Oval Definition:oval:org.opensuse.security:def:57195
Revision Date:2022-01-14Version:1
Title:Security update for MozillaFirefox (Important) (in QA)
Description:

This update for MozillaFirefox fixes the following issues:

- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).

This patch is currently in QA and not yet available for download.
Family:unixClass:patch
Status:Reference(s):1055857
1059893
1069496
1069702
1070805
1083125
1085447
1085449
1088268
1090036
1090338
1090368
1090646
1093311
1094301
1096740
1101776
1101777
1101786
1101788
1101791
1101794
1101800
1101802
1101804
1101810
1104076
1106222
1106514
1110910
1111006
1111010
1111013
1111056
1114422
1122292
1122299
1129180
1131863
1134156
1140359
1141780
1141782
1141783
1141785
1141787
1141789
1146882
1146884
1147021
1160467
1160468
1172205
1173378
1173380
1175534
1176343
1176344
1176345
1176346
1176347
1176348
1176349
1176350
1194547
793927
794316
797014
797031
797523
798188
799694
800156
800275
802690
805094
806736
858639
CVE-2010-2761
CVE-2010-4410
CVE-2010-4411
CVE-2010-4777
CVE-2012-5634
CVE-2012-6075
CVE-2013-0153
CVE-2014-0591
CVE-2015-8853
CVE-2016-1238
CVE-2016-2381
CVE-2016-6185
CVE-2016-6328
CVE-2017-0861
CVE-2017-1000405
CVE-2017-13166
CVE-2017-16939
CVE-2017-7544
CVE-2018-1000199
CVE-2018-10839
CVE-2018-11212
CVE-2018-11354
CVE-2018-11355
CVE-2018-11356
CVE-2018-11357
CVE-2018-11358
CVE-2018-11359
CVE-2018-11360
CVE-2018-11361
CVE-2018-11362
CVE-2018-12472
CVE-2018-1417
CVE-2018-14339
CVE-2018-14340
CVE-2018-14341
CVE-2018-14342
CVE-2018-14343
CVE-2018-14344
CVE-2018-14367
CVE-2018-14368
CVE-2018-14369
CVE-2018-14370
CVE-2018-15746
CVE-2018-16056
CVE-2018-16057
CVE-2018-16058
CVE-2018-17958
CVE-2018-17962
CVE-2018-17963
CVE-2018-18849
CVE-2018-2783
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-2825
CVE-2018-2826
CVE-2018-3665
CVE-2018-8781
CVE-2018-8897
CVE-2019-11771
CVE-2019-11772
CVE-2019-11775
CVE-2019-12973
CVE-2019-14811
CVE-2019-14812
CVE-2019-14813
CVE-2019-14817
CVE-2019-14896
CVE-2019-14897
CVE-2019-2449
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-3835
CVE-2019-3839
CVE-2019-4473
CVE-2019-7317
CVE-2020-0543
CVE-2020-14364
CVE-2020-15565
CVE-2020-15567
CVE-2020-25595
CVE-2020-25596
CVE-2020-25597
CVE-2020-25599
CVE-2020-25600
CVE-2020-25601
CVE-2020-25603
CVE-2020-25604
CVE-2021-4140
CVE-2022-22737
CVE-2022-22738
CVE-2022-22739
CVE-2022-22740
CVE-2022-22741
CVE-2022-22742
CVE-2022-22743
CVE-2022-22744
CVE-2022-22745
CVE-2022-22746
CVE-2022-22747
CVE-2022-22748
CVE-2022-22751
SUSE-SU-2017:3226-1
SUSE-SU-2018:0193-1
SUSE-SU-2018:1269-1
SUSE-SU-2018:1519-1
SUSE-SU-2018:1738-1
SUSE-SU-2018:2048-1
SUSE-SU-2018:2891-1
SUSE-SU-2018:3467-1
SUSE-SU-2018:4237-1
SUSE-SU-2019:2371-1
SUSE-SU-2019:2478-1
SUSE-SU-2020:0204-1
SUSE-SU-2020:2822-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gdk-pixbuf-lang-2.36.11-lp150.3 is installed
  • OR gdk-pixbuf-query-loaders-2.36.11-lp150.3 is installed
  • OR gdk-pixbuf-thumbnailer-2.36.11-lp150.3 is installed
  • OR libgdk_pixbuf-2_0-0-2.36.11-lp150.3 is installed
  • OR typelib-1_0-GdkPixbuf-2_0-2.36.11-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • elfutils-0.168-lp151.4.3 is installed
  • OR elfutils-lang-0.168-lp151.4.3 is installed
  • OR libasm-devel-0.168-lp151.4.3 is installed
  • OR libasm1-0.168-lp151.4.3 is installed
  • OR libasm1-32bit-0.168-lp151.4.3 is installed
  • OR libdw-devel-0.168-lp151.4.3 is installed
  • OR libdw1-0.168-lp151.4.3 is installed
  • OR libdw1-32bit-0.168-lp151.4.3 is installed
  • OR libebl-devel-0.168-lp151.4.3 is installed
  • OR libebl-plugins-0.168-lp151.4.3 is installed
  • OR libebl-plugins-32bit-0.168-lp151.4.3 is installed
  • OR libelf-devel-0.168-lp151.4.3 is installed
  • OR libelf-devel-32bit-0.168-lp151.4.3 is installed
  • OR libelf1-0.168-lp151.4.3 is installed
  • OR libelf1-32bit-0.168-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • bind-libs-9.9.4P2-0.6 is installed
  • OR bind-libs-32bit-9.9.4P2-0.6 is installed
  • OR bind-utils-9.9.4P2-0.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_63-default-6-2 is installed
  • OR kgraft-patch-3_12_74-60_64_63-xen-6-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_22-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • perl-5.18.2-11 is installed
  • OR perl-32bit-5.18.2-11 is installed
  • OR perl-base-5.18.2-11 is installed
  • OR perl-doc-5.18.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • gstreamer-0_10-plugins-base-0.10.36-18.3 is installed
  • OR gstreamer-0_10-plugins-base-32bit-0.10.36-18.3 is installed
  • OR libgstapp-0_10-0-32bit-0.10.36-18.3 is installed
  • OR libgstinterfaces-0_10-0-32bit-0.10.36-18.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.6_02-43.36 is installed
  • OR xen-doc-html-4.7.6_02-43.36 is installed
  • OR xen-libs-4.7.6_02-43.36 is installed
  • OR xen-libs-32bit-4.7.6_02-43.36 is installed
  • OR xen-tools-4.7.6_02-43.36 is installed
  • OR xen-tools-domU-4.7.6_02-43.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • file-5.19-9 is installed
  • OR file-magic-5.19-9 is installed
  • OR libmagic1-5.19-9 is installed
  • OR libmagic1-32bit-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • python-certifi-2018.4.16-3.6 is installed
  • OR python-chardet-3.0.4-5.6 is installed
  • OR python-urllib3-1.22-3.20 is installed
  • OR python3-certifi-2018.4.16-3.6 is installed
  • OR python3-chardet-3.0.4-5.6 is installed
  • OR python3-requests-2.20.1-5 is installed
  • OR python3-urllib3-1.22-3.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-devel-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-translations-common-91.5.0-112.86.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ntp-4.2.8p12-64.8 is installed
  • OR ntp-doc-4.2.8p12-64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • qemu-2.6.2-41.46 is installed
  • OR qemu-block-curl-2.6.2-41.46 is installed
  • OR qemu-block-rbd-2.6.2-41.46 is installed
  • OR qemu-block-ssh-2.6.2-41.46 is installed
  • OR qemu-guest-agent-2.6.2-41.46 is installed
  • OR qemu-ipxe-1.0.0-41.46 is installed
  • OR qemu-kvm-2.6.2-41.46 is installed
  • OR qemu-lang-2.6.2-41.46 is installed
  • OR qemu-s390-2.6.2-41.46 is installed
  • OR qemu-seabios-1.9.1-41.46 is installed
  • OR qemu-sgabios-8-41.46 is installed
  • OR qemu-tools-2.6.2-41.46 is installed
  • OR qemu-vgabios-1.9.1-41.46 is installed
  • OR qemu-x86-2.6.2-41.46 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libdcerpc0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libdcerpc0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-krb5pac0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-nbt0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-standard0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-standard0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libnetapi0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libnetapi0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-credentials0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-errors0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-hostconfig0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-passdb0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-util0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-util0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamdb0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamdb0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbclient0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbclient0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbconf0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbconf0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbldap0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbldap0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libtevent-util0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libtevent-util0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libwbclient0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libwbclient0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-client-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-client-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-doc-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-libs-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-libs-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-winbind-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-winbind-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • BACK