Oval Definition:	oval:org.opensuse.security:def:58039
Revision Date: 2021-11-17 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-49 (bsc#1192250) * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Family: unix Class: patch Status: Reference(s): 1012102 1012103 1012104 1013653 1013655 1013663 1013882 1029907 1029908 1029909 1030296 1030297 1030298 1030584 1030585 1030588 1030589 1031590 1031593 1031595 1031638 1031644 1031656 1037052 1037057 1037061 1037066 1037273 1044891 1044897 1044901 1044909 1044925 1044927 1064113 1064114 1065643 1065689 1065693 1068640 1068643 1068887 1068888 1068950 1069176 1069202 1072167 1074741 1075992 1077745 1079103 1079741 1080556 1081527 1081556 1083528 1083532 1085784 1086608 1086784 1086786 1086788 1087200 1090997 1091015 1091365 1091368 1101676 1101677 1101678 1103342 1106222 1109465 1110910 1111006 1111010 1111013 1112142 1112143 1112144 1112146 1112147 1112148 1112152 1112153 1112368 1112377 1112384 1112386 1112391 1112397 1112404 1112415 1112417 1112421 1112432 1112767 1114422 1115375 1116686 1117473 1118754 1120041 1120489 1122198 1122293 1122299 1122475 1123482 1124525 1127027 1132728 1132729 1132732 1133810 1134297 1140868 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 1145665 1149323 1167068 1167373 1168422 1170558 1171363 1172186 1172906 1172935 1173197 1173304 1192250 682920 CVE-2014-9939 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9810 CVE-2016-9843 CVE-2017-10320 CVE-2017-10365 CVE-2017-12133 CVE-2017-13194 CVE-2017-15365 CVE-2017-15938 CVE-2017-15939 CVE-2017-15996 CVE-2017-16826 CVE-2017-16827 CVE-2017-16828 CVE-2017-16829 CVE-2017-16830 CVE-2017-16831 CVE-2017-16832 CVE-2017-6965 CVE-2017-6966 CVE-2017-6969 CVE-2017-7209 CVE-2017-7210 CVE-2017-7223 CVE-2017-7224 CVE-2017-7225 CVE-2017-7226 CVE-2017-7299 CVE-2017-7300 CVE-2017-7301 CVE-2017-7302 CVE-2017-7303 CVE-2017-7304 CVE-2017-8392 CVE-2017-8393 CVE-2017-8394 CVE-2017-8396 CVE-2017-8421 CVE-2017-9746 CVE-2017-9747 CVE-2017-9748 CVE-2017-9750 CVE-2017-9755 CVE-2017-9756 CVE-2018-10372 CVE-2018-10373 CVE-2018-10534 CVE-2018-10535 CVE-2018-10839 CVE-2018-11212 CVE-2018-13785 CVE-2018-15746 CVE-2018-16435 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 CVE-2018-18849 CVE-2018-20217 CVE-2018-2759 CVE-2018-2777 CVE-2018-2786 CVE-2018-2810 CVE-2018-3058 CVE-2018-3060 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 CVE-2018-3136 CVE-2018-3139 CVE-2018-3143 CVE-2018-3149 CVE-2018-3156 CVE-2018-3162 CVE-2018-3169 CVE-2018-3173 CVE-2018-3174 CVE-2018-3180 CVE-2018-3183 CVE-2018-3185 CVE-2018-3200 CVE-2018-3214 CVE-2018-3251 CVE-2018-3277 CVE-2018-3282 CVE-2018-3284 CVE-2018-6323 CVE-2018-6543 CVE-2018-6759 CVE-2018-6872 CVE-2018-7208 CVE-2018-7568 CVE-2018-7569 CVE-2018-7570 CVE-2018-7642 CVE-2018-7643 CVE-2018-8945 CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11714 CVE-2019-11715 CVE-2019-11716 CVE-2019-11717 CVE-2019-11718 CVE-2019-11719 CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 CVE-2019-11724 CVE-2019-11725 CVE-2019-11727 CVE-2019-11728 CVE-2019-11729 CVE-2019-11730 CVE-2019-11733 CVE-2019-11735 CVE-2019-11736 CVE-2019-11738 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11751 CVE-2019-11752 CVE-2019-11753 CVE-2019-18860 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-7317 CVE-2019-9811 CVE-2019-9812 CVE-2020-12108 CVE-2020-12137 CVE-2020-14059 CVE-2020-14093 CVE-2020-14154 CVE-2020-14954 CVE-2020-3898 CVE-2020-3898 CVE-2020-8165 CVE-2021-38503 CVE-2021-38504 CVE-2021-38505 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-38510 SUSE-SU-2016:3303-1 SUSE-SU-2018:0181-1 SUSE-SU-2018:0655-1 SUSE-SU-2018:3207-1 SUSE-SU-2018:4237-1 SUSE-SU-2019:0057-1 SUSE-SU-2019:0111-1 SUSE-SU-2019:1392-1 SUSE-SU-2019:1441-1 SUSE-SU-2019:2036-1 SUSE-SU-2019:2620-1 SUSE-SU-2020:1045-1 SUSE-SU-2020:1301-1 SUSE-SU-2020:1794-1 SUSE-SU-2020:1803-1 SUSE-SU-2020:2929-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libapr-util1-1.6.1-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information epiphany-3.28.1.1-lp151.3.3 is installed OR epiphany-branding-upstream-3.28.1.1-lp151.3.3 is installed OR epiphany-lang-3.28.1.1-lp151.3.3 is installed OR gnome-shell-search-provider-epiphany-3.28.1.1-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.191-27.29 is installed OR java-1_8_0-openjdk-demo-1.8.0.191-27.29 is installed OR java-1_8_0-openjdk-devel-1.8.0.191-27.29 is installed OR java-1_8_0-openjdk-headless-1.8.0.191-27.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gstreamer-plugins-good-1.8.3-9 is installed OR gstreamer-plugins-good-lang-1.8.3-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information krb5-1.12.5-40.31 is installed OR krb5-32bit-1.12.5-40.31 is installed OR krb5-client-1.12.5-40.31 is installed OR krb5-doc-1.12.5-40.31 is installed OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed OR krb5-server-1.12.5-40.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_0-openjdk-1.7.0.221-43.22 is installed OR java-1_7_0-openjdk-demo-1.7.0.221-43.22 is installed OR java-1_7_0-openjdk-devel-1.7.0.221-43.22 is installed OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information pam_radius-1.3.16-239.4 is installed OR pam_radius-32bit-1.3.16-239.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-91.3.0-112.80.2 is installed OR MozillaFirefox-devel-91.3.0-112.80.2 is installed OR MozillaFirefox-translations-common-91.3.0-112.80.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libldap-2_4-2-2.4.41-18.71 is installed OR libldap-2_4-2-32bit-2.4.41-18.71 is installed OR openldap2-2.4.41-18.71 is installed OR openldap2-back-meta-2.4.41-18.71 is installed OR openldap2-client-2.4.41-18.71 is installed OR openldap2-doc-2.4.41-18.71 is installed OR openldap2-ppolicy-check-password-1.2-18.71 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information krb5-1.12.5-40.31 is installed OR krb5-32bit-1.12.5-40.31 is installed OR krb5-client-1.12.5-40.31 is installed OR krb5-doc-1.12.5-40.31 is installed OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed OR krb5-server-1.12.5-40.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information pdns-4.1.2-3.3 is installed OR pdns-backend-mysql-4.1.2-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.5 is installed
BACK