Oval Definition:oval:org.opensuse.security:def:55970
Revision Date:2021-11-17Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

MozillaFirefox was updated to Extended Support Release 91.3.0 ESR

Fixed: Various stability, functionality, and security fixes

MFSA 2021-49 (bsc#1192250)

* CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:unixClass:patch
Status:Reference(s):1003077
1008842
1009682
1012620
1012985
1015703
1015787
1015821
1017512
1018100
1018263
1018419
1018446
1019168
1019514
1020048
1020108
1020795
1021256
1021374
1021762
1021913
1022559
1022971
1023164
1023207
1023377
1023762
1023824
1023888
1023992
1024081
1024234
1024309
1024508
1024788
1025039
1025235
1025354
1025802
1026024
1026722
1026914
1027066
1027178
1027189
1027190
1027974
1028041
1028415
1028595
1028648
1028895
1029470
1029850
1029986
1030118
1030213
1030593
1030901
1031003
1031052
1031080
1031440
1031567
1031579
1031662
1031842
1032125
1032141
1032344
1032345
1033336
1034670
103470
1034700
1035283
1035576
1035699
1035738
1035877
1036752
1038261
1053153
1069708
1102682
1103203
1122706
1133191
1136446
1137597
1140747
1144903
1151021
1153108
1153158
1153161
1192250
306333
547549
668145
679938
681560
688200
718113
73544
799133
806250
831299
856832
857026
857926
859158
889755
890735
904970
907150
907636
907966
910441
910805
910806
914911
914939
917630
920160
920615
920633
922853
927967
929339
930399
930408
931620
933109
934423
936058
936062
936188
936190
937444
939996
940838
940946
943075
943457
945047
945692
951579
954345
954763
962052
963448
965803
965807
965810
968697
970083
971933
979215
982783
983212
984530
985561
988065
989056
992537
993832
CVE-2011-3146
CVE-2013-1881
CVE-2013-4549
CVE-2014-8146
CVE-2014-8147
CVE-2014-9093
CVE-2014-9687
CVE-2015-0848
CVE-2015-1350
CVE-2015-3456
CVE-2015-4551
CVE-2015-4588
CVE-2015-4695
CVE-2015-4696
CVE-2015-5212
CVE-2015-5213
CVE-2015-5214
CVE-2016-10044
CVE-2016-10200
CVE-2016-10208
CVE-2016-1521
CVE-2016-1523
CVE-2016-1526
CVE-2016-1572
CVE-2016-2037
CVE-2016-2117
CVE-2016-3070
CVE-2016-3485
CVE-2016-3511
CVE-2016-3598
CVE-2016-5243
CVE-2016-7117
CVE-2016-9191
CVE-2016-9588
CVE-2016-9604
CVE-2017-10661
CVE-2017-10971
CVE-2017-10972
CVE-2017-16939
CVE-2017-2647
CVE-2017-2671
CVE-2017-5669
CVE-2017-5897
CVE-2017-5986
CVE-2017-6074
CVE-2017-6214
CVE-2017-6345
CVE-2017-6346
CVE-2017-6348
CVE-2017-6353
CVE-2017-6951
CVE-2017-7187
CVE-2017-7261
CVE-2017-7294
CVE-2017-7308
CVE-2017-7500
CVE-2017-7501
CVE-2017-7616
CVE-2017-7645
CVE-2017-8106
CVE-2018-5390
CVE-2019-10220
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-14835
CVE-2019-17133
CVE-2019-3813
CVE-2019-3846
CVE-2021-38503
CVE-2021-38504
CVE-2021-38505
CVE-2021-38506
CVE-2021-38507
CVE-2021-38508
CVE-2021-38509
CVE-2021-38510
SUSE-SU-2015:0927-1
SUSE-SU-2015:1378-1
SUSE-SU-2016:0290-1
SUSE-SU-2016:0324-1
SUSE-SU-2016:0779-1
SUSE-SU-2016:2347-1
SUSE-SU-2017:0366-1
SUSE-SU-2017:1360-1
SUSE-SU-2017:1859-1
SUSE-SU-2017:3316-1
SUSE-SU-2018:3884-1
SUSE-SU-2019:0231-1
SUSE-SU-2019:2821-1
SUSE-SU-2019:2829-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP2-LTSS-ERICSSON
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libgme0-0.6.2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-lp151.2.4 is installed
  • OR MozillaThunderbird-buildsymbols-60.7.0-lp151.2.4 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-lp151.2.4 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-lp151.2.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • ecryptfs-utils-61-1.35 is installed
  • OR ecryptfs-utils-32bit-61-1.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • google-carlito-fonts-1.1.03.beta1-2 is installed
  • OR hyphen-2.8.8-2 is installed
  • OR libhyphen0-2.8.8-2 is installed
  • OR libmythes-1_2-0-1.2.4-2 is installed
  • OR libreoffice-5.0.4.2-23 is installed
  • OR libreoffice-base-5.0.4.2-23 is installed
  • OR libreoffice-base-drivers-postgresql-5.0.4.2-23 is installed
  • OR libreoffice-calc-5.0.4.2-23 is installed
  • OR libreoffice-calc-extensions-5.0.4.2-23 is installed
  • OR libreoffice-draw-5.0.4.2-23 is installed
  • OR libreoffice-filters-optional-5.0.4.2-23 is installed
  • OR libreoffice-gnome-5.0.4.2-23 is installed
  • OR libreoffice-icon-theme-galaxy-5.0.4.2-23 is installed
  • OR libreoffice-icon-theme-tango-5.0.4.2-23 is installed
  • OR libreoffice-impress-5.0.4.2-23 is installed
  • OR libreoffice-kde4-5.0.4.2-23 is installed
  • OR libreoffice-l10n-af-5.0.4.2-23 is installed
  • OR libreoffice-l10n-ar-5.0.4.2-23 is installed
  • OR libreoffice-l10n-ca-5.0.4.2-23 is installed
  • OR libreoffice-l10n-cs-5.0.4.2-23 is installed
  • OR libreoffice-l10n-da-5.0.4.2-23 is installed
  • OR libreoffice-l10n-de-5.0.4.2-23 is installed
  • OR libreoffice-l10n-en-5.0.4.2-23 is installed
  • OR libreoffice-l10n-es-5.0.4.2-23 is installed
  • OR libreoffice-l10n-fi-5.0.4.2-23 is installed
  • OR libreoffice-l10n-fr-5.0.4.2-23 is installed
  • OR libreoffice-l10n-gu-5.0.4.2-23 is installed
  • OR libreoffice-l10n-hi-5.0.4.2-23 is installed
  • OR libreoffice-l10n-hu-5.0.4.2-23 is installed
  • OR libreoffice-l10n-it-5.0.4.2-23 is installed
  • OR libreoffice-l10n-ja-5.0.4.2-23 is installed
  • OR libreoffice-l10n-ko-5.0.4.2-23 is installed
  • OR libreoffice-l10n-nb-5.0.4.2-23 is installed
  • OR libreoffice-l10n-nl-5.0.4.2-23 is installed
  • OR libreoffice-l10n-nn-5.0.4.2-23 is installed
  • OR libreoffice-l10n-pl-5.0.4.2-23 is installed
  • OR libreoffice-l10n-pt-BR-5.0.4.2-23 is installed
  • OR libreoffice-l10n-pt-PT-5.0.4.2-23 is installed
  • OR libreoffice-l10n-ru-5.0.4.2-23 is installed
  • OR libreoffice-l10n-sk-5.0.4.2-23 is installed
  • OR libreoffice-l10n-sv-5.0.4.2-23 is installed
  • OR libreoffice-l10n-xh-5.0.4.2-23 is installed
  • OR libreoffice-l10n-zh-Hans-5.0.4.2-23 is installed
  • OR libreoffice-l10n-zh-Hant-5.0.4.2-23 is installed
  • OR libreoffice-l10n-zu-5.0.4.2-23 is installed
  • OR libreoffice-mailmerge-5.0.4.2-23 is installed
  • OR libreoffice-math-5.0.4.2-23 is installed
  • OR libreoffice-officebean-5.0.4.2-23 is installed
  • OR libreoffice-pyuno-5.0.4.2-23 is installed
  • OR libreoffice-sdk-5.0.4.2-23 is installed
  • OR libreoffice-share-linker-1-2 is installed
  • OR libreoffice-voikko-4.1-2 is installed
  • OR libreoffice-writer-5.0.4.2-23 is installed
  • OR libreoffice-writer-extensions-5.0.4.2-23 is installed
  • OR libvoikko-3.7.1-5 is installed
  • OR libvoikko1-3.7.1-5 is installed
  • OR myspell-af_NA-20150827-23 is installed
  • OR myspell-af_ZA-20150827-23 is installed
  • OR myspell-ar-20150827-23 is installed
  • OR myspell-ar_AE-20150827-23 is installed
  • OR myspell-ar_BH-20150827-23 is installed
  • OR myspell-ar_DZ-20150827-23 is installed
  • OR myspell-ar_EG-20150827-23 is installed
  • OR myspell-ar_IQ-20150827-23 is installed
  • OR myspell-ar_JO-20150827-23 is installed
  • OR myspell-ar_KW-20150827-23 is installed
  • OR myspell-ar_LB-20150827-23 is installed
  • OR myspell-ar_LY-20150827-23 is installed
  • OR myspell-ar_MA-20150827-23 is installed
  • OR myspell-ar_OM-20150827-23 is installed
  • OR myspell-ar_QA-20150827-23 is installed
  • OR myspell-ar_SA-20150827-23 is installed
  • OR myspell-ar_SD-20150827-23 is installed
  • OR myspell-ar_SY-20150827-23 is installed
  • OR myspell-ar_TN-20150827-23 is installed
  • OR myspell-ar_YE-20150827-23 is installed
  • OR myspell-be_BY-20150827-23 is installed
  • OR myspell-bg_BG-20150827-23 is installed
  • OR myspell-bn_BD-20150827-23 is installed
  • OR myspell-bn_IN-20150827-23 is installed
  • OR myspell-bs-20150827-23 is installed
  • OR myspell-bs_BA-20150827-23 is installed
  • OR myspell-ca-20150827-23 is installed
  • OR myspell-ca_AD-20150827-23 is installed
  • OR myspell-ca_ES-20150827-23 is installed
  • OR myspell-ca_ES_valencia-20150827-23 is installed
  • OR myspell-ca_FR-20150827-23 is installed
  • OR myspell-ca_IT-20150827-23 is installed
  • OR myspell-cs_CZ-20150827-23 is installed
  • OR myspell-da_DK-20150827-23 is installed
  • OR myspell-de-20150827-23 is installed
  • OR myspell-de_AT-20150827-23 is installed
  • OR myspell-de_CH-20150827-23 is installed
  • OR myspell-de_DE-20150827-23 is installed
  • OR myspell-dictionaries-20150827-23 is installed
  • OR myspell-el_GR-20150827-23 is installed
  • OR myspell-en-20150827-23 is installed
  • OR myspell-en_AU-20150827-23 is installed
  • OR myspell-en_BS-20150827-23 is installed
  • OR myspell-en_BZ-20150827-23 is installed
  • OR myspell-en_CA-20150827-23 is installed
  • OR myspell-en_GB-20150827-23 is installed
  • OR myspell-en_GH-20150827-23 is installed
  • OR myspell-en_IE-20150827-23 is installed
  • OR myspell-en_IN-20150827-23 is installed
  • OR myspell-en_JM-20150827-23 is installed
  • OR myspell-en_MW-20150827-23 is installed
  • OR myspell-en_NA-20150827-23 is installed
  • OR myspell-en_NZ-20150827-23 is installed
  • OR myspell-en_PH-20150827-23 is installed
  • OR myspell-en_TT-20150827-23 is installed
  • OR myspell-en_US-20150827-23 is installed
  • OR myspell-en_ZA-20150827-23 is installed
  • OR myspell-en_ZW-20150827-23 is installed
  • OR myspell-es-20150827-23 is installed
  • OR myspell-es_AR-20150827-23 is installed
  • OR myspell-es_BO-20150827-23 is installed
  • OR myspell-es_CL-20150827-23 is installed
  • OR myspell-es_CO-20150827-23 is installed
  • OR myspell-es_CR-20150827-23 is installed
  • OR myspell-es_CU-20150827-23 is installed
  • OR myspell-es_DO-20150827-23 is installed
  • OR myspell-es_EC-20150827-23 is installed
  • OR myspell-es_ES-20150827-23 is installed
  • OR myspell-es_GT-20150827-23 is installed
  • OR myspell-es_HN-20150827-23 is installed
  • OR myspell-es_MX-20150827-23 is installed
  • OR myspell-es_NI-20150827-23 is installed
  • OR myspell-es_PA-20150827-23 is installed
  • OR myspell-es_PE-20150827-23 is installed
  • OR myspell-es_PR-20150827-23 is installed
  • OR myspell-es_PY-20150827-23 is installed
  • OR myspell-es_SV-20150827-23 is installed
  • OR myspell-es_UY-20150827-23 is installed
  • OR myspell-es_VE-20150827-23 is installed
  • OR myspell-et_EE-20150827-23 is installed
  • OR myspell-fr_BE-20150827-23 is installed
  • OR myspell-fr_CA-20150827-23 is installed
  • OR myspell-fr_CH-20150827-23 is installed
  • OR myspell-fr_FR-20150827-23 is installed
  • OR myspell-fr_LU-20150827-23 is installed
  • OR myspell-fr_MC-20150827-23 is installed
  • OR myspell-gu_IN-20150827-23 is installed
  • OR myspell-he_IL-20150827-23 is installed
  • OR myspell-hi_IN-20150827-23 is installed
  • OR myspell-hr_HR-20150827-23 is installed
  • OR myspell-hu_HU-20150827-23 is installed
  • OR myspell-it_IT-20150827-23 is installed
  • OR myspell-lightproof-en-20150827-23 is installed
  • OR myspell-lightproof-hu_HU-20150827-23 is installed
  • OR myspell-lightproof-pt_BR-20150827-23 is installed
  • OR myspell-lightproof-ru_RU-20150827-23 is installed
  • OR myspell-lo_LA-20150827-23 is installed
  • OR myspell-lt_LT-20150827-23 is installed
  • OR myspell-lv_LV-20150827-23 is installed
  • OR myspell-nb_NO-20150827-23 is installed
  • OR myspell-nl_BE-20150827-23 is installed
  • OR myspell-nl_NL-20150827-23 is installed
  • OR myspell-nn_NO-20150827-23 is installed
  • OR myspell-no-20150827-23 is installed
  • OR myspell-pl_PL-20150827-23 is installed
  • OR myspell-pt_AO-20150827-23 is installed
  • OR myspell-pt_BR-20150827-23 is installed
  • OR myspell-pt_PT-20150827-23 is installed
  • OR myspell-ro-20150827-23 is installed
  • OR myspell-ro_RO-20150827-23 is installed
  • OR myspell-ru_RU-20150827-23 is installed
  • OR myspell-sk_SK-20150827-23 is installed
  • OR myspell-sl_SI-20150827-23 is installed
  • OR myspell-sr-20150827-23 is installed
  • OR myspell-sr_CS-20150827-23 is installed
  • OR myspell-sr_Latn_CS-20150827-23 is installed
  • OR myspell-sr_Latn_RS-20150827-23 is installed
  • OR myspell-sr_RS-20150827-23 is installed
  • OR myspell-sv_FI-20150827-23 is installed
  • OR myspell-sv_SE-20150827-23 is installed
  • OR myspell-te-20150827-23 is installed
  • OR myspell-te_IN-20150827-23 is installed
  • OR myspell-th_TH-20150827-23 is installed
  • OR myspell-vi-20150827-23 is installed
  • OR myspell-vi_VN-20150827-23 is installed
  • OR myspell-zu_ZA-20150827-23 is installed
  • OR mythes-1.2.4-2 is installed
  • OR python-importlib-1.0.2-0.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • cpio-2.11-32 is installed
  • OR cpio-lang-2.11-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • gdk-pixbuf-loader-rsvg-2.40.2-1 is installed
  • OR librsvg-2-2-2.40.2-1 is installed
  • OR librsvg-2-2-32bit-2.40.2-1 is installed
  • OR rsvg-view-2.40.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_29-default-10-2 is installed
  • OR kgraft-patch-3_12_69-60_64_29-xen-10-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_12-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • at-3.1.14-7 is installed
  • OR flex-2.5.37-8 is installed
  • OR flex-32bit-2.5.37-8 is installed
  • OR libQtWebKit4-4.8.6+2.3.3-3 is installed
  • OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed
  • OR libbonobo-2.32.1-16 is installed
  • OR libbonobo-32bit-2.32.1-16 is installed
  • OR libbonobo-doc-2.32.1-16 is installed
  • OR libbonobo-lang-2.32.1-16 is installed
  • OR libkde4-4.12.0-7 is installed
  • OR libkde4-32bit-4.12.0-7 is installed
  • OR libkdecore4-4.12.0-7 is installed
  • OR libkdecore4-32bit-4.12.0-7 is installed
  • OR libksuseinstall1-4.12.0-7 is installed
  • OR libksuseinstall1-32bit-4.12.0-7 is installed
  • OR libnetpbm11-10.66.3-4 is installed
  • OR libnetpbm11-32bit-10.66.3-4 is installed
  • OR netpbm-10.66.3-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_50-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_15-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libraptor2-0-2.0.10-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • res-signingkeys-3.0.38-52.26 is installed
  • OR smt-3.0.38-52.26 is installed
  • OR smt-support-3.0.38-52.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • augeas-1.2.0-17.3 is installed
  • OR augeas-lenses-1.2.0-17.3 is installed
  • OR libaugeas0-1.2.0-17.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • xorg-x11-server-7.6_1.15.2-53.3 is installed
  • OR xorg-x11-server-extra-7.6_1.15.2-53.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-devel-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND nodejs6-6.14.3-11.15 is installed
    • BACK