Oval Definition:oval:org.opensuse.security:def:55268
Revision Date:2021-11-17Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

MozillaFirefox was updated to Extended Support Release 91.3.0 ESR

Fixed: Various stability, functionality, and security fixes

MFSA 2021-49 (bsc#1192250)

* CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:unixClass:patch
Status:Reference(s):1005023
1024532
1024536
1032089
1034539
1037008
1037009
1040039
1047184
1054986
1057514
1059100
1059134
1059139
1067018
1070615
1076118
1076696
1078497
1078701
1079096
1079869
1080042
1082041
1082161
1083625
1085757
1086038
1095218
1095219
1101591
1114981
1115518
1118277
1119971
1120323
1192250
826427
833605
843835
847710
869101
870532
886378
940929
947337
950998
951844
953048
954847
956491
957990
958324
958491
958917
959005
959386
960334
960708
960725
960835
961332
961333
961358
961556
961691
962320
962742
963655
963762
963782
964411
964413
965087
966245
967969
968667
969121
969122
969350
970036
970037
970114
970506
971770
972933
973378
973499
974165
974308
974620
975128
975136
975531
975533
975700
975772
975788
976109
977417
978158
978160
978401
978469
978822
979074
979213
979419
979485
979489
979521
979548
979681
979867
979879
979922
980348
980363
980371
980711
980723
980856
980883
981038
981143
981266
981344
981597
982282
982354
982544
982698
983143
983213
983318
983721
983904
983977
984148
984456
984755
984764
985232
985978
986362
986365
986569
986572
986573
986811
988215
988498
988552
990058
992966
CVE-2008-3825
CVE-2009-1384
CVE-2009-3939
CVE-2009-4026
CVE-2009-4027
CVE-2009-4131
CVE-2009-4138
CVE-2009-4536
CVE-2009-4538
CVE-2010-0750
CVE-2010-1146
CVE-2010-1436
CVE-2010-1641
CVE-2010-2066
CVE-2010-2942
CVE-2010-2954
CVE-2010-2955
CVE-2010-3081
CVE-2010-3296
CVE-2010-3297
CVE-2010-3298
CVE-2010-3301
CVE-2010-3310
CVE-2011-0712
CVE-2011-1020
CVE-2011-1485
CVE-2011-1577
CVE-2011-2203
CVE-2012-0056
CVE-2012-2372
CVE-2013-0160
CVE-2013-0231
CVE-2013-0913
CVE-2013-2850
CVE-2013-4288
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6376
CVE-2013-6405
CVE-2014-00691
CVE-2014-0102
CVE-2014-0131
CVE-2014-0196
CVE-2014-2523
CVE-2014-2532
CVE-2014-2568
CVE-2014-3185
CVE-2014-3534
CVE-2014-3610
CVE-2014-3611
CVE-2014-3647
CVE-2014-3673
CVE-2014-3687
CVE-2014-3690
CVE-2014-3917
CVE-2014-3940
CVE-2014-4171
CVE-2014-4608
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4699
CVE-2014-4943
CVE-2014-5045
CVE-2014-5077
CVE-2014-5206
CVE-2014-5207
CVE-2014-5471
CVE-2014-5472
CVE-2014-7822
CVE-2014-7826
CVE-2014-7841
CVE-2014-8086
CVE-2014-8133
CVE-2014-8159
CVE-2014-8160
CVE-2014-8559
CVE-2014-8709
CVE-2014-9090
CVE-2014-9419
CVE-2014-9420
CVE-2014-9584
CVE-2014-9585
CVE-2014-9728
CVE-2014-9729
CVE-2014-9730
CVE-2014-9731
CVE-2014-9904
CVE-2015-0272
CVE-2015-0777
CVE-2015-1465
CVE-2015-1805
CVE-2015-2041
CVE-2015-2042
CVE-2015-2150
CVE-2015-2666
CVE-2015-2830
CVE-2015-2922
CVE-2015-3212
CVE-2015-3218
CVE-2015-3255
CVE-2015-3256
CVE-2015-3331
CVE-2015-3332
CVE-2015-3339
CVE-2015-3636
CVE-2015-4036
CVE-2015-4167
CVE-2015-4625
CVE-2015-4692
CVE-2015-5156
CVE-2015-5157
CVE-2015-5283
CVE-2015-5307
CVE-2015-5364
CVE-2015-5366
CVE-2015-5745
CVE-2015-6252
CVE-2015-6937
CVE-2015-7549
CVE-2015-7613
CVE-2015-7833
CVE-2015-8045
CVE-2015-8047
CVE-2015-8048
CVE-2015-8049
CVE-2015-8050
CVE-2015-8055
CVE-2015-8056
CVE-2015-8057
CVE-2015-8058
CVE-2015-8059
CVE-2015-8060
CVE-2015-8061
CVE-2015-8062
CVE-2015-8063
CVE-2015-8064
CVE-2015-8065
CVE-2015-8066
CVE-2015-8067
CVE-2015-8068
CVE-2015-8069
CVE-2015-8070
CVE-2015-8071
CVE-2015-8104
CVE-2015-8401
CVE-2015-8402
CVE-2015-8403
CVE-2015-8404
CVE-2015-8405
CVE-2015-8406
CVE-2015-8407
CVE-2015-8408
CVE-2015-8409
CVE-2015-8410
CVE-2015-8411
CVE-2015-8412
CVE-2015-8413
CVE-2015-8414
CVE-2015-8415
CVE-2015-8416
CVE-2015-8417
CVE-2015-8418
CVE-2015-8419
CVE-2015-8420
CVE-2015-8421
CVE-2015-8422
CVE-2015-8423
CVE-2015-8424
CVE-2015-8425
CVE-2015-8426
CVE-2015-8427
CVE-2015-8428
CVE-2015-8429
CVE-2015-8430
CVE-2015-8431
CVE-2015-8432
CVE-2015-8433
CVE-2015-8434
CVE-2015-8435
CVE-2015-8436
CVE-2015-8437
CVE-2015-8438
CVE-2015-8439
CVE-2015-8440
CVE-2015-8441
CVE-2015-8442
CVE-2015-8443
CVE-2015-8444
CVE-2015-8445
CVE-2015-8446
CVE-2015-8447
CVE-2015-8448
CVE-2015-8449
CVE-2015-8450
CVE-2015-8451
CVE-2015-8452
CVE-2015-8453
CVE-2015-8454
CVE-2015-8455
CVE-2015-8504
CVE-2015-8551
CVE-2015-8552
CVE-2015-8558
CVE-2015-8567
CVE-2015-8568
CVE-2015-8613
CVE-2015-8619
CVE-2015-8743
CVE-2015-8744
CVE-2015-8745
CVE-2015-8817
CVE-2015-8818
CVE-2015-8845
CVE-2016-0758
CVE-2016-10209
CVE-2016-10349
CVE-2016-10350
CVE-2016-1568
CVE-2016-1583
CVE-2016-1714
CVE-2016-1922
CVE-2016-1981
CVE-2016-2053
CVE-2016-2197
CVE-2016-2198
CVE-2016-2538
CVE-2016-2841
CVE-2016-2857
CVE-2016-2858
CVE-2016-3672
CVE-2016-3710
CVE-2016-3712
CVE-2016-4001
CVE-2016-4002
CVE-2016-4020
CVE-2016-4037
CVE-2016-4439
CVE-2016-4441
CVE-2016-4470
CVE-2016-4482
CVE-2016-4486
CVE-2016-4565
CVE-2016-4569
CVE-2016-4578
CVE-2016-4805
CVE-2016-4952
CVE-2016-4997
CVE-2016-5244
CVE-2016-5828
CVE-2016-5829
CVE-2016-6318
CVE-2017-14166
CVE-2017-14501
CVE-2017-14502
CVE-2017-14503
CVE-2017-3145
CVE-2017-5715
CVE-2018-1064
CVE-2018-1116
CVE-2018-11233
CVE-2018-11235
CVE-2018-16864
CVE-2018-16865
CVE-2018-16866
CVE-2018-19788
CVE-2018-6381
CVE-2018-6484
CVE-2018-6540
CVE-2018-6764
CVE-2021-38503
CVE-2021-38504
CVE-2021-38505
CVE-2021-38506
CVE-2021-38507
CVE-2021-38508
CVE-2021-38509
CVE-2021-38510
SUSE-SU-2015:2236-1
SUSE-SU-2016:1703-1
SUSE-SU-2016:2105-1
SUSE-SU-2016:2107-1
SUSE-SU-2018:0303-1
SUSE-SU-2018:0548-1
SUSE-SU-2018:0920-1
SUSE-SU-2018:3640-2
SUSE-SU-2019:0019-1
SUSE-SU-2019:0135-1
SUSE-SU-2021:3721-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-32bit-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-crammd5-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-digestmd5-32bit-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-gssapi-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-plain-2.1.26-lp150.3 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-lp150.3 is installed
  • OR libsasl2-3-2.1.26-lp150.3 is installed
  • OR libsasl2-3-32bit-2.1.26-lp150.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • neovim-0.3.7-lp151.2.7 is installed
  • OR neovim-lang-0.3.7-lp151.2.7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • acroread-9.5.5-0.5.5 is installed
  • OR acroread-cmaps-9.4.6-0.4.5 is installed
  • OR acroread-fonts-ja-9.4.6-0.4.5 is installed
  • OR acroread-fonts-ko-9.4.6-0.4.5 is installed
  • OR acroread-fonts-zh_CN-9.4.6-0.4.5 is installed
  • OR acroread-fonts-zh_TW-9.4.6-0.4.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.554-0.29 is installed
  • OR flash-player-gnome-11.2.202.554-0.29 is installed
  • OR flash-player-kde4-11.2.202.554-0.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • bind-9.9.9P1-63.7 is installed
  • OR bind-libs-9.9.9P1-63.7 is installed
  • OR bind-libs-32bit-9.9.9P1-63.7 is installed
  • OR bind-utils-9.9.9P1-63.7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libpolkit0-0.113-5.12 is installed
  • OR libpolkit0-32bit-0.113-5.12 is installed
  • OR polkit-0.113-5.12 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • kernel-default-3.12.49-11 is installed
  • OR kernel-default-base-3.12.49-11 is installed
  • OR kernel-default-devel-3.12.49-11 is installed
  • OR kernel-default-man-3.12.49-11 is installed
  • OR kernel-devel-3.12.49-11 is installed
  • OR kernel-macros-3.12.49-11 is installed
  • OR kernel-source-3.12.49-11 is installed
  • OR kernel-syms-3.12.49-11 is installed
  • OR kernel-xen-3.12.49-11 is installed
  • OR kernel-xen-base-3.12.49-11 is installed
  • OR kernel-xen-devel-3.12.49-11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_32-default-5-2 is installed
  • OR kgraft-patch-3_12_69-60_64_32-xen-5-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_13-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-4 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • MozillaFirefox-91.3.0-112.80.2 is installed
  • OR MozillaFirefox-devel-91.3.0-112.80.2 is installed
  • OR MozillaFirefox-translations-common-91.3.0-112.80.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-9-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_38-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_13-10-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gnome-settings-daemon-3.20.1-49 is installed
  • OR gnome-settings-daemon-lang-3.20.1-49 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • apache2-2.4.23-29.54 is installed
  • OR apache2-doc-2.4.23-29.54 is installed
  • OR apache2-example-pages-2.4.23-29.54 is installed
  • OR apache2-prefork-2.4.23-29.54 is installed
  • OR apache2-utils-2.4.23-29.54 is installed
  • OR apache2-worker-2.4.23-29.54 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_103-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-2-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.0-2.38 is installed
  • OR libwebkit2gtk-4_0-37-2.24.0-2.38 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.0-2.38 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.0-2.38 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.0-2.38 is installed
  • OR webkit2gtk3-2.24.0-2.38 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_nss-1.0.14-19.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-arch-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-credential-gnome-keyring-2.12.3-27.14 is installed
  • OR git-cvs-2.12.3-27.14 is installed
  • OR git-daemon-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
  • OR git-email-2.12.3-27.14 is installed
  • OR git-gui-2.12.3-27.14 is installed
  • OR git-svn-2.12.3-27.14 is installed
  • OR git-web-2.12.3-27.14 is installed
  • OR gitk-2.12.3-27.14 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
  • BACK