OVAL Reference oval:org.opensuse.security:def:59576

Oval Definition:

oval:org.opensuse.security:def:59576

Revision Date:	2021-12-12	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: Update to Extended Support Release 91.4.0 (bsc#1193485): - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43539: GC rooting failure when calling wasm instance methods - CVE-2021-43541: External protocol handler parameters were unescaped - CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler - CVE-2021-43543: Bypass of CSP sandbox directive when embedding - CVE-2021-43545: Denial of Service when using the Location API in a loop - CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed - Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 - Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
Family:	unix	Class:	patch
Status:		Reference(s):	1012382 1023175 1026236 1042286 1060031 1065600 1065726 1068664 1070805 1073748 1077717 1082858 1084721 1086095 1086535 1091158 1091171 1091197 1094825 1095344 1098996 1098998 1099523 1099597 1100105 1101410 1101412 1101555 1101654 1103040 1103624 1104731 1105025 1105931 1106293 1107256 1107299 1107385 1107832 1107866 1108145 1108498 1109330 1109847 1110233 1110286 1110837 1111062 1113192 1113751 1113769 1114190 1114648 1114674 1114763 1114988 1115433 1115440 1116027 1116183 1116345 1117080 1117186 1117187 1117840 1118152 1118319 1119714 1119946 1119947 1120743 1120758 1121621 1122191 1123157 1123161 1123191 1124211 1126140 1126141 1126192 1126195 1126196 1126198 1126201 1127400 1129623 1133191 1136446 1136935 1137597 1141493 1148158 1152007 1154235 1155089 1155942 1156305 1156669 1156914 1157028 1157206 1157482 1158675 1159208 1159623 1160048 1160878 1160883 1160895 1160912 1161351 1161517 1162388 1173998 1174157 1193321 1193485 CVE-2009-0316 CVE-2012-0876 CVE-2015-3451 CVE-2016-0718 CVE-2016-1248 CVE-2016-4472 CVE-2016-9063 CVE-2017-1000158 CVE-2017-1002201 CVE-2017-12652 CVE-2017-14604 CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 CVE-2017-9233 CVE-2018-0360 CVE-2018-0361 CVE-2018-1000085 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-14633 CVE-2018-14647 CVE-2018-14679 CVE-2018-16862 CVE-2018-16884 CVE-2018-17182 CVE-2018-17954 CVE-2018-18281 CVE-2018-18311 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19967 CVE-2018-19985 CVE-2018-20169 CVE-2018-5156 CVE-2018-5188 CVE-2018-9516 CVE-2018-9568 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-13117 CVE-2019-16770 CVE-2019-18901 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2019-2938 CVE-2019-2974 CVE-2019-3459 CVE-2019-3460 CVE-2019-3846 CVE-2019-5010 CVE-2019-6778 CVE-2019-7317 CVE-2019-9824 CVE-2020-13753 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-2574 CVE-2020-7595 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 SUSE-SU-2018:2058-1 SUSE-SU-2018:2322-1 SUSE-SU-2018:2323-1 SUSE-SU-2019:0439-1 SUSE-SU-2019:0921-1 SUSE-SU-2019:2264-1 SUSE-SU-2019:3060-2 SUSE-SU-2020:0497-1 SUSE-SU-2020:0640-1 SUSE-SU-2020:2069-1 SUSE-SU-2020:2861-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libpulse-mainloop-glib0-11.1-lp150.4 is installed OR libpulse0-11.1-lp150.4 is installed OR pulseaudio-11.1-lp150.4 is installed OR pulseaudio-bash-completion-11.1-lp150.4 is installed OR pulseaudio-lang-11.1-lp150.4 is installed OR pulseaudio-module-bluetooth-11.1-lp150.4 is installed OR pulseaudio-module-gconf-11.1-lp150.4 is installed OR pulseaudio-module-jack-11.1-lp150.4 is installed OR pulseaudio-module-lirc-11.1-lp150.4 is installed OR pulseaudio-module-x11-11.1-lp150.4 is installed OR pulseaudio-module-zeroconf-11.1-lp150.4 is installed OR pulseaudio-utils-11.1-lp150.4 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND system-user-root-20190513-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.101 is installed OR kernel-default-base-4.4.121-92.101 is installed OR kernel-default-devel-4.4.121-92.101 is installed OR kernel-devel-4.4.121-92.101 is installed OR kernel-macros-4.4.121-92.101 is installed OR kernel-source-4.4.121-92.101 is installed OR kernel-syms-4.4.121-92.101 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gvim-7.4.326-16 is installed OR vim-7.4.326-16 is installed OR vim-data-7.4.326-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_10-3.71 is installed OR xen-doc-html-4.9.4_10-3.71 is installed OR xen-libs-4.9.4_10-3.71 is installed OR xen-libs-32bit-4.9.4_10-3.71 is installed OR xen-tools-4.9.4_10-3.71 is installed OR xen-tools-domU-4.9.4_10-3.71 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND squid-3.5.21-26.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information MozillaFirefox-91.4.0-112.83.1 is installed OR MozillaFirefox-devel-91.4.0-112.83.1 is installed OR MozillaFirefox-translations-common-91.4.0-112.83.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-core-5.0+git.1582968668.1a55c77c5-3.35 is installed OR crowbar-core-branding-upstream-5.0+git.1582968668.1a55c77c5-3.35 is installed OR crowbar-ha-5.0+git.1574286229.e0364c3-3.29 is installed OR crowbar-openstack-5.0+git.1582911795.5081ef1da-4.34 is installed OR crowbar-ui-1.2.0+git.1575896697.a01a3a08-3.15 is installed OR keepalived-2.0.19-3.6 is installed OR mariadb-10.2.31-4.17 is installed OR mariadb-client-10.2.31-4.17 is installed OR mariadb-errormessages-10.2.31-4.17 is installed OR mariadb-galera-10.2.31-4.17 is installed OR mariadb-tools-10.2.31-4.17 is installed OR openstack-cinder-11.2.3~dev23-3.24 is installed OR openstack-cinder-api-11.2.3~dev23-3.24 is installed OR openstack-cinder-backup-11.2.3~dev23-3.24 is installed OR openstack-cinder-doc-11.2.3~dev23-3.24 is installed OR openstack-cinder-scheduler-11.2.3~dev23-3.24 is installed OR openstack-cinder-volume-11.2.3~dev23-3.24 is installed OR openstack-dashboard-12.0.5~dev2-3.23 is installed OR openstack-dashboard-theme-SUSE-2017.2+git.1573629528.6b21fa5-7.14 is installed OR openstack-heat-9.0.8~dev22-3.27 is installed OR openstack-heat-api-9.0.8~dev22-3.27 is installed OR openstack-heat-api-cfn-9.0.8~dev22-3.27 is installed OR openstack-heat-api-cloudwatch-9.0.8~dev22-3.27 is installed OR openstack-heat-doc-9.0.8~dev22-3.27 is installed OR openstack-heat-engine-9.0.8~dev22-3.27 is installed OR openstack-heat-plugin-heat_docker-9.0.8~dev22-3.27 is installed OR openstack-heat-templates-0.0.0+git.1560033670.e3b5a52-3.12 is installed OR openstack-heat-test-9.0.8~dev22-3.27 is installed OR openstack-horizon-plugin-designate-ui-5.0.3~dev2-3.9 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-3.0.3~dev5-3.14 is installed OR openstack-ironic-9.1.8~dev8-3.24 is installed OR openstack-ironic-api-9.1.8~dev8-3.24 is installed OR openstack-ironic-conductor-9.1.8~dev8-3.24 is installed OR openstack-ironic-doc-9.1.8~dev8-3.24 is installed OR openstack-keystone-12.0.4~dev5-5.30 is installed OR openstack-keystone-doc-12.0.4~dev5-5.30 is installed OR openstack-monasca-agent-2.2.5~dev5-3.15 is installed OR openstack-neutron-11.0.9~dev60-3.27 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev60-3.27 is installed OR openstack-neutron-doc-11.0.9~dev60-3.27 is installed OR openstack-neutron-gbp-7.3.1~dev72-3.12 is installed OR openstack-neutron-ha-tool-11.0.9~dev60-3.27 is installed OR openstack-neutron-l3-agent-11.0.9~dev60-3.27 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev60-3.27 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev60-3.27 is installed OR openstack-neutron-metadata-agent-11.0.9~dev60-3.27 is installed OR openstack-neutron-metering-agent-11.0.9~dev60-3.27 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev60-3.27 is installed OR openstack-neutron-server-11.0.9~dev60-3.27 is installed OR openstack-neutron-vsphere-2.0.1~dev133-3.12 is installed OR openstack-neutron-vsphere-doc-2.0.1~dev133-3.12 is installed OR openstack-neutron-vsphere-dvs-agent-2.0.1~dev133-3.12 is installed OR openstack-neutron-vsphere-ovsvapp-agent-2.0.1~dev133-3.12 is installed OR openstack-nova-16.1.9~dev49-3.32 is installed OR openstack-nova-api-16.1.9~dev49-3.32 is installed OR openstack-nova-cells-16.1.9~dev49-3.32 is installed OR openstack-nova-compute-16.1.9~dev49-3.32 is installed OR openstack-nova-conductor-16.1.9~dev49-3.32 is installed OR openstack-nova-console-16.1.9~dev49-3.32 is installed OR openstack-nova-consoleauth-16.1.9~dev49-3.32 is installed OR openstack-nova-doc-16.1.9~dev49-3.32 is installed OR openstack-nova-novncproxy-16.1.9~dev49-3.32 is installed OR openstack-nova-placement-api-16.1.9~dev49-3.32 is installed OR openstack-nova-scheduler-16.1.9~dev49-3.32 is installed OR openstack-nova-serialproxy-16.1.9~dev49-3.32 is installed OR openstack-nova-vncproxy-16.1.9~dev49-3.32 is installed OR openstack-octavia-1.0.6~dev3-4.21 is installed OR openstack-octavia-amphora-agent-1.0.6~dev3-4.21 is installed OR openstack-octavia-amphora-image-0.1.2-3.9 is installed OR openstack-octavia-amphora-image-x86_64-0.1.2-3.9 is installed OR openstack-octavia-api-1.0.6~dev3-4.21 is installed OR openstack-octavia-health-manager-1.0.6~dev3-4.21 is installed OR openstack-octavia-housekeeping-1.0.6~dev3-4.21 is installed OR openstack-octavia-worker-1.0.6~dev3-4.21 is installed OR openstack-resource-agents-1.0+git.1569436425.8b9c49f-3.3 is installed OR openstack-sahara-7.0.5~dev4-3.12 is installed OR openstack-sahara-api-7.0.5~dev4-3.12 is installed OR openstack-sahara-doc-7.0.5~dev4-3.12 is installed OR openstack-sahara-engine-7.0.5~dev4-3.12 is installed OR openstack-trove-8.0.2~dev2-3.12 is installed OR openstack-trove-api-8.0.2~dev2-3.12 is installed OR openstack-trove-conductor-8.0.2~dev2-3.12 is installed OR openstack-trove-doc-8.0.2~dev2-3.12 is installed OR openstack-trove-guestagent-8.0.2~dev2-3.12 is installed OR openstack-trove-taskmanager-8.0.2~dev2-3.12 is installed OR python-cinder-11.2.3~dev23-3.24 is installed OR python-congressclient-1.8.1-3.3 is installed OR python-designateclient-2.7.1-3.3 is installed OR python-designateclient-doc-2.7.1-3.3 is installed OR python-freezegun-0.3.9-1.3 is installed OR python-heat-9.0.8~dev22-3.27 is installed OR python-horizon-12.0.5~dev2-3.23 is installed OR python-horizon-plugin-designate-ui-5.0.3~dev2-3.9 is installed OR python-horizon-plugin-neutron-lbaas-ui-3.0.3~dev5-3.14 is installed OR python-ironic-9.1.8~dev8-3.24 is installed OR python-ironic-lib-2.10.2-3.3 is installed OR python-keystone-12.0.4~dev5-5.30 is installed OR python-monasca-agent-2.2.5~dev5-3.15 is installed OR python-networking-cisco-6.1.1~dev65-3.3 is installed OR python-networking-vsphere-2.0.1~dev133-3.12 is installed OR python-neutron-11.0.9~dev60-3.27 is installed OR python-neutron-gbp-7.3.1~dev72-3.12 is installed OR python-nova-16.1.9~dev49-3.32 is installed OR python-octavia-1.0.6~dev3-4.21 is installed OR python-osc-lib-1.7.1-3.3 is installed OR python-oslo.context-2.17.2-3.3 is installed OR python-oslo.rootwrap-5.9.3-3.3 is installed OR python-oslo.serialization-2.20.3-3.3 is installed OR python-oslo.service-1.25.2-3.3 is installed OR python-sahara-7.0.5~dev4-3.12 is installed OR python-stevedore-1.25.2-3.3 is installed OR python-taskflow-2.14.2-3.3 is installed OR python-trove-8.0.2~dev2-3.12 is installed OR ruby2.1-rubygem-crowbar-client-3.9.1-3.9 is installed OR ruby2.1-rubygem-puma-2.16.0-3.3 is installed OR rubygem-crowbar-client-3.9.1-3.9 is installed OR rubygem-puma-2.16.0-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed

BACK