OVAL Reference oval:org.opensuse.security:def:58059

Oval Definition:

oval:org.opensuse.security:def:58059

Revision Date:	2021-12-12	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: Update to Extended Support Release 91.4.0 (bsc#1193485): - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43539: GC rooting failure when calling wasm instance methods - CVE-2021-43541: External protocol handler parameters were unescaped - CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler - CVE-2021-43543: Bypass of CSP sandbox directive when embedding - CVE-2021-43545: Denial of Service when using the Location API in a loop - CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed - Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 - Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
Family:	unix	Class:	patch
Status:		Reference(s):	1016503 1016504 1017081 1017084 1020427 1021741 1025109 1025311 1028184 1028656 1030624 1031142 1032075 1034866 1034908 1035406 1035950 1036211 1037242 1037334 1037336 1039495 1042159 1042800 1042801 1043073 1043296 1055857 1059893 1083302 1083303 1090338 1096740 1104129 1106989 1106996 1107609 1109105 1111479 1111480 1111789 1112229 1117022 1117274 1117313 1117327 1117331 1120381 1120943 1122033 1123022 1124365 1124366 1124368 1126068 1126069 1128649 1130116 1130330 1131317 1132053 1132054 1132060 1133185 1133191 1136446 1136935 1137597 1139959 1140122 1155787 1160770 1163019 1165631 1168140 1168142 1169392 1171252 1171254 1171475 1171847 1172105 1172116 1172121 1172405 1174543 1174662 1178593 1193321 1193485 967970 975500 CVE-2016-10028 CVE-2016-10029 CVE-2016-2533 CVE-2016-4009 CVE-2016-6328 CVE-2016-9602 CVE-2016-9603 CVE-2017-18926 CVE-2017-2518 CVE-2017-5579 CVE-2017-5973 CVE-2017-5987 CVE-2017-6505 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493 CVE-2017-7544 CVE-2017-7718 CVE-2017-7980 CVE-2017-8086 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9330 CVE-2017-9373 CVE-2017-9374 CVE-2017-9375 CVE-2017-9503 CVE-2018-16412 CVE-2018-16413 CVE-2018-16644 CVE-2018-17183 CVE-2018-17961 CVE-2018-18073 CVE-2018-18284 CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477 CVE-2018-20030 CVE-2018-20467 CVE-2018-3665 CVE-2018-5732 CVE-2018-5733 CVE-2018-5740 CVE-2018-5743 CVE-2018-5745 CVE-2019-10650 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-13012 CVE-2019-3814 CVE-2019-3846 CVE-2019-6465 CVE-2019-7175 CVE-2019-7395 CVE-2019-7397 CVE-2019-7398 CVE-2019-7524 CVE-2019-9278 CVE-2019-9956 CVE-2020-0093 CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-12653 CVE-2020-12654 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-1749 CVE-2020-8022 CVE-2020-8608 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 SUSE-SU-2017:1774-1 SUSE-SU-2018:0812-1 SUSE-SU-2018:2099-1 SUSE-SU-2018:4090-1 SUSE-SU-2019:0900-1 SUSE-SU-2019:1033-1 SUSE-SU-2019:1830-1 SUSE-SU-2019:2334-1 SUSE-SU-2019:3050-1 SUSE-SU-2020:1486-1 SUSE-SU-2020:1534-1 SUSE-SU-2020:1791-1 SUSE-SU-2020:2232-1 SUSE-SU-2020:2234-1 SUSE-SU-2020:3351-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libgadu3-1.12.2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.25 is installed OR kernel-debug-base-4.12.14-lp151.28.25 is installed OR kernel-debug-devel-4.12.14-lp151.28.25 is installed OR kernel-default-4.12.14-lp151.28.25 is installed OR kernel-default-base-4.12.14-lp151.28.25 is installed OR kernel-default-devel-4.12.14-lp151.28.25 is installed OR kernel-devel-4.12.14-lp151.28.25 is installed OR kernel-docs-4.12.14-lp151.28.25 is installed OR kernel-docs-html-4.12.14-lp151.28.25 is installed OR kernel-kvmsmall-4.12.14-lp151.28.25 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.25 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.25 is installed OR kernel-macros-4.12.14-lp151.28.25 is installed OR kernel-obs-build-4.12.14-lp151.28.25 is installed OR kernel-obs-qa-4.12.14-lp151.28.25 is installed OR kernel-source-4.12.14-lp151.28.25 is installed OR kernel-source-vanilla-4.12.14-lp151.28.25 is installed OR kernel-syms-4.12.14-lp151.28.25 is installed OR kernel-vanilla-4.12.14-lp151.28.25 is installed OR kernel-vanilla-base-4.12.14-lp151.28.25 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information dovecot22-2.2.31-19.14 is installed OR dovecot22-backend-mysql-2.2.31-19.14 is installed OR dovecot22-backend-pgsql-2.2.31-19.14 is installed OR dovecot22-backend-sqlite-2.2.31-19.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information qemu-2.6.2-41.16 is installed OR qemu-arm-2.6.2-41.16 is installed OR qemu-block-curl-2.6.2-41.16 is installed OR qemu-block-rbd-2.6.2-41.16 is installed OR qemu-block-ssh-2.6.2-41.16 is installed OR qemu-guest-agent-2.6.2-41.16 is installed OR qemu-ipxe-1.0.0-41.16 is installed OR qemu-kvm-2.6.2-41.16 is installed OR qemu-lang-2.6.2-41.16 is installed OR qemu-ppc-2.6.2-41.16 is installed OR qemu-s390-2.6.2-41.16 is installed OR qemu-seabios-1.9.1-41.16 is installed OR qemu-sgabios-8-41.16 is installed OR qemu-tools-2.6.2-41.16 is installed OR qemu-vgabios-1.9.1-41.16 is installed OR qemu-x86-2.6.2-41.16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information bind-9.9.9P1-63.12 is installed OR bind-chrootenv-9.9.9P1-63.12 is installed OR bind-doc-9.9.9P1-63.12 is installed OR bind-libs-9.9.9P1-63.12 is installed OR bind-utils-9.9.9P1-63.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-12-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND chrony-2.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information qemu-2.9.1-6.44 is installed OR qemu-block-curl-2.9.1-6.44 is installed OR qemu-block-iscsi-2.9.1-6.44 is installed OR qemu-block-rbd-2.9.1-6.44 is installed OR qemu-block-ssh-2.9.1-6.44 is installed OR qemu-guest-agent-2.9.1-6.44 is installed OR qemu-ipxe-1.0.0+-6.44 is installed OR qemu-kvm-2.9.1-6.44 is installed OR qemu-lang-2.9.1-6.44 is installed OR qemu-seabios-1.10.2-6.44 is installed OR qemu-sgabios-8-6.44 is installed OR qemu-tools-2.9.1-6.44 is installed OR qemu-vgabios-1.10.2-6.44 is installed OR qemu-x86-2.9.1-6.44 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-91.4.0-112.83.1 is installed OR MozillaFirefox-devel-91.4.0-112.83.1 is installed OR MozillaFirefox-translations-common-91.4.0-112.83.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.127 is installed OR kernel-default-base-4.4.180-94.127 is installed OR kernel-default-devel-4.4.180-94.127 is installed OR kernel-default-kgraft-4.4.180-94.127 is installed OR kernel-default-man-4.4.180-94.127 is installed OR kernel-devel-4.4.180-94.127 is installed OR kernel-macros-4.4.180-94.127 is installed OR kernel-source-4.4.180-94.127 is installed OR kernel-syms-4.4.180-94.127 is installed OR kgraft-patch-4_4_180-94_127-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_34-1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND perl-XML-LibXML-2.0019-6.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information mariadb-10.2.32-3.28 is installed OR mariadb-galera-10.2.32-3.28 is installed

BACK