Oval Definition:	oval:org.opensuse.security:def:58933
Revision Date: 2022-01-14 Version: 1 Title: Security update for MozillaFirefox (Important) (in QA) Description: This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547). This patch is currently in QA and not yet available for download. Family: unix Class: patch Status: Reference(s): 1057460 1076390 1082810 1083624 1085018 1094851 1094971 1102662 1102680 1102920 1104205 1109209 1111622 1118595 1118596 1119947 1122668 1133375 1140738 1141329 1141332 1151021 1172140 1172437 1173100 1173274 1173659 1173661 1173663 1173664 1173665 1173666 1173867 1173869 1173942 1173963 1174247 1194547 929900 955131 966304 CVE-2011-1898 CVE-2012-0029 CVE-2012-0217 CVE-2012-2625 CVE-2012-3432 CVE-2012-3433 CVE-2012-4411 CVE-2012-4535 CVE-2012-4536 CVE-2012-4537 CVE-2012-4538 CVE-2012-4539 CVE-2012-4544 CVE-2012-5510 CVE-2012-5511 CVE-2012-5513 CVE-2012-5514 CVE-2012-5515 CVE-2012-5525 CVE-2012-5634 CVE-2012-6075 CVE-2013-0151 CVE-2013-0152 CVE-2013-0153 CVE-2013-1442 CVE-2013-1917 CVE-2013-1918 CVE-2013-1919 CVE-2013-1922 CVE-2013-1952 CVE-2013-2007 CVE-2013-3495 CVE-2013-4355 CVE-2013-4356 CVE-2013-4361 CVE-2013-4375 CVE-2013-4416 CVE-2013-4494 CVE-2013-4533 CVE-2013-4534 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4551 CVE-2013-4553 CVE-2013-4554 CVE-2013-7038 CVE-2013-7039 CVE-2014-0222 CVE-2014-3124 CVE-2014-3640 CVE-2014-3672 CVE-2014-5146 CVE-2014-5149 CVE-2014-6268 CVE-2014-7154 CVE-2014-7155 CVE-2014-7156 CVE-2014-7188 CVE-2014-7815 CVE-2015-1779 CVE-2015-3259 CVE-2015-3340 CVE-2015-3456 CVE-2015-4037 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106 CVE-2015-5154 CVE-2015-5239 CVE-2015-5278 CVE-2015-5307 CVE-2015-6815 CVE-2015-6855 CVE-2015-7311 CVE-2015-7504 CVE-2015-7512 CVE-2015-7549 CVE-2015-7835 CVE-2015-7969 CVE-2015-7970 CVE-2015-7971 CVE-2015-7972 CVE-2015-8104 CVE-2015-8339 CVE-2015-8340 CVE-2015-8341 CVE-2015-8345 CVE-2015-8504 CVE-2015-8550 CVE-2015-8554 CVE-2015-8555 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8615 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-10013 CVE-2016-10024 CVE-2016-10025 CVE-2016-1568 CVE-2016-1570 CVE-2016-1571 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-2270 CVE-2016-2271 CVE-2016-2391 CVE-2016-2392 CVE-2016-2538 CVE-2016-2841 CVE-2016-4439 CVE-2016-4441 CVE-2016-5238 CVE-2016-5338 CVE-2016-6258 CVE-2016-6259 CVE-2016-6351 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 CVE-2016-7777 CVE-2016-7908 CVE-2016-7909 CVE-2016-8667 CVE-2016-8669 CVE-2016-8910 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9384 CVE-2016-9385 CVE-2016-9386 CVE-2016-9637 CVE-2016-9921 CVE-2016-9922 CVE-2016-9932 CVE-2017-2615 CVE-2017-2620 CVE-2017-6505 CVE-2017-8309 CVE-2017-9330 CVE-2018-1063 CVE-2018-1288 CVE-2018-14526 CVE-2018-14574 CVE-2018-15518 CVE-2018-16884 CVE-2018-18074 CVE-2018-19873 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2657 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2019-0155 CVE-2019-12525 CVE-2019-12529 CVE-2019-13345 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14835 CVE-2019-14895 CVE-2019-14901 CVE-2019-15666 CVE-2019-16746 CVE-2019-18680 CVE-2019-19447 CVE-2019-9458 CVE-2019-9928 CVE-2020-10757 CVE-2020-11668 CVE-2020-14331 CVE-2020-14422 CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22744 CVE-2022-22745 CVE-2022-22746 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 SUSE-SU-2018:0743-1 SUSE-SU-2018:0926-1 SUSE-SU-2018:3549-1 SUSE-SU-2018:3563-1 SUSE-SU-2019:1088-1 SUSE-SU-2019:1600-1 SUSE-SU-2019:2089-1 SUSE-SU-2020:0555-1 SUSE-SU-2020:2157-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND mozilla-nspr-4.19-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND squid-4.11-lp151.2.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.20-38.16 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.20-38.16 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.20-38.16 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.20-38.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND python-ipaddress-1.0.18-3.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libQt5Concurrent5-5.6.1-17.6 is installed OR libQt5Core5-5.6.1-17.6 is installed OR libQt5DBus5-5.6.1-17.6 is installed OR libQt5Gui5-5.6.1-17.6 is installed OR libQt5Network5-5.6.1-17.6 is installed OR libQt5OpenGL5-5.6.1-17.6 is installed OR libQt5PrintSupport5-5.6.1-17.6 is installed OR libQt5Sql5-5.6.1-17.6 is installed OR libQt5Sql5-mysql-5.6.1-17.6 is installed OR libQt5Sql5-postgresql-5.6.1-17.6 is installed OR libQt5Sql5-sqlite-5.6.1-17.6 is installed OR libQt5Sql5-unixODBC-5.6.1-17.6 is installed OR libQt5Test5-5.6.1-17.6 is installed OR libQt5Widgets5-5.6.1-17.6 is installed OR libQt5Xml5-5.6.1-17.6 is installed OR libqt5-qtbase-5.6.1-17.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND wpa_supplicant-2.6-15.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libmicrohttpd10-0.9.30-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-91.5.0-112.86.1 is installed OR MozillaFirefox-devel-91.5.0-112.86.1 is installed OR MozillaFirefox-translations-common-91.5.0-112.86.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fontconfig-2.11.1-7 is installed OR fontconfig-32bit-2.11.1-7 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-Django-1.11.11-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
BACK