Oval Definition:oval:org.opensuse.security:def:57123
Revision Date:2021-11-17Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

MozillaFirefox was updated to Extended Support Release 91.3.0 ESR

Fixed: Various stability, functionality, and security fixes

MFSA 2021-49 (bsc#1192250)

* CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:unixClass:patch
Status:Reference(s):1012260
1015565
1018128
1021577
1024130
1026191
1030263
1032114
1032120
1035204
1036453
1037824
1041469
1041894
1047236
1047240
1049703
1061204
1063993
1064786
1065464
1066489
1073210
1078436
1079730
1080919
1091551
1092697
1094767
1095218
1095219
1096515
1096745
1097108
1099306
1100408
1101982
1107343
1108771
1108986
1109363
1109465
1110506
1110507
1112646
1114957
1116717
1117275
1119493
1120489
1121563
1121600
1123156
1123179
1125352
1126056
1127557
1128657
1130230
1132348
1132400
1132721
1149792
1153108
1156334
1168930
1169605
1169786
1169936
1170302
1170741
1170939
1192250
703591
769799
839074
857131
893359
934920
955942
CVE-2010-2800
CVE-2010-2801
CVE-2012-3382
CVE-2014-9556
CVE-2014-9732
CVE-2015-3238
CVE-2015-4467
CVE-2015-4468
CVE-2015-4469
CVE-2015-4470
CVE-2015-4471
CVE-2015-4472
CVE-2016-10220
CVE-2016-9063
CVE-2016-9601
CVE-2017-16541
CVE-2017-3135
CVE-2017-5436
CVE-2017-5951
CVE-2017-7207
CVE-2017-8291
CVE-2017-9233
CVE-2018-10853
CVE-2018-11233
CVE-2018-11235
CVE-2018-12020
CVE-2018-12376
CVE-2018-12377
CVE-2018-12378
CVE-2018-12379
CVE-2018-12381
CVE-2018-12383
CVE-2018-12385
CVE-2018-12386
CVE-2018-12387
CVE-2018-16872
CVE-2018-18954
CVE-2018-19364
CVE-2018-19489
CVE-2018-20217
CVE-2018-3646
CVE-2018-6954
CVE-2019-10220
CVE-2019-15917
CVE-2019-3842
CVE-2019-6454
CVE-2019-6778
CVE-2020-11008
CVE-2020-5260
CVE-2021-38503
CVE-2021-38504
CVE-2021-38505
CVE-2021-38506
CVE-2021-38507
CVE-2021-38508
CVE-2021-38509
CVE-2021-38510
SUSE-SU-2017:0596-1
SUSE-SU-2017:1149-1
SUSE-SU-2017:1398-1
SUSE-SU-2017:1404-1
SUSE-SU-2017:2299-1
SUSE-SU-2018:1566-1
SUSE-SU-2018:1698-1
SUSE-SU-2018:2348-1
SUSE-SU-2018:3591-1
SUSE-SU-2019:0113-1
SUSE-SU-2019:0435-1
SUSE-SU-2019:1265-1
SUSE-SU-2020:1295-1
SUSE-SU-2021:3721-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • bluez-5.48-lp150.3 is installed
  • OR libbluetooth3-5.48-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exempi-2.4.5-lp151.3.3 is installed
  • OR exempi-tools-2.4.5-lp151.3.3 is installed
  • OR libexempi-devel-2.4.5-lp151.3.3 is installed
  • OR libexempi3-2.4.5-lp151.3.3 is installed
  • OR libexempi3-32bit-2.4.5-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • bytefx-data-mysql-2.6.7-0.9 is installed
  • OR ibm-data-db2-2.6.7-0.9 is installed
  • OR mono-core-2.6.7-0.9 is installed
  • OR mono-data-2.6.7-0.9 is installed
  • OR mono-data-firebird-2.6.7-0.9 is installed
  • OR mono-data-oracle-2.6.7-0.9 is installed
  • OR mono-data-postgresql-2.6.7-0.9 is installed
  • OR mono-data-sqlite-2.6.7-0.9 is installed
  • OR mono-data-sybase-2.6.7-0.9 is installed
  • OR mono-devel-2.6.7-0.9 is installed
  • OR mono-extras-2.6.7-0.9 is installed
  • OR mono-jscript-2.6.7-0.9 is installed
  • OR mono-locale-extras-2.6.7-0.9 is installed
  • OR mono-nunit-2.6.7-0.9 is installed
  • OR mono-wcf-2.6.7-0.9 is installed
  • OR mono-web-2.6.7-0.9 is installed
  • OR mono-winforms-2.6.7-0.9 is installed
  • OR monodoc-core-2.6.7-0.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • qemu-2.11.2-5.8 is installed
  • OR qemu-block-curl-2.11.2-5.8 is installed
  • OR qemu-ipxe-1.0.0+-5.8 is installed
  • OR qemu-kvm-2.11.2-5.8 is installed
  • OR qemu-seabios-1.11.0-5.8 is installed
  • OR qemu-sgabios-8-5.8 is installed
  • OR qemu-tools-2.11.2-5.8 is installed
  • OR qemu-vgabios-1.11.0-5.8 is installed
  • OR qemu-x86-2.11.2-5.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • bind-9.9.9P1-56 is installed
  • OR bind-chrootenv-9.9.9P1-56 is installed
  • OR bind-doc-9.9.9P1-56 is installed
  • OR bind-libs-9.9.9P1-56 is installed
  • OR bind-libs-32bit-9.9.9P1-56 is installed
  • OR bind-utils-9.9.9P1-56 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libmspack0-0.4-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • openslp-2.0.0-18.17 is installed
  • OR openslp-32bit-2.0.0-18.17 is installed
  • OR openslp-server-2.0.0-18.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • glibc-2.22-62.13 is installed
  • OR glibc-32bit-2.22-62.13 is installed
  • OR glibc-devel-2.22-62.13 is installed
  • OR glibc-devel-32bit-2.22-62.13 is installed
  • OR glibc-html-2.22-62.13 is installed
  • OR glibc-i18ndata-2.22-62.13 is installed
  • OR glibc-info-2.22-62.13 is installed
  • OR glibc-locale-2.22-62.13 is installed
  • OR glibc-locale-32bit-2.22-62.13 is installed
  • OR glibc-profile-2.22-62.13 is installed
  • OR glibc-profile-32bit-2.22-62.13 is installed
  • OR nscd-2.22-62.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.121-92.73 is installed
  • OR kernel-default-base-4.4.121-92.73 is installed
  • OR kernel-default-devel-4.4.121-92.73 is installed
  • OR kernel-default-man-4.4.121-92.73 is installed
  • OR kernel-devel-4.4.121-92.73 is installed
  • OR kernel-macros-4.4.121-92.73 is installed
  • OR kernel-source-4.4.121-92.73 is installed
  • OR kernel-syms-4.4.121-92.73 is installed
  • OR kgraft-patch-4_4_121-92_73-default-1-3.3 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-1-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND dosfstools-3.0.26-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libjpeg-turbo-1.5.3-31.19 is installed
  • OR libjpeg62-62.2.0-31.19 is installed
  • OR libjpeg62-32bit-62.2.0-31.19 is installed
  • OR libjpeg62-turbo-1.5.3-31.19 is installed
  • OR libjpeg8-8.1.2-31.19 is installed
  • OR libjpeg8-32bit-8.1.2-31.19 is installed
  • OR libturbojpeg0-8.1.2-31.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-91.3.0-112.80.2 is installed
  • OR MozillaFirefox-devel-91.3.0-112.80.2 is installed
  • OR MozillaFirefox-translations-common-91.3.0-112.80.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsoup-2.62.2-5.7 is installed
  • OR libsoup-2_4-1-2.62.2-5.7 is installed
  • OR libsoup-2_4-1-32bit-2.62.2-5.7 is installed
  • OR libsoup-lang-2.62.2-5.7 is installed
  • OR typelib-1_0-Soup-2_4-2.62.2-5.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ardana-ansible-8.0+git.1583432621.24fa60e-3.70 is installed
  • OR ardana-barbican-8.0+git.1585152761.8ef3d61-4.33 is installed
  • OR ardana-db-8.0+git.1583944923.03cca6c-3.31 is installed
  • OR ardana-monasca-8.0+git.1583944894.38f023a-3.24 is installed
  • OR ardana-mq-8.0+git.1583944811.dc14403-3.19 is installed
  • OR ardana-neutron-8.0+git.1584715262.e4ea620-3.39 is installed
  • OR ardana-octavia-8.0+git.1585171918.418f5cf-3.26 is installed
  • OR ardana-tempest-8.0+git.1585311051.6ab5488-3.33 is installed
  • OR documentation-suse-openstack-cloud-installation-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-operations-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-opsconsole-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-planning-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-security-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-user-8.20200319-1.23 is installed
  • OR memcached-1.5.17-3.3 is installed
  • OR openstack-manila-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-api-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-data-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-doc-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-scheduler-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-share-5.1.1~dev5-3.26 is installed
  • OR openstack-neutron-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-doc-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-server-11.0.9~dev63-3.30 is installed
  • OR openstack-nova-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-api-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-cells-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-compute-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-conductor-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-console-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-doc-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-placement-api-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-scheduler-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev61-3.35 is installed
  • OR pdns-4.1.2-3.6 is installed
  • OR pdns-backend-mysql-4.1.2-3.6 is installed
  • OR python-amqp-2.4.2-3.9 is installed
  • OR python-manila-5.1.1~dev5-3.26 is installed
  • OR python-neutron-11.0.9~dev63-3.30 is installed
  • OR python-nova-16.1.9~dev61-3.35 is installed
  • OR venv-openstack-aodh-5.1.1~dev7-12.24 is installed
  • OR venv-openstack-aodh-x86_64-5.1.1~dev7-12.24 is installed
  • OR venv-openstack-barbican-5.0.2~dev3-12.25 is installed
  • OR venv-openstack-barbican-x86_64-5.0.2~dev3-12.25 is installed
  • OR venv-openstack-ceilometer-9.0.8~dev7-12.22 is installed
  • OR venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.22 is installed
  • OR venv-openstack-cinder-11.2.3~dev23-14.25 is installed
  • OR venv-openstack-cinder-x86_64-11.2.3~dev23-14.25 is installed
  • OR venv-openstack-designate-5.0.3~dev7-12.23 is installed
  • OR venv-openstack-designate-x86_64-5.0.3~dev7-12.23 is installed
  • OR venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.20 is installed
  • OR venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.20 is installed
  • OR venv-openstack-glance-15.0.3~dev3-12.23 is installed
  • OR venv-openstack-glance-x86_64-15.0.3~dev3-12.23 is installed
  • OR venv-openstack-heat-9.0.8~dev22-12.25 is installed
  • OR venv-openstack-heat-x86_64-9.0.8~dev22-12.25 is installed
  • OR venv-openstack-ironic-9.1.8~dev8-12.25 is installed
  • OR venv-openstack-ironic-x86_64-9.1.8~dev8-12.25 is installed
  • OR venv-openstack-keystone-12.0.4~dev5-11.26 is installed
  • OR venv-openstack-keystone-x86_64-12.0.4~dev5-11.26 is installed
  • OR venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.24 is installed
  • OR venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.24 is installed
  • OR venv-openstack-manila-5.1.1~dev5-12.29 is installed
  • OR venv-openstack-manila-x86_64-5.1.1~dev5-12.29 is installed
  • OR venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.20 is installed
  • OR venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.20 is installed
  • OR venv-openstack-murano-4.0.2~dev2-12.20 is installed
  • OR venv-openstack-murano-x86_64-4.0.2~dev2-12.20 is installed
  • OR venv-openstack-neutron-11.0.9~dev63-13.28 is installed
  • OR venv-openstack-neutron-x86_64-11.0.9~dev63-13.28 is installed
  • OR venv-openstack-nova-16.1.9~dev61-11.26 is installed
  • OR venv-openstack-nova-x86_64-16.1.9~dev61-11.26 is installed
  • OR venv-openstack-octavia-1.0.6~dev3-12.25 is installed
  • OR venv-openstack-octavia-x86_64-1.0.6~dev3-12.25 is installed
  • OR venv-openstack-sahara-7.0.5~dev4-11.24 is installed
  • OR venv-openstack-sahara-x86_64-7.0.5~dev4-11.24 is installed
  • OR venv-openstack-trove-8.0.2~dev2-11.24 is installed
  • OR venv-openstack-trove-x86_64-8.0.2~dev2-11.24 is installed
  • OR zookeeper-3.4.10-3.6 is installed
  • OR zookeeper-server-3.4.10-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • krb5-appl-1.0.3-3.3 is installed
  • OR krb5-appl-clients-1.0.3-3.3 is installed
  • OR krb5-appl-servers-1.0.3-3.3 is installed
    • BACK