Oval Definition:oval:org.opensuse.security:def:88548
Revision Date:2021-12-12Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues: Update to Extended Support Release 91.4.0 (bsc#1193485): - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43539: GC rooting failure when calling wasm instance methods - CVE-2021-43541: External protocol handler parameters were unescaped - CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler - CVE-2021-43543: Bypass of CSP sandbox directive when embedding - CVE-2021-43545: Denial of Service when using the Location API in a loop - CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed - Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 - Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
Family:unixClass:patch
Status:Reference(s):1193321
1193485
CVE-2021-43536
CVE-2021-43537
CVE-2021-43538
CVE-2021-43539
CVE-2021-43541
CVE-2021-43542
CVE-2021-43543
CVE-2021-43545
CVE-2021-43546
SUSE-SU-2021:4000-1
Platform(s):SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • MozillaFirefox-91.4.0-112.83.1 is installed
  • OR MozillaFirefox-devel-91.4.0-112.83.1 is installed
  • OR MozillaFirefox-translations-common-91.4.0-112.83.1 is installed
  • BACK