Oval Definition:oval:org.opensuse.security:def:65332
Revision Date:2022-01-14Version:1
Title:Security update for MozillaFirefox (Important) (in QA)
Description:

This update for MozillaFirefox fixes the following issues:

- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).

This patch is currently in QA and not yet available for download.
Family:unixClass:patch
Status:Reference(s):1139884
1139885
1139886
1140100
1140102
1140103
1140104
1140105
1140106
1140110
1140111
1140501
1140513
1140520
1140534
1140538
1140543
1140545
1140547
1140549
1140552
1140554
1140664
1140665
1140666
1140667
1140668
1140669
1140673
1141171
1162224
1162367
1162423
1162825
1194547
CVE-2019-12974
CVE-2019-12975
CVE-2019-12976
CVE-2019-12977
CVE-2019-12978
CVE-2019-12979
CVE-2019-13133
CVE-2019-13134
CVE-2019-13135
CVE-2019-13136
CVE-2019-13137
CVE-2019-13295
CVE-2019-13296
CVE-2019-13297
CVE-2019-13298
CVE-2019-13299
CVE-2019-13300
CVE-2019-13301
CVE-2019-13302
CVE-2019-13303
CVE-2019-13304
CVE-2019-13305
CVE-2019-13306
CVE-2019-13307
CVE-2019-13308
CVE-2019-13309
CVE-2019-13310
CVE-2019-13311
CVE-2019-13391
CVE-2019-13454
CVE-2019-9674
CVE-2020-8492
CVE-2021-4140
CVE-2022-22737
CVE-2022-22738
CVE-2022-22739
CVE-2022-22740
CVE-2022-22741
CVE-2022-22742
CVE-2022-22743
CVE-2022-22744
CVE-2022-22745
CVE-2022-22746
CVE-2022-22747
CVE-2022-22748
CVE-2022-22751
SUSE-SU-2019:2106-1
SUSE-SU-2020:0467-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • python3-base-3.6.10-3.47 is installed
  • OR python3-tools-3.6.10-3.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.67 is installed
  • OR ImageMagick-config-7-upstream-7.0.7.34-3.67 is installed
  • OR ImageMagick-devel-32bit-7.0.7.34-3.67 is installed
  • OR ImageMagick-doc-7.0.7.34-3.67 is installed
  • OR ImageMagick-extra-7.0.7.34-3.67 is installed
  • OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-3.67 is installed
  • OR libMagick++-devel-32bit-7.0.7.34-3.67 is installed
  • OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-3.67 is installed
  • OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-3.67 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed
  • AND Package Information
  • MozillaFirefox-91.5.0-152.12.1 is installed
  • OR MozillaFirefox-devel-91.5.0-152.12.1 is installed
  • OR MozillaFirefox-translations-common-91.5.0-152.12.1 is installed
  • OR MozillaFirefox-translations-other-91.5.0-152.12.1 is installed
    • BACK