Oval Definition:oval:org.opensuse.security:def:58109
Revision Date:2022-01-14Version:1
Title:Security update for MozillaFirefox (Important) (in QA)
Description:

This update for MozillaFirefox fixes the following issues:

- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).

This patch is currently in QA and not yet available for download.
Family:unixClass:patch
Status:Reference(s):1005522
1005523
1005524
1005525
1005526
1005527
1005528
1026236
1046856
1088268
1090036
1094301
1101776
1101777
1101786
1101788
1101791
1101794
1101800
1101802
1101804
1101810
1106514
1109412
1109413
1109414
1111331
1111622
1111996
1112534
1112535
1113247
1113252
1113255
1114988
1116827
1118830
1118831
1120640
1121034
1121035
1121056
1122668
1123157
1124211
1126140
1126141
1126192
1126195
1126196
1126198
1126201
1127400
1129180
1129623
1131595
1131863
1133131
1133232
1134156
1135273
1139959
1140122
1140359
1141493
1141913
1142772
1146882
1146884
1158328
1159352
1160968
1162972
1173274
1177914
1194547
988651
CVE-2016-5542
CVE-2016-5554
CVE-2016-5556
CVE-2016-5568
CVE-2016-5573
CVE-2016-5582
CVE-2016-5597
CVE-2017-0861
CVE-2017-1000083
CVE-2017-12652
CVE-2018-1000199
CVE-2018-1000876
CVE-2018-11354
CVE-2018-11355
CVE-2018-11356
CVE-2018-11357
CVE-2018-11358
CVE-2018-11359
CVE-2018-11360
CVE-2018-11361
CVE-2018-11362
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-14339
CVE-2018-14340
CVE-2018-14341
CVE-2018-14342
CVE-2018-14343
CVE-2018-14344
CVE-2018-14367
CVE-2018-14368
CVE-2018-14369
CVE-2018-14370
CVE-2018-16056
CVE-2018-16057
CVE-2018-16058
CVE-2018-17358
CVE-2018-17359
CVE-2018-17360
CVE-2018-17985
CVE-2018-18074
CVE-2018-18309
CVE-2018-18483
CVE-2018-18484
CVE-2018-18605
CVE-2018-18606
CVE-2018-18607
CVE-2018-19931
CVE-2018-19932
CVE-2018-19967
CVE-2018-20623
CVE-2018-20651
CVE-2018-20671
CVE-2019-1010180
CVE-2019-11091
CVE-2019-11745
CVE-2019-12973
CVE-2019-13012
CVE-2019-13722
CVE-2019-14811
CVE-2019-14812
CVE-2019-14813
CVE-2019-14817
CVE-2019-16775
CVE-2019-16776
CVE-2019-16777
CVE-2019-17005
CVE-2019-17008
CVE-2019-17009
CVE-2019-17010
CVE-2019-17011
CVE-2019-17012
CVE-2019-3835
CVE-2019-3839
CVE-2019-3886
CVE-2019-4732
CVE-2019-6778
CVE-2019-7317
CVE-2019-9824
CVE-2020-14422
CVE-2020-15999
CVE-2020-2583
CVE-2020-2593
CVE-2020-2604
CVE-2020-2659
CVE-2021-4140
CVE-2022-22737
CVE-2022-22738
CVE-2022-22739
CVE-2022-22740
CVE-2022-22741
CVE-2022-22742
CVE-2022-22743
CVE-2022-22744
CVE-2022-22745
CVE-2022-22746
CVE-2022-22747
CVE-2022-22748
CVE-2022-22751
SUSE-SU-2016:2887-1
SUSE-SU-2017:2390-1
SUSE-SU-2018:1268-1
SUSE-SU-2018:2891-1
SUSE-SU-2019:0921-1
SUSE-SU-2019:1438-1
SUSE-SU-2019:1830-1
SUSE-SU-2019:2478-1
SUSE-SU-2019:2650-1
SUSE-SU-2019:3060-2
SUSE-SU-2019:3347-1
SUSE-SU-2020:0247-1
SUSE-SU-2020:0528-1
SUSE-SU-2020:0555-1
SUSE-SU-2020:2157-1
SUSE-SU-2020:2998-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libpcsclite1-1.8.23-lp150.2 is installed
  • OR pcsc-lite-1.8.23-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • kernel-debug-4.12.14-lp151.28.36 is installed
  • OR kernel-debug-base-4.12.14-lp151.28.36 is installed
  • OR kernel-debug-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-default-4.12.14-lp151.28.36 is installed
  • OR kernel-default-base-4.12.14-lp151.28.36 is installed
  • OR kernel-default-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-docs-4.12.14-lp151.28.36 is installed
  • OR kernel-docs-html-4.12.14-lp151.28.36 is installed
  • OR kernel-kvmsmall-4.12.14-lp151.28.36 is installed
  • OR kernel-kvmsmall-base-4.12.14-lp151.28.36 is installed
  • OR kernel-kvmsmall-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-macros-4.12.14-lp151.28.36 is installed
  • OR kernel-obs-build-4.12.14-lp151.28.36 is installed
  • OR kernel-obs-qa-4.12.14-lp151.28.36 is installed
  • OR kernel-source-4.12.14-lp151.28.36 is installed
  • OR kernel-source-vanilla-4.12.14-lp151.28.36 is installed
  • OR kernel-syms-4.12.14-lp151.28.36 is installed
  • OR kernel-vanilla-4.12.14-lp151.28.36 is installed
  • OR kernel-vanilla-base-4.12.14-lp151.28.36 is installed
  • OR kernel-vanilla-devel-4.12.14-lp151.28.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.5-30.63 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.5-30.63 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.111-17 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.111-17 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.111-17 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.111-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.22.5-2.32 is installed
  • OR libwebkit2gtk-4_0-37-2.22.5-2.32 is installed
  • OR libwebkit2gtk3-lang-2.22.5-2.32 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.22.5-2.32 is installed
  • OR typelib-1_0-WebKit2-4_0-2.22.5-2.32 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.22.5-2.32 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.22.5-2.32 is installed
  • OR webkit2gtk3-2.22.5-2.32 is installed
  • OR webkit2gtk3-devel-2.22.5-2.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libwireshark9-2.4.9-48.29 is installed
  • OR libwiretap7-2.4.9-48.29 is installed
  • OR libwscodecs1-2.4.9-48.29 is installed
  • OR libwsutil8-2.4.9-48.29 is installed
  • OR wireshark-2.4.9-48.29 is installed
  • OR wireshark-gtk-2.4.9-48.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • curl-7.37.0-36 is installed
  • OR libcurl4-7.37.0-36 is installed
  • OR libcurl4-32bit-7.37.0-36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.0-30.60 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND
  • MozillaFirefox-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-devel-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-translations-common-91.5.0-112.86.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND
  • MozillaFirefox-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-devel-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-translations-common-91.5.0-112.86.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND tftp-5.2-11.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libvirt-2.0.0-27.54 is installed
  • OR libvirt-client-2.0.0-27.54 is installed
  • OR libvirt-daemon-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.54 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-xen-2.0.0-27.54 is installed
  • OR libvirt-doc-2.0.0-27.54 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.54 is installed
  • OR libvirt-nss-2.0.0-27.54 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Werkzeug-0.12.2-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND nodejs6-6.14.3-11.15 is installed
    • BACK