1. Home
  2. Security Advisories
  3. OpenSUSE
  4. openSUSE-SU-2021:1184-1

[openSUSE-SU-2021:1184-1] Security update for MozillaFirefox

Severity Important
Affected Packages 6
CVEs 6
Info Packages References Vulnerabilities

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 78.13.0 ESR (MFSA 2021-34, bsc#1188891):

  • CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
  • CVE-2021-29988: Memory corruption as a result of incorrect style treatment
  • CVE-2021-29984: Incorrect instruction reordering during JIT optimization
  • CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
  • CVE-2021-29985: Use-after-free media channels
  • CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Package Affected Version
pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.2 < 78.13.0-lp152.2.64.1
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.2 < 78.13.0-lp152.2.64.1
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.2 < 78.13.0-lp152.2.64.1
pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.2 < 78.13.0-lp152.2.64.1
pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.2 < 78.13.0-lp152.2.64.1
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.2 < 78.13.0-lp152.2.64.1
ID
openSUSE-SU-2021:1184-1
Severity
important
URL
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FG54RUGZYJQ2XDXZONDTLDFAZPF46KDK/
Published
2021-08-23T17:41:41
(3 years ago)
Modified
2021-08-23T17:41:41
(3 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.2 opensuse MozillaFirefox < 78.13.0-lp152.2.64.1 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.2 opensuse MozillaFirefox-translations-other < 78.13.0-lp152.2.64.1 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.2 opensuse MozillaFirefox-translations-common < 78.13.0-lp152.2.64.1 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.2 opensuse MozillaFirefox-devel < 78.13.0-lp152.2.64.1 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.2 opensuse MozillaFirefox-buildsymbols < 78.13.0-lp152.2.64.1 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.2 opensuse MozillaFirefox-branding-upstream < 78.13.0-lp152.2.64.1 opensuse-leap-15.2 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date