Bugzilla – Bug 1186696
VUL-0: MozillaFirefox / MozillaThunderbird: update to 89 and 78.11.0esr
Last modified: 2022-09-06 16:44:53 UTC
- Mozilla Firefox 89 MFSA 2021-23 * CVE-2021-29965 (bmo#1709257) Password Manager on Firefox for Android susceptible to domain spoofing * CVE-2021-29960 (bmo#1675965) Filenames printed from private browsing mode incorrectly retained in preferences * CVE-2021-29961 (bmo#1700235) Firefox UI spoof using `<select>` elements and CSS scaling * CVE-2021-29963 (bmo#1705068) Shared cookies for search suggestions in private browsing mode * CVE-2021-29964 (bmo#1706501) Out of bounds-read when parsing a `WM_COPYDATA` message * CVE-2021-29959 (bmo#1395819) Devices could be re-enabled without additional permission prompt * CVE-2021-29962 (bmo#1701673) No rate-limiting for popups on Firefox for Android * CVE-2021-29967 (bmo#1602862, bmo#1703191, bmo#1703760, bmo#1704722, bmo#1706041) Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 * CVE-2021-29966 (bmo#1660307, bmo#1686154, bmo#1702948, bmo#1708124) Memory safety bugs fixed in Firefox 89 - Mozilla Firefox ESR 78.11 MFSA 2021-24 * CVE-2021-29964 (bmo#1706501) Out of bounds-read when parsing a `WM_COPYDATA` message * CVE-2021-29967 (bmo#1602862, bmo#1703191, bmo#1703760, bmo#1704722, bmo#1706041) Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11
This is an autogenerated message for OBS integration: This bug (1186696) was mentioned in https://build.opensuse.org/request/show/896782 Factory / MozillaFirefox
This is an autogenerated message for OBS integration: This bug (1186696) was mentioned in https://build.opensuse.org/request/show/897289 Factory / MozillaThunderbird
(In reply to OBSbugzilla Bot from comment #1) > This is an autogenerated message for OBS integration: > This bug (1186696) was mentioned in > https://build.opensuse.org/request/show/896782 Factory / MozillaFirefox This request has been declined, could you please resubmit it?
(In reply to Gianluca Gabrielli from comment #4) > (In reply to OBSbugzilla Bot from comment #1) > > This is an autogenerated message for OBS integration: > > This bug (1186696) was mentioned in > > https://build.opensuse.org/request/show/896782 Factory / MozillaFirefox > > This request has been declined, could you please resubmit it? Currently I'm not even sure why it started to fail the build. I could (and probably still) build it in the mozilla/TW project but it fails in mozilla:Factory. Haven't had time to figure out why.
This is an autogenerated message for OBS integration: This bug (1186696) was mentioned in https://build.opensuse.org/request/show/897528 Factory / MozillaFirefox
This is an autogenerated message for OBS integration: This bug (1186696) was mentioned in https://build.opensuse.org/request/show/897726 Factory / MozillaFirefox
SUSE-SU-2021:1884-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1185633,1186696 CVE References: CVE-2021-29951,CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): MozillaFirefox-78.11.0-8.43.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (src): MozillaFirefox-78.11.0-8.43.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2021:14743-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 1185633,1186696 CVE References: CVE-2021-29951,CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: SUSE Linux Enterprise Server 11-SP4-LTSS (src): MozillaFirefox-78.11.0-78.131.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): MozillaFirefox-78.11.0-78.131.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2021:1886-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1185633,1186696 CVE References: CVE-2021-29951,CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): MozillaFirefox-78.11.0-112.62.1 SUSE OpenStack Cloud Crowbar 8 (src): MozillaFirefox-78.11.0-112.62.1 SUSE OpenStack Cloud 9 (src): MozillaFirefox-78.11.0-112.62.1 SUSE OpenStack Cloud 8 (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Server 12-SP5 (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): MozillaFirefox-78.11.0-112.62.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): MozillaFirefox-78.11.0-112.62.1 HPE Helion Openstack 8 (src): MozillaFirefox-78.11.0-112.62.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2021:0858-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1185633,1186696 CVE References: CVE-2021-29951,CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: openSUSE Leap 15.2 (src): MozillaFirefox-78.11.0-lp152.2.58.1
SUSE-SU-2021:1919-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1185633,1186696 CVE References: CVE-2021-29951,CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: SUSE Manager Server 4.0 (src): MozillaFirefox-78.11.0-3.144.1 SUSE Manager Retail Branch Server 4.0 (src): MozillaFirefox-78.11.0-3.144.1 SUSE Manager Proxy 4.0 (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise Server for SAP 15 (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise Server 15-LTSS (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): MozillaFirefox-78.11.0-3.144.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): MozillaFirefox-78.11.0-3.144.1 SUSE Enterprise Storage 6 (src): MozillaFirefox-78.11.0-3.144.1 SUSE CaaS Platform 4.0 (src): MozillaFirefox-78.11.0-3.144.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2021:2003-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1186696 CVE References: CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP3 (src): MozillaThunderbird-78.11.0-8.30.1 SUSE Linux Enterprise Workstation Extension 15-SP2 (src): MozillaThunderbird-78.11.0-8.30.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2021:0910-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1186696 CVE References: CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: openSUSE Leap 15.2 (src): MozillaThunderbird-78.11.0-lp152.2.45.1
openSUSE-SU-2021:1884-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1185633,1186696 CVE References: CVE-2021-29951,CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: openSUSE Leap 15.3 (src): MozillaFirefox-78.11.0-8.43.1
openSUSE-SU-2021:2003-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1186696 CVE References: CVE-2021-29964,CVE-2021-29967 JIRA References: Sources used: openSUSE Leap 15.3 (src): MozillaThunderbird-78.11.0-8.30.1
done