Oval Definition:oval:org.opensuse.security:def:60496
Revision Date:2022-01-14Version:1
Title:Security update for MozillaFirefox (Important) (in QA)
Description:

This update for MozillaFirefox fixes the following issues:

- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).

This patch is currently in QA and not yet available for download.
Family:unixClass:patch
Status:Reference(s):1022917
1022918
1022919
1055478
1070737
1085130
1085671
1087059
1101820
1109663
1109847
1111657
1123156
1133204
1133205
1133498
1133501
1134075
1135232
1135236
1136183
1136732
1138425
1138459
1138464
1138748
1144524
1146848
1146873
1149792
1149811
1154862
1160024
1161066
1163018
1166240
1166847
1169659
1170313
1170423
1170940
1171252
1171254
1173160
1194547
981848
CVE-2013-4143
CVE-2013-6418
CVE-2015-1038
CVE-2016-10195
CVE-2016-10196
CVE-2016-10197
CVE-2016-2335
CVE-2017-12805
CVE-2017-12806
CVE-2018-1000802
CVE-2018-10903
CVE-2018-14647
CVE-2018-5125
CVE-2018-5127
CVE-2018-5129
CVE-2018-5130
CVE-2018-5131
CVE-2018-5144
CVE-2018-5145
CVE-2018-5146
CVE-2018-5147
CVE-2018-5148
CVE-2019-10131
CVE-2019-10160
CVE-2019-11470
CVE-2019-11472
CVE-2019-11505
CVE-2019-11506
CVE-2019-11597
CVE-2019-11598
CVE-2019-12068
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12524
CVE-2019-13456
CVE-2019-15890
CVE-2019-17185
CVE-2019-17498
CVE-2019-6778
CVE-2020-10745
CVE-2020-10745
CVE-2020-11945
CVE-2020-12653
CVE-2020-12654
CVE-2020-1711
CVE-2020-1983
CVE-2020-7039
CVE-2020-8608
CVE-2021-4140
CVE-2022-22737
CVE-2022-22738
CVE-2022-22739
CVE-2022-22740
CVE-2022-22741
CVE-2022-22742
CVE-2022-22743
CVE-2022-22744
CVE-2022-22745
CVE-2022-22746
CVE-2022-22747
CVE-2022-22748
CVE-2022-22751
SUSE-SU-2018:0200-1
SUSE-SU-2018:0850-1
SUSE-SU-2019:1712-1
SUSE-SU-2019:2053-1
SUSE-SU-2019:2936-1
SUSE-SU-2020:0792-1
SUSE-SU-2020:1227-1
SUSE-SU-2020:1538-1
SUSE-SU-2020:2066-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • java-11-openjdk-11.0.5.0-lp150.2.28 is installed
  • OR java-11-openjdk-accessibility-11.0.5.0-lp150.2.28 is installed
  • OR java-11-openjdk-demo-11.0.5.0-lp150.2.28 is installed
  • OR java-11-openjdk-devel-11.0.5.0-lp150.2.28 is installed
  • OR java-11-openjdk-headless-11.0.5.0-lp150.2.28 is installed
  • OR java-11-openjdk-javadoc-11.0.5.0-lp150.2.28 is installed
  • OR java-11-openjdk-jmods-11.0.5.0-lp150.2.28 is installed
  • OR java-11-openjdk-src-11.0.5.0-lp150.2.28 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libu2f-host-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-devel-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-doc-1.1.6-lp151.2.3 is installed
  • OR libu2f-host0-1.1.6-lp151.2.3 is installed
  • OR u2f-host-1.1.6-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-68.0.3618.63-lp151.2.15 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • chromedriver-84.0.4147.105-lp152.2.9 is installed
  • OR chromium-84.0.4147.105-lp152.2.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND p7zip-9.20.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • freeradius-server-3.0.15-2.14 is installed
  • OR freeradius-server-doc-3.0.15-2.14 is installed
  • OR freeradius-server-krb5-3.0.15-2.14 is installed
  • OR freeradius-server-ldap-3.0.15-2.14 is installed
  • OR freeradius-server-libs-3.0.15-2.14 is installed
  • OR freeradius-server-mysql-3.0.15-2.14 is installed
  • OR freeradius-server-perl-3.0.15-2.14 is installed
  • OR freeradius-server-postgresql-3.0.15-2.14 is installed
  • OR freeradius-server-python-3.0.15-2.14 is installed
  • OR freeradius-server-sqlite-3.0.15-2.14 is installed
  • OR freeradius-server-utils-3.0.15-2.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • qemu-2.9.1-6.44 is installed
  • OR qemu-arm-2.9.1-6.44 is installed
  • OR qemu-block-curl-2.9.1-6.44 is installed
  • OR qemu-block-iscsi-2.9.1-6.44 is installed
  • OR qemu-block-rbd-2.9.1-6.44 is installed
  • OR qemu-block-ssh-2.9.1-6.44 is installed
  • OR qemu-guest-agent-2.9.1-6.44 is installed
  • OR qemu-ipxe-1.0.0+-6.44 is installed
  • OR qemu-kvm-2.9.1-6.44 is installed
  • OR qemu-lang-2.9.1-6.44 is installed
  • OR qemu-ppc-2.9.1-6.44 is installed
  • OR qemu-s390-2.9.1-6.44 is installed
  • OR qemu-seabios-1.10.2-6.44 is installed
  • OR qemu-sgabios-8-6.44 is installed
  • OR qemu-tools-2.9.1-6.44 is installed
  • OR qemu-vgabios-1.10.2-6.44 is installed
  • OR qemu-x86-2.9.1-6.44 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gnome-shell-3.20.4-77.17 is installed
  • OR gnome-shell-browser-plugin-3.20.4-77.17 is installed
  • OR gnome-shell-lang-3.20.4-77.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • tomcat-9.0.36-3.45 is installed
  • OR tomcat-admin-webapps-9.0.36-3.45 is installed
  • OR tomcat-docs-webapp-9.0.36-3.45 is installed
  • OR tomcat-el-3_0-api-9.0.36-3.45 is installed
  • OR tomcat-javadoc-9.0.36-3.45 is installed
  • OR tomcat-jsp-2_3-api-9.0.36-3.45 is installed
  • OR tomcat-lib-9.0.36-3.45 is installed
  • OR tomcat-servlet-4_0-api-9.0.36-3.45 is installed
  • OR tomcat-webapps-9.0.36-3.45 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • MozillaFirefox-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-devel-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-translations-common-91.5.0-112.86.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND
  • MozillaFirefox-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-devel-91.5.0-112.86.1 is installed
  • OR MozillaFirefox-translations-common-91.5.0-112.86.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • xen-4.11.4_06-2.33 is installed
  • OR xen-doc-html-4.11.4_06-2.33 is installed
  • OR xen-libs-4.11.4_06-2.33 is installed
  • OR xen-libs-32bit-4.11.4_06-2.33 is installed
  • OR xen-tools-4.11.4_06-2.33 is installed
  • OR xen-tools-domU-4.11.4_06-2.33 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND squid-3.5.21-26.23 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • mariadb-10.2.29-3.22 is installed
  • OR mariadb-galera-10.2.29-3.22 is installed
    • BACK