Oval Definition:oval:org.opensuse.security:def:65326
Revision Date:2021-12-10Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

Update to Extended Support Release 91.4.0 (bsc#1193485):

- CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43539: GC rooting failure when calling wasm instance methods - CVE-2021-43541: External protocol handler parameters were unescaped - CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler - CVE-2021-43543: Bypass of CSP sandbox directive when embedding - CVE-2021-43545: Denial of Service when using the Location API in a loop - CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed - Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 - Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
Family:unixClass:patch
Status:Reference(s):1121567
1123360
1124957
1125080
1125899
1131984
1132396
1133139
1133461
1135030
1135219
1135221
1135388
1136110
1164903
1178750
1178752
1178753
1193321
1193485
CVE-2018-16889
CVE-2019-3821
CVE-2020-28362
CVE-2020-28366
CVE-2020-28367
CVE-2021-43536
CVE-2021-43537
CVE-2021-43538
CVE-2021-43539
CVE-2021-43541
CVE-2021-43542
CVE-2021-43543
CVE-2021-43545
CVE-2021-43546
SUSE-SU-2019:2049-1
SUSE-SU-2020:3369-1
SUSE-SU-2021:3993-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • go1.14-1.14.12-1.26 is installed
  • OR go1.14-doc-1.14.12-1.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • ceph-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-base-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-fuse-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-grafana-dashboards-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mds-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mgr-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mgr-dashboard-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mgr-diskprediction-cloud-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mgr-diskprediction-local-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mgr-rook-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mgr-ssh-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-mon-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-osd-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-radosgw-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR ceph-test-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR cephfs-shell-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR rbd-fuse-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR rbd-mirror-14.2.1.468+g994fd9e0cc-3.3 is installed
  • OR rbd-nbd-14.2.1.468+g994fd9e0cc-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed
  • AND Package Information
  • MozillaFirefox-91.4.0-152.9.1 is installed
  • OR MozillaFirefox-devel-91.4.0-152.9.1 is installed
  • OR MozillaFirefox-translations-common-91.4.0-152.9.1 is installed
  • OR MozillaFirefox-translations-other-91.4.0-152.9.1 is installed
    • BACK