gnome-11.2.202.424-15.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information flash-player-11.2.202.632-137.1 is installed OR flash-player-gnome-11.2.202.632-137.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information libmysqlclient_r18-10.0.28-17.2 is installed OR libmysqlclient_r18-32bit-10.0.28-17.2 is installed OR mariadb-10.0.28-17.2 is installed
BACK