Oval Definition:	oval:org.opensuse.security:def:55992
Revision Date: 2022-01-14 Version: 1 Title: Security update for MozillaFirefox (Important) (in QA) Description: This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547). This patch is currently in QA and not yet available for download. Family: unix Class: patch Status: Reference(s): 1000048 1010685 1012382 1020905 1024130 1047118 1047626 1060445 1061005 1068032 1070623 1073246 1073311 1073792 1073874 1074709 1075091 1075411 1075908 1075994 1076017 1076110 1076154 1076278 1077182 1077355 1077560 1077922 1081317 1102682 1103203 1133191 1136446 1137597 1140747 1144903 1151021 1153108 1153158 1153161 1156334 1194547 778508 815451 821671 855385 881524 893777 893949 902893 904970 906831 907016 907150 920615 920633 930408 945582 951638 967012 967013 972335 975947 982017 982018 982019 982222 982223 982285 982959 983961 983982 988903 991080 991466 994760 994771 994774 996441 997858 997859 CVE-2012-4428 CVE-2013-1989 CVE-2013-2066 CVE-2013-2186 CVE-2014-0050 CVE-2014-3970 CVE-2014-8962 CVE-2014-9028 CVE-2015-1142857 CVE-2015-6908 CVE-2016-1248 CVE-2016-2183 CVE-2016-2391 CVE-2016-2392 CVE-2016-3627 CVE-2016-4453 CVE-2016-4454 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2016-6490 CVE-2016-6833 CVE-2016-6836 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155 CVE-2016-7156 CVE-2017-13215 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-18079 CVE-2017-3135 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3259 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2017-5715 CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 CVE-2018-1000004 CVE-2018-5390 CVE-2019-10220 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-14835 CVE-2019-15917 CVE-2019-17133 CVE-2019-3846 CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22744 CVE-2022-22745 CVE-2022-22746 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 SUSE-SU-2015:0922-1 SUSE-SU-2016:0090-1 SUSE-SU-2016:1204-1 SUSE-SU-2016:2589-1 SUSE-SU-2016:2942-1 SUSE-SU-2017:0490-1 SUSE-SU-2017:0596-1 SUSE-SU-2017:2688-1 SUSE-SU-2018:0525-1 SUSE-SU-2019:2821-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP2-LTSS-ERICSSON SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND liblzo2-2-2.10-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information dbus-1-1.12.2-lp151.4.3 is installed OR dbus-1-devel-1.12.2-lp151.4.3 is installed OR dbus-1-devel-32bit-1.12.2-lp151.4.3 is installed OR dbus-1-devel-doc-1.12.2-lp151.4.3 is installed OR dbus-1-x11-1.12.2-lp151.4.3 is installed OR libdbus-1-3-1.12.2-lp151.4.3 is installed OR libdbus-1-3-32bit-1.12.2-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libFLAC++6-1.2.1-68.17 is installed OR libFLAC8-1.2.1-68.17 is installed OR libFLAC8-32bit-1.2.1-68.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libldap-2_4-2-2.4.26-0.62 is installed OR libldap-2_4-2-32bit-2.4.26-0.62 is installed OR openldap2-client-2.4.26-0.62 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information bind-9.9.9P1-56 is installed OR bind-libs-9.9.9P1-56 is installed OR bind-libs-32bit-9.9.9P1-56 is installed OR bind-utils-9.9.9P1-56 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gvim-7.4.326-7 is installed OR vim-7.4.326-7 is installed OR vim-data-7.4.326-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information jakarta-commons-fileupload-1.1.1-120 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-120 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.82 is installed OR kernel-default-base-3.12.74-60.64.82 is installed OR kernel-default-devel-3.12.74-60.64.82 is installed OR kernel-default-man-3.12.74-60.64.82 is installed OR kernel-devel-3.12.74-60.64.82 is installed OR kernel-macros-3.12.74-60.64.82 is installed OR kernel-source-3.12.74-60.64.82 is installed OR kernel-syms-3.12.74-60.64.82 is installed OR kernel-xen-3.12.74-60.64.82 is installed OR kernel-xen-base-3.12.74-60.64.82 is installed OR kernel-xen-devel-3.12.74-60.64.82 is installed OR kgraft-patch-3_12_74-60_64_82-default-1-2.9 is installed OR kgraft-patch-3_12_74-60_64_82-xen-1-2.9 is installed OR kgraft-patch-SLE12-SP1_Update_25-1-2.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cups-filters-1.0.58-13 is installed OR cups-filters-cups-browsed-1.0.58-13 is installed OR cups-filters-foomatic-rip-1.0.58-13 is installed OR cups-filters-ghostscript-1.0.58-13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20180807-13.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libvirglrenderer0-0.5.0-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND gdb-8.3.1-2.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND perl-Archive-Zip-1.34-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information MozillaFirefox-52.4.0esr-109.6 is installed OR MozillaFirefox-devel-52.4.0esr-109.6 is installed OR MozillaFirefox-translations-52.4.0esr-109.6 is installed OR libfreebl3-3.29.5-58.3 is installed OR libfreebl3-32bit-3.29.5-58.3 is installed OR libfreebl3-hmac-3.29.5-58.3 is installed OR libfreebl3-hmac-32bit-3.29.5-58.3 is installed OR libsoftokn3-3.29.5-58.3 is installed OR libsoftokn3-32bit-3.29.5-58.3 is installed OR libsoftokn3-hmac-3.29.5-58.3 is installed OR libsoftokn3-hmac-32bit-3.29.5-58.3 is installed OR mozilla-nss-3.29.5-58.3 is installed OR mozilla-nss-32bit-3.29.5-58.3 is installed OR mozilla-nss-certs-3.29.5-58.3 is installed OR mozilla-nss-certs-32bit-3.29.5-58.3 is installed OR mozilla-nss-devel-3.29.5-58.3 is installed OR mozilla-nss-sysinit-3.29.5-58.3 is installed OR mozilla-nss-sysinit-32bit-3.29.5-58.3 is installed OR mozilla-nss-tools-3.29.5-58.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.25-3.19 is installed OR mariadb-galera-10.2.25-3.19 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
BACK