Lucene search
SuseOPENSUSE-SU-2021:1575-1HistoryDec 12, 2021 - 12:00 a.m.
Security update for MozillaFirefox (important)
2021-12-1200:00:00
lists.opensuse.org
9
0.007 Low
EPSS
Percentile
80.0%
An update that fixes 9 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
Update to Extended Support Release 91.4.0 (bsc#1193485):
- CVE-2021-43536: URL leakage when navigating while executing asynchronous
function - CVE-2021-43537: Heap buffer overflow when using structured clone
- CVE-2021-43538: Missing fullscreen and pointer lock notification when
requesting both - CVE-2021-43539: GC rooting failure when calling wasm instance methods
- CVE-2021-43541: External protocol handler parameters were unescaped
- CVE-2021-43542: XMLHttpRequest error codes could have leaked the
existence of an external protocol handler - CVE-2021-43543: Bypass of CSP sandbox directive when embedding
- CVE-2021-43545: Denial of Service when using the Location API in a loop
- CVE-2021-43546: Cursor spoofing could overlay user interface when native
cursor is zoomed - Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
- Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1575=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm |
Related
suse
suse
Security update for MozillaFirefox (important)
2021-12-10 00:00:00
Security update for MozillaThunderbird (important)
2021-12-29 00:00:00
Security update for MozillaThunderbird (important)
2021-12-22 00:00:00
nessus
nessus
openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2021:1575-1)
2021-12-17 00:00:00
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14859-1)
2021-12-11 00:00:00
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2021:5014)
2021-12-08 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:4000-1)
2021-12-13 00:00:00
Mozilla Firefox ESR Security Advisory (MFSA2021-53) - Mac OS X
2021-12-12 00:00:00
CentOS: Security Advisory for firefox (CESA-2021:5014)
2022-01-11 00:00:00
oraclelinux
oraclelinux
firefox security update
2021-12-08 00:00:00
firefox security update
2021-12-09 00:00:00
thunderbird security update
2021-12-10 00:00:00
almalinux
almalinux
Important: firefox security update
2021-12-08 09:42:58
Important: thunderbird security update
2021-12-09 12:14:59
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.4.0-alt1
2021-12-14 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.4.0-alt1
2021-12-21 00:00:00
rocky
rocky
firefox security update
2021-12-08 09:42:58
thunderbird security update
2021-12-09 12:14:59
archlinux
archlinux
[ASA-202112-9] thunderbird: multiple issues
2021-12-11 00:00:00
[ASA-202112-8] firefox: multiple issues
2021-12-11 00:00:00
ubuntu
ubuntu
Firefox regressions
2021-12-20 00:00:00
Firefox vulnerabilities
2021-12-09 00:00:00
Thunderbird vulnerabilities
2022-01-21 00:00:00
centos
centos
firefox security update
2021-12-14 00:04:22
redhat
redhat
(RHSA-2021:5014) Important: firefox security update
2021-12-08 09:42:59
(RHSA-2021:5017) Important: firefox security update
2021-12-08 09:44:27
(RHSA-2021:5013) Important: firefox security update
2021-12-08 09:42:58
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 91.4.0 — Mozilla
2021-12-07 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.4.0 — Mozilla
2021-12-07 00:00:00
Security Vulnerabilities fixed in Firefox 95 — Mozilla
2021-12-07 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerability
2021-12-11 01:19:07
Updated thunderbird packages fix security vulnerability
2021-12-11 01:19:07
osv
osv
firefox vulnerabilities
2021-12-09 18:55:33
Important: firefox security update
2021-12-08 09:42:58
Important: firefox security update
2021-12-08 09:42:58
kaspersky
kaspersky
KLA12375 Multiple vulnerabilities in Mozilla Firefox ESR
2021-12-07 00:00:00
KLA12376 Multiple vulnerabilities in Mozilla Thunderbird
2021-12-07 00:00:00
KLA12374 Multiple vulnerabilities in Mozilla Firefox
2021-12-07 00:00:00
debian
debian
[SECURITY] [DLA 2863-1] firefox-esr security update
2021-12-29 14:08:44
[SECURITY] [DSA 5026-1] firefox-esr security update
2021-12-19 15:23:09
[SECURITY] [DSA 5034-1] thunderbird security update
2022-01-02 17:01:50
redhatcve
redhatcve
ubuntucve
ubuntucve
veracode
veracode
Denial Of Service (DoS)
2021-12-10 07:39:17
Denial Of Service (DoS)
2021-12-10 07:36:01
Remote Code Execution (RCE)
2021-12-10 07:38:42
cvelist
cvelist
prion
prion
Type confusion
2021-12-08 22:15:00
Code injection
2021-12-08 22:15:00
Design/Logic Flaw
2021-12-08 22:15:00
alpinelinux
alpinelinux
cnvd
cnvd
Mozilla Firefox conditional competition issue vulnerability
2021-12-12 00:00:00
Mozilla Firefox ESR code issue vulnerability (CNVD-2021-99620)
2021-12-12 00:00:00
Mozilla Firefox Resource Management Error Vulnerability (CNVD-2021-99619)
2021-12-12 00:00:00
debiancve
debiancve
nvd
nvd
cve
cve