Oval Definition:oval:org.opensuse.security:def:65261
Revision Date:2021-12-10Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

Update to Extended Support Release 91.4.0 (bsc#1193485):

- CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43539: GC rooting failure when calling wasm instance methods - CVE-2021-43541: External protocol handler parameters were unescaped - CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler - CVE-2021-43543: Bypass of CSP sandbox directive when embedding - CVE-2021-43545: Denial of Service when using the Location API in a loop - CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed - Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 - Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
Family:unixClass:patch
Status:Reference(s):1051510
1071995
1094555
1101888
1101889
1111666
1112374
1114279
1128432
1134730
1134738
1135153
1135296
1135642
1136156
1136157
1136271
1136333
1137103
1137194
1137366
1137884
1137985
1138263
1138336
1138374
1138375
1138589
1138681
1138719
1138732
1193321
1193485
CVE-2018-14394
CVE-2018-14395
CVE-2018-16871
CVE-2019-12614
CVE-2019-12817
CVE-2021-43536
CVE-2021-43537
CVE-2021-43538
CVE-2021-43539
CVE-2021-43541
CVE-2021-43542
CVE-2021-43543
CVE-2021-43545
CVE-2021-43546
SUSE-SU-2019:1299-2
SUSE-SU-2019:1744-1
SUSE-SU-2021:3993-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • kernel-docs-4.12.14-197.7 is installed
  • OR kernel-obs-build-4.12.14-197.7 is installed
  • OR kernel-source-4.12.14-197.7 is installed
  • OR kernel-syms-4.12.14-197.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.17 is installed
  • OR ffmpeg-private-devel-3.4.2-4.17 is installed
  • OR libavcodec57-32bit-3.4.2-4.17 is installed
  • OR libavdevice-devel-3.4.2-4.17 is installed
  • OR libavdevice57-3.4.2-4.17 is installed
  • OR libavdevice57-32bit-3.4.2-4.17 is installed
  • OR libavfilter-devel-3.4.2-4.17 is installed
  • OR libavfilter6-3.4.2-4.17 is installed
  • OR libavfilter6-32bit-3.4.2-4.17 is installed
  • OR libavformat57-32bit-3.4.2-4.17 is installed
  • OR libavresample3-32bit-3.4.2-4.17 is installed
  • OR libavutil55-32bit-3.4.2-4.17 is installed
  • OR libpostproc54-32bit-3.4.2-4.17 is installed
  • OR libswresample2-32bit-3.4.2-4.17 is installed
  • OR libswscale4-32bit-3.4.2-4.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • MozillaFirefox-91.4.0-152.9.1 is installed
  • OR MozillaFirefox-devel-91.4.0-152.9.1 is installed
  • OR MozillaFirefox-translations-common-91.4.0-152.9.1 is installed
  • OR MozillaFirefox-translations-other-91.4.0-152.9.1 is installed
    • BACK