Oval Definition:oval:org.opensuse.security:def:74389
Revision Date:2021-11-19Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

MozillaFirefox was updated to Extended Support Release 91.3.0 ESR

Fixed: Various stability, functionality, and security fixes

MFSA 2021-49 (bsc#1192250)

* CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:unixClass:patch
Status:Reference(s):1135350
1148742
1155419
1192250
CVE-2017-18594
CVE-2018-15173
CVE-2019-15681
CVE-2021-38503
CVE-2021-38504
CVE-2021-38505
CVE-2021-38506
CVE-2021-38507
CVE-2021-38508
CVE-2021-38509
CVE-2021-38510
openSUSE-SU-2019:2200-1
openSUSE-SU-2020:1071-1
SUSE-SU-2021:3745-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • ncat-7.70-lp151.3.9 is installed
  • OR ndiff-7.70-lp151.3.9 is installed
  • OR nmap-7.70-lp151.3.9 is installed
  • OR nping-7.70-lp151.3.9 is installed
  • OR zenmap-7.70-lp151.3.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed
  • AND Package Information
  • MozillaFirefox-91.3.0-152.6.1 is installed
  • OR MozillaFirefox-devel-91.3.0-152.6.1 is installed
  • OR MozillaFirefox-translations-common-91.3.0-152.6.1 is installed
  • OR MozillaFirefox-translations-other-91.3.0-152.6.1 is installed
  • BACK