OVAL Reference oval:org.opensuse.security:def:6261

Oval Definition:

oval:org.opensuse.security:def:6261

Revision Date:	2021-12-10	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: Update to Extended Support Release 91.4.0 (bsc#1193485): - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43539: GC rooting failure when calling wasm instance methods - CVE-2021-43541: External protocol handler parameters were unescaped - CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler - CVE-2021-43543: Bypass of CSP sandbox directive when embedding - CVE-2021-43545: Denial of Service when using the Location API in a loop - CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed - Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 - Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
Family:	unix	Class:	patch
Status:		Reference(s):	1193321 1193485 CVE-2006-7250 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-1892 CVE-2009-3245 CVE-2009-3555 CVE-2009-4355 CVE-2009-5146 CVE-2010-0740 CVE-2010-2156 CVE-2010-2939 CVE-2010-3609 CVE-2010-3611 CVE-2010-3616 CVE-2010-3864 CVE-2010-4180 CVE-2010-4252 CVE-2011-0014 CVE-2011-0413 CVE-2011-0997 CVE-2011-2748 CVE-2011-2749 CVE-2011-3210 CVE-2011-3389 CVE-2011-4108 CVE-2011-4109 CVE-2011-4354 CVE-2011-4539 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2011-4868 CVE-2011-4944 CVE-2011-5095 CVE-2012-0050 CVE-2012-0845 CVE-2012-0884 CVE-2012-1150 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333 CVE-2012-3466 CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 CVE-2012-3955 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-1752 CVE-2013-1985 CVE-2013-2266 CVE-2013-4238 CVE-2014-0076 CVE-2014-0107 CVE-2014-0221 CVE-2014-0224 CVE-2014-2497 CVE-2014-2667 CVE-2014-3248 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-4650 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-8275 CVE-2014-9636 CVE-2014-9645 CVE-2014-9709 CVE-2014-9913 CVE-2015-0204 CVE-2015-0205 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3195 CVE-2015-3197 CVE-2015-3216 CVE-2015-3294 CVE-2015-4000 CVE-2015-5185 CVE-2015-7696 CVE-2015-7697 CVE-2015-8605 CVE-2016-0702 CVE-2016-0772 CVE-2016-0797 CVE-2016-0799 CVE-2016-0800 CVE-2016-1000110 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-2105 CVE-2016-2106 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-4912 CVE-2016-5116 CVE-2016-5636 CVE-2016-5699 CVE-2016-5759 CVE-2016-6128 CVE-2016-6132 CVE-2016-6153 CVE-2016-6161 CVE-2016-6207 CVE-2016-6214 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6354 CVE-2016-6905 CVE-2016-6906 CVE-2016-6911 CVE-2016-6912 CVE-2016-7056 CVE-2016-7567 CVE-2016-7568 CVE-2016-8610 CVE-2016-8670 CVE-2016-9317 CVE-2016-9844 CVE-2016-9933 CVE-2017-17833 CVE-2017-18207 CVE-2017-3144 CVE-2017-6362 CVE-2018-0732 CVE-2018-0737 CVE-2018-0739 CVE-2018-1000035 CVE-2018-1000222 CVE-2018-1060 CVE-2018-1061 CVE-2018-5711 CVE-2018-5732 CVE-2018-5733 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree openSUSE Leap 42.1 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE OpenStack Cloud 6	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.74-60.64.40 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.21-84 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND Package Information libreoffice-5.3.5.2-43.5 is installed OR libreoffice-sdk-5.3.5.2-43.5 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND Package Information mariadb-10.2.21-3.7 is installed OR mariadb-bench-10.2.21-3.7 is installed OR mariadb-test-10.2.21-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information acroread-9.5.5-0.5.5.1 is installed OR acroread-cmaps-9.4.6-0.4.5.1 is installed OR acroread-fonts-ja-9.4.6-0.4.5.1 is installed OR acroread-fonts-ko-9.4.6-0.4.5.1 is installed OR acroread-fonts-zh_CN-9.4.6-0.4.5.1 is installed OR acroread-fonts-zh_TW-9.4.6-0.4.5.1 is installed OR acroread_ja-9.4.2-0.4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-17.0.9esr-0.7.1 is installed OR MozillaFirefox-translations-17.0.9esr-0.7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libssh-0.6.3-4 is installed OR libssh4-0.6.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information MozillaFirefox-38.5.0esr-54 is installed OR MozillaFirefox-translations-38.5.0esr-54 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND busybox-1.21.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information dhcp-4.3.3-10.14 is installed OR dhcp-client-4.3.3-10.14 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND unrar-5.0.14-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information cluster-md-kmp-default-4.12.14-120 is installed OR dlm-kmp-default-4.12.14-120 is installed OR gfs2-kmp-default-4.12.14-120 is installed OR ocfs2-kmp-default-4.12.14-120 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information MozillaFirefox-68.1.0-109.92 is installed OR MozillaFirefox-translations-common-68.1.0-109.92 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-4_4_21-81-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_1-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_9-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_3-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information libopenssl0_9_8-0.9.8j-59 is installed OR libopenssl0_9_8-32bit-0.9.8j-59 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.43-52.6 is installed OR kernel-ec2-devel-3.12.43-52.6 is installed OR kernel-ec2-extra-3.12.43-52.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND python3-3.4.1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information openvpn-2.0.9-143.31 is installed OR openvpn-auth-pam-plugin-2.0.9-143.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information MozillaFirefox-10.0-0.3.2 is installed OR MozillaFirefox-translations-10.0-0.3.2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND libgcrypt11-1.5.0-0.17.1 is installed OR libgcrypt11-32bit-1.5.0-0.17.1 is installed OR libgcrypt11-x86-1.5.0-0.17.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND libgcrypt11-1.5.0-0.17.1 is installed OR libgcrypt11-32bit-1.5.0-0.17.1 is installed OR libgcrypt11-x86-1.5.0-0.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND apache2-mod_nss-1.0.8-0.4.13.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information coreutils-8.22-5 is installed OR coreutils-lang-8.22-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache2-2.4.16-5 is installed OR apache2-doc-2.4.16-5 is installed OR apache2-example-pages-2.4.16-5 is installed OR apache2-prefork-2.4.16-5 is installed OR apache2-utils-2.4.16-5 is installed OR apache2-worker-2.4.16-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND axis-1.4-290.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND wireshark-1.12.13-31 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND Package Information kgraft-patch-4_4_155-94_50-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_17-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information finch-2.6.6-0.19.1 is installed OR finch-devel-2.6.6-0.19.1 is installed OR libpurple-2.6.6-0.19.1 is installed OR libpurple-devel-2.6.6-0.19.1 is installed OR libpurple-lang-2.6.6-0.19.1 is installed OR pidgin-2.6.6-0.19.1 is installed OR pidgin-devel-2.6.6-0.19.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information MozillaFirefox-devel-24.5.0esr-0.8.1 is installed OR mozilla-nspr-devel-4.10.4-0.3.1 is installed OR mozilla-nss-devel-3.16-0.8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND cscope-15.6-95.22 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND cyrus-sasl-devel-2.1.26-7 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR ImageMagick-devel-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagick++-devel-6.8.8.1-8 is installed OR perl-PerlMagick-6.8.8.1-8 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND checkbashisms-2.12.6-3 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information ant-1.9.4-1 is installed OR ant-jmf-1.9.4-1 is installed OR ant-scripts-1.9.4-1 is installed OR ant-swing-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information FastCGI-2.4.0-168 is installed OR FastCGI-devel-2.4.0-168 is installed OR perl-FastCGI-2.4.0-168 is installed

BACK