1. Home
  2. Security Advisories
  3. OpenSUSE
  4. openSUSE-SU-2021:3993-1

[openSUSE-SU-2021:3993-1] Security update for MozillaFirefox

Severity Important
Affected Packages 20
CVEs 9
Info Packages References Vulnerabilities

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

Update to Extended Support Release 91.4.0 (bsc#1193485):

  • CVE-2021-43536: URL leakage when navigating while executing asynchronous function
  • CVE-2021-43537: Heap buffer overflow when using structured clone
  • CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
  • CVE-2021-43539: GC rooting failure when calling wasm instance methods
  • CVE-2021-43541: External protocol handler parameters were unescaped
  • CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
  • CVE-2021-43543: Bypass of CSP sandbox directive when embedding
  • CVE-2021-43545: Denial of Service when using the Location API in a loop
  • CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
  • Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
  • Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
Package Affected Version
pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox?arch=s390x&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox?arch=ppc64le&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox?arch=aarch64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=s390x&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=ppc64le&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=aarch64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=s390x&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=ppc64le&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=aarch64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-devel?arch=s390x&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-devel?arch=ppc64le&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-devel?arch=aarch64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=s390x&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=ppc64le&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=aarch64&distro=opensuse-leap-15.3 < 91.4.0-152.9.1
ID
openSUSE-SU-2021:3993-1
Severity
important
URL
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6E3G2TI2MHN6NYMUDWREZ5V2SGZW63DZ/
Published
2021-12-10T14:04:25
(2 years ago)
Modified
2021-12-10T14:04:25
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.3 opensuse MozillaFirefox < 91.4.0-152.9.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox?arch=s390x&distro=opensuse-leap-15.3 opensuse MozillaFirefox < 91.4.0-152.9.1 opensuse-leap-15.3 s390x
Affected pkg:rpm/opensuse/MozillaFirefox?arch=ppc64le&distro=opensuse-leap-15.3 opensuse MozillaFirefox < 91.4.0-152.9.1 opensuse-leap-15.3 ppc64le
Affected pkg:rpm/opensuse/MozillaFirefox?arch=aarch64&distro=opensuse-leap-15.3 opensuse MozillaFirefox < 91.4.0-152.9.1 opensuse-leap-15.3 aarch64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-other < 91.4.0-152.9.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=s390x&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-other < 91.4.0-152.9.1 opensuse-leap-15.3 s390x
Affected pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=ppc64le&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-other < 91.4.0-152.9.1 opensuse-leap-15.3 ppc64le
Affected pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=aarch64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-other < 91.4.0-152.9.1 opensuse-leap-15.3 aarch64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-common < 91.4.0-152.9.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=s390x&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-common < 91.4.0-152.9.1 opensuse-leap-15.3 s390x
Affected pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=ppc64le&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-common < 91.4.0-152.9.1 opensuse-leap-15.3 ppc64le
Affected pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=aarch64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-translations-common < 91.4.0-152.9.1 opensuse-leap-15.3 aarch64
Affected pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-devel < 91.4.0-152.9.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-devel?arch=s390x&distro=opensuse-leap-15.3 opensuse MozillaFirefox-devel < 91.4.0-152.9.1 opensuse-leap-15.3 s390x
Affected pkg:rpm/opensuse/MozillaFirefox-devel?arch=ppc64le&distro=opensuse-leap-15.3 opensuse MozillaFirefox-devel < 91.4.0-152.9.1 opensuse-leap-15.3 ppc64le
Affected pkg:rpm/opensuse/MozillaFirefox-devel?arch=aarch64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-devel < 91.4.0-152.9.1 opensuse-leap-15.3 aarch64
Affected pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-branding-upstream < 91.4.0-152.9.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=s390x&distro=opensuse-leap-15.3 opensuse MozillaFirefox-branding-upstream < 91.4.0-152.9.1 opensuse-leap-15.3 s390x
Affected pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=ppc64le&distro=opensuse-leap-15.3 opensuse MozillaFirefox-branding-upstream < 91.4.0-152.9.1 opensuse-leap-15.3 ppc64le
Affected pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=aarch64&distro=opensuse-leap-15.3 opensuse MozillaFirefox-branding-upstream < 91.4.0-152.9.1 opensuse-leap-15.3 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date