Oval Definition:oval:org.opensuse.security:def:6233
Revision Date:2021-11-19Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

MozillaFirefox was updated to Extended Support Release 91.3.0 ESR

Fixed: Various stability, functionality, and security fixes

MFSA 2021-49 (bsc#1192250)

* CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:unixClass:patch
Status:Reference(s):1192250
CVE-2007-4129
CVE-2008-4989
CVE-2011-1097
CVE-2011-2513
CVE-2011-2514
CVE-2011-3377
CVE-2011-4128
CVE-2012-0390
CVE-2012-1152
CVE-2012-1569
CVE-2012-1573
CVE-2012-2738
CVE-2012-3422
CVE-2012-3423
CVE-2012-4510
CVE-2012-4540
CVE-2013-1926
CVE-2013-1927
CVE-2013-4349
CVE-2013-6370
CVE-2013-6371
CVE-2013-6393
CVE-2014-0092
CVE-2014-0107
CVE-2014-1959
CVE-2014-2525
CVE-2014-2855
CVE-2014-3466
CVE-2014-3675
CVE-2014-3676
CVE-2014-3677
CVE-2014-8169
CVE-2014-8242
CVE-2014-8564
CVE-2014-8964
CVE-2014-9130
CVE-2014-9512
CVE-2015-0294
CVE-2015-2325
CVE-2015-2327
CVE-2015-2328
CVE-2015-3210
CVE-2015-3217
CVE-2015-3622
CVE-2015-5073
CVE-2015-5234
CVE-2015-5235
CVE-2015-6251
CVE-2015-8380
CVE-2015-8872
CVE-2016-1283
CVE-2016-3191
CVE-2016-3698
CVE-2016-4804
CVE-2016-7444
CVE-2016-8610
CVE-2017-10790
CVE-2017-16548
CVE-2017-17433
CVE-2017-17434
CVE-2017-5335
CVE-2017-5336
CVE-2017-5337
CVE-2018-10844
CVE-2018-10845
CVE-2018-10846
CVE-2018-5764
CVE-2021-38503
CVE-2021-38504
CVE-2021-38505
CVE-2021-38506
CVE-2021-38507
CVE-2021-38508
CVE-2021-38509
CVE-2021-38510
Platform(s):openSUSE 13.1
openSUSE 13.1 NonFree
openSUSE 13.2
openSUSE 13.2 NonFree
openSUSE Leap 42.1
SUSE Linux Enterprise Build System Kit 12 SP1
SUSE Linux Enterprise Build System Kit 12 SP2
SUSE Linux Enterprise Build System Kit 12 SP3
SUSE Linux Enterprise Build System Kit 12 SP4
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for High Performance Computing 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP1 is installed
  • AND Package Information
  • libreoffice-5.1.5.2-29 is installed
  • OR libreoffice-sdk-5.1.5.2-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP2 is installed
  • AND kernel-zfcpdump-4.4.74-92.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP3 is installed
  • AND kernel-zfcpdump-4.4.82-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP4 is installed
  • AND Package Information
  • libudev-mini-devel-228-150.53 is installed
  • OR libudev-mini1-228-150.53 is installed
  • OR systemd-mini-228-150.53 is installed
  • OR systemd-mini-devel-228-150.53 is installed
  • OR udev-mini-228-150.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND cifs-utils-5.1-0.7.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • ImageMagick-6.4.3.6-7.30.1 is installed
  • OR libMagick++1-6.4.3.6-7.30.1 is installed
  • OR libMagickCore1-6.4.3.6-7.30.1 is installed
  • OR libMagickCore1-32bit-6.4.3.6-7.30.1 is installed
  • OR libMagickWand1-6.4.3.6-7.30.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • cpio-2.11-29 is installed
  • OR cpio-lang-2.11-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND xalan-j2-2.7.0-264 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND autofs-5.0.9-21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND autofs-5.0.9-28.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_61-52_69-default-2-4 is installed
  • OR kgraft-patch-3_12_61-52_69-xen-2-4 is installed
  • OR kgraft-patch-SLE12_Update_20-2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.48 is installed
  • OR kernel-default-base-3.12.74-60.64.48 is installed
  • OR kernel-default-devel-3.12.74-60.64.48 is installed
  • OR kernel-devel-3.12.74-60.64.48 is installed
  • OR kernel-macros-3.12.74-60.64.48 is installed
  • OR kernel-source-3.12.74-60.64.48 is installed
  • OR kernel-syms-3.12.74-60.64.48 is installed
  • OR kernel-xen-3.12.74-60.64.48 is installed
  • OR kernel-xen-base-3.12.74-60.64.48 is installed
  • OR kernel-xen-devel-3.12.74-60.64.48 is installed
  • OR kgraft-patch-3_12_74-60_64_48-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_48-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_17-1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND Package Information
  • libpacemaker3-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-cli-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-cts-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-remote-1.1.19+20180928.0d2680780-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND Package Information
  • audiofile-0.3.6-11.3 is installed
  • OR libaudiofile1-0.3.6-11.3 is installed
  • OR libaudiofile1-32bit-0.3.6-11.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-4_4_21-81-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_1-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_82-6_6-default-1-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_2-1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND python-setuptools-1.1.7-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 12 is installed
  • AND Package Information
  • libpmi0-17.02.9-6.10 is installed
  • OR libslurm29-16.05.8.1-6 is installed
  • OR libslurm31-17.02.9-6.10 is installed
  • OR pdsh-2.33-7.5 is installed
  • OR perl-slurm-17.02.9-6.10 is installed
  • OR slurm-17.02.9-6.10 is installed
  • OR slurm-auth-none-17.02.9-6.10 is installed
  • OR slurm-devel-17.02.9-6.10 is installed
  • OR slurm-doc-17.02.9-6.10 is installed
  • OR slurm-lua-17.02.9-6.10 is installed
  • OR slurm-munge-17.02.9-6.10 is installed
  • OR slurm-pam_slurm-17.02.9-6.10 is installed
  • OR slurm-plugins-17.02.9-6.10 is installed
  • OR slurm-sched-wiki-17.02.9-6.10 is installed
  • OR slurm-slurmdb-direct-17.02.9-6.10 is installed
  • OR slurm-slurmdbd-17.02.9-6.10 is installed
  • OR slurm-sql-17.02.9-6.10 is installed
  • OR slurm-torque-17.02.9-6.10 is installed
  • OR slurmlibs-16.05.8.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • cups154-1.5.4-5 is installed
  • OR cups154-client-1.5.4-5 is installed
  • OR cups154-filters-1.5.4-5 is installed
  • OR cups154-libs-1.5.4-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND python-PyYAML-3.10-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php7-7.0.7-15 is installed
  • OR php7-7.0.7-15 is installed
  • OR php7-bcmath-7.0.7-15 is installed
  • OR php7-bz2-7.0.7-15 is installed
  • OR php7-calendar-7.0.7-15 is installed
  • OR php7-ctype-7.0.7-15 is installed
  • OR php7-curl-7.0.7-15 is installed
  • OR php7-dba-7.0.7-15 is installed
  • OR php7-dom-7.0.7-15 is installed
  • OR php7-enchant-7.0.7-15 is installed
  • OR php7-exif-7.0.7-15 is installed
  • OR php7-fastcgi-7.0.7-15 is installed
  • OR php7-fileinfo-7.0.7-15 is installed
  • OR php7-fpm-7.0.7-15 is installed
  • OR php7-ftp-7.0.7-15 is installed
  • OR php7-gd-7.0.7-15 is installed
  • OR php7-gettext-7.0.7-15 is installed
  • OR php7-gmp-7.0.7-15 is installed
  • OR php7-iconv-7.0.7-15 is installed
  • OR php7-imap-7.0.7-15 is installed
  • OR php7-intl-7.0.7-15 is installed
  • OR php7-json-7.0.7-15 is installed
  • OR php7-ldap-7.0.7-15 is installed
  • OR php7-mbstring-7.0.7-15 is installed
  • OR php7-mcrypt-7.0.7-15 is installed
  • OR php7-mysql-7.0.7-15 is installed
  • OR php7-odbc-7.0.7-15 is installed
  • OR php7-opcache-7.0.7-15 is installed
  • OR php7-openssl-7.0.7-15 is installed
  • OR php7-pcntl-7.0.7-15 is installed
  • OR php7-pdo-7.0.7-15 is installed
  • OR php7-pear-7.0.7-15 is installed
  • OR php7-pear-Archive_Tar-7.0.7-15 is installed
  • OR php7-pgsql-7.0.7-15 is installed
  • OR php7-phar-7.0.7-15 is installed
  • OR php7-posix-7.0.7-15 is installed
  • OR php7-pspell-7.0.7-15 is installed
  • OR php7-shmop-7.0.7-15 is installed
  • OR php7-snmp-7.0.7-15 is installed
  • OR php7-soap-7.0.7-15 is installed
  • OR php7-sockets-7.0.7-15 is installed
  • OR php7-sqlite-7.0.7-15 is installed
  • OR php7-sysvmsg-7.0.7-15 is installed
  • OR php7-sysvsem-7.0.7-15 is installed
  • OR php7-sysvshm-7.0.7-15 is installed
  • OR php7-tokenizer-7.0.7-15 is installed
  • OR php7-wddx-7.0.7-15 is installed
  • OR php7-xmlreader-7.0.7-15 is installed
  • OR php7-xmlrpc-7.0.7-15 is installed
  • OR php7-xmlwriter-7.0.7-15 is installed
  • OR php7-xsl-7.0.7-15 is installed
  • OR php7-zip-7.0.7-15 is installed
  • OR php7-zlib-7.0.7-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND Package Information
  • libopensc2-0.11.6-5.25.1 is installed
  • OR libopensc2-32bit-0.11.6-5.25.1 is installed
  • OR libopensc2-x86-0.11.6-5.25.1 is installed
  • OR opensc-0.11.6-5.25.1 is installed
  • OR opensc-32bit-0.11.6-5.25.1 is installed
  • OR opensc-x86-0.11.6-5.25.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND amavisd-new-2.7.0-18.7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • kdelibs4-4.3.5-0.14.1 is installed
  • OR kdelibs4-core-4.3.5-0.14.1 is installed
  • OR kdelibs4-doc-4.3.5-0.14.1 is installed
  • OR libkde4-4.3.5-0.14.1 is installed
  • OR libkde4-32bit-4.3.5-0.14.1 is installed
  • OR libkde4-x86-4.3.5-0.14.1 is installed
  • OR libkdecore4-4.3.5-0.14.1 is installed
  • OR libkdecore4-32bit-4.3.5-0.14.1 is installed
  • OR libkdecore4-x86-4.3.5-0.14.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • kdelibs4-4.3.5-0.14.1 is installed
  • OR kdelibs4-core-4.3.5-0.14.1 is installed
  • OR kdelibs4-doc-4.3.5-0.14.1 is installed
  • OR libkde4-4.3.5-0.14.1 is installed
  • OR libkde4-32bit-4.3.5-0.14.1 is installed
  • OR libkde4-x86-4.3.5-0.14.1 is installed
  • OR libkdecore4-4.3.5-0.14.1 is installed
  • OR libkdecore4-32bit-4.3.5-0.14.1 is installed
  • OR libkdecore4-x86-4.3.5-0.14.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • mozilla-xulrunner192-1.9.2.27-0.2.1 is installed
  • OR mozilla-xulrunner192-32bit-1.9.2.27-0.2.1 is installed
  • OR mozilla-xulrunner192-gnome-1.9.2.27-0.2.1 is installed
  • OR mozilla-xulrunner192-translations-1.9.2.27-0.2.1 is installed
  • OR mozilla-xulrunner192-x86-1.9.2.27-0.2.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • MozillaFirefox-31.7.0esr-0.8.1 is installed
  • OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • automake-1.13.4-4 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • gpgme-1.5.1-1 is installed
  • OR libgpgme11-1.5.1-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND binutils-2.26.1-9.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND autofs-5.0.9-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_nss-1.0.14-19.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • rsyslog-8.4.0-14 is installed
  • OR rsyslog-diag-tools-8.4.0-14 is installed
  • OR rsyslog-doc-8.4.0-14 is installed
  • OR rsyslog-module-gssapi-8.4.0-14 is installed
  • OR rsyslog-module-gtls-8.4.0-14 is installed
  • OR rsyslog-module-mysql-8.4.0-14 is installed
  • OR rsyslog-module-pgsql-8.4.0-14 is installed
  • OR rsyslog-module-relp-8.4.0-14 is installed
  • OR rsyslog-module-snmp-8.4.0-14 is installed
  • OR rsyslog-module-udpspoof-8.4.0-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_98-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_26-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
  • AND automake-1.10.1-4.131.9.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • bind-9.9.6P1-0.22.1 is installed
  • OR bind-devel-9.9.6P1-0.22.1 is installed
  • OR bind-devel-32bit-9.9.6P1-0.22.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • ant-1.7.1-20.11.1 is installed
  • OR ant-antlr-1.7.1-16.11.1 is installed
  • OR ant-apache-bcel-1.7.1-16.11.1 is installed
  • OR ant-apache-bsf-1.7.1-16.11.1 is installed
  • OR ant-apache-log4j-1.7.1-16.11.1 is installed
  • OR ant-apache-oro-1.7.1-16.11.1 is installed
  • OR ant-apache-regexp-1.7.1-16.11.1 is installed
  • OR ant-apache-resolver-1.7.1-16.11.1 is installed
  • OR ant-commons-logging-1.7.1-16.11.1 is installed
  • OR ant-javadoc-1.7.1-20.11.1 is installed
  • OR ant-javamail-1.7.1-16.11.1 is installed
  • OR ant-jdepend-1.7.1-16.11.1 is installed
  • OR ant-jmf-1.7.1-16.11.1 is installed
  • OR ant-junit-1.7.1-16.11.1 is installed
  • OR ant-manual-1.7.1-20.11.1 is installed
  • OR ant-nodeps-1.7.1-16.11.1 is installed
  • OR ant-scripts-1.7.1-20.11.1 is installed
  • OR ant-swing-1.7.1-16.11.1 is installed
  • OR ant-trax-1.7.1-16.11.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-5 is installed
  • OR ImageMagick-devel-6.8.8.1-5 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-5 is installed
  • OR libMagick++-devel-6.8.8.1-5 is installed
  • OR perl-PerlMagick-6.8.8.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND alsa-devel-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND MozillaFirefox-devel-45.4.0esr-81 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-70 is installed
  • OR ImageMagick-devel-6.8.8.1-70 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-70 is installed
  • OR libMagick++-devel-6.8.8.1-70 is installed
  • OR perl-PerlMagick-6.8.8.1-70 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND cairo-devel-1.15.2-25.3 is installed
    • BACK