Bug 1194547 - VUL-0: MozillaFirefox / MozillaThunderbird: update to 96 and 91.5esr
VUL-0: MozillaFirefox / MozillaThunderbird: update to 96 and 91.5esr
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-01-11 14:45 UTC by Martin Sirringhaus
Modified: 2022-05-18 13:20 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Sirringhaus 2022-01-11 14:45:51 UTC
- Mozilla Firefox 96
  MFSA 2022-01
  * CVE-2022-22746 (bmo#1735071)
    Calling into reportValidity could have lead to fullscreen
    window spoof
  * CVE-2022-22743 (bmo#1739220)
    Browser window spoof using fullscreen mode
  * CVE-2022-22742 (bmo#1739923)
    Out-of-bounds memory access when inserting text in edit mode
  * CVE-2022-22741 (bmo#1740389)
    Browser window spoof using fullscreen mode
  * CVE-2022-22740 (bmo#1742334)
    Use-after-free of ChannelEventQueue::mOwner
  * CVE-2022-22738 (bmo#1742382)
    Heap-buffer-overflow in blendGaussianBlur
  * CVE-2022-22737 (bmo#1745874)
    Race condition when playing audio files
  * CVE-2021-4140 (bmo#1746720)
    Iframe sandbox bypass with XSLT
  * CVE-2022-22750 (bmo#1566608)
    IPC passing of resource handles could have lead to sandbox
    bypass
  * CVE-2022-22749 (bmo#1705094)
    Lack of URL restrictions when scanning QR codes
  * CVE-2022-22748 (bmo#1705211)
    Spoofed origin on external protocol launch dialog
  * CVE-2022-22745 (bmo#1735856)
    Leaking cross-origin URLs through securitypolicyviolation
    event
  * CVE-2022-22744 (bmo#1737252)
    The 'Copy as curl' feature in DevTools did not fully escape
    website-controlled data, potentially leading to command
    injection
  * CVE-2022-22747 (bmo#1735028)
    Crash when handling empty pkcs7 sequence
  * CVE-2022-22736 (bmo#1742692)
    Potential local privilege escalation when loading modules
    from the install directory.
  * CVE-2022-22739 (bmo#1744158)
    Missing throttling on external protocol launch dialog
  * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
    bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869,
    bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011)
    Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
  * CVE-2022-22752 (bmo#1740534, bmo#1741210, bmo#1742770)
    Memory safety bugs fixed in Firefox 96

- Mozilla Firefox ESR 91.5
  MFSA 2022-02
  * CVE-2022-22746 (bmo#1735071)
    Calling into reportValidity could have lead to fullscreen
    window spoof
  * CVE-2022-22743 (bmo#1739220)
    Browser window spoof using fullscreen mode
  * CVE-2022-22742 (bmo#1739923)
    Out-of-bounds memory access when inserting text in edit mode
  * CVE-2022-22741 (bmo#1740389)
    Browser window spoof using fullscreen mode
  * CVE-2022-22740 (bmo#1742334)
    Use-after-free of ChannelEventQueue::mOwner
  * CVE-2022-22738 (bmo#1742382)
    Heap-buffer-overflow in blendGaussianBlur
  * CVE-2022-22737 (bmo#1745874)
    Race condition when playing audio files
  * CVE-2021-4140 (bmo#1746720)
    Iframe sandbox bypass with XSLT
  * CVE-2022-22748 (bmo#1705211)
    Spoofed origin on external protocol launch dialog
  * CVE-2022-22745 (bmo#1735856)
    Leaking cross-origin URLs through securitypolicyviolation
    event
  * CVE-2022-22744 (bmo#1737252)
    The 'Copy as curl' feature in DevTools did not fully escape
    website-controlled data, potentially leading to command
    injection
  * CVE-2022-22747 (bmo#1735028)
    Crash when handling empty pkcs7 sequence
  * CVE-2022-22739 (bmo#1744158)
    Missing throttling on external protocol launch dialog
  * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
    bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869,
    bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011)
    Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5

- Mozilla Thunderbird 91.5
  MFSA 2022-03
  * CVE-2022-22746 (bmo#1735071)
    Calling into reportValidity could have lead to fullscreen
    window spoof
  * CVE-2022-22743 (bmo#1739220)
    Browser window spoof using fullscreen mode
  * CVE-2022-22742 (bmo#1739923)
    Out-of-bounds memory access when inserting text in edit mode
  * CVE-2022-22741 (bmo#1740389)
    Browser window spoof using fullscreen mode
  * CVE-2022-22740 (bmo#1742334)
    Use-after-free of ChannelEventQueue::mOwner
  * CVE-2022-22738 (bmo#1742382)
    Heap-buffer-overflow in blendGaussianBlur
  * CVE-2022-22737 (bmo#1745874)
    Race condition when playing audio files
  * CVE-2021-4140 (bmo#1746720)
    Iframe sandbox bypass with XSLT
  * CVE-2022-22748 (bmo#1705211)
    Spoofed origin on external protocol launch dialog
  * CVE-2022-22745 (bmo#1735856)
    Leaking cross-origin URLs through securitypolicyviolation
    event
  * CVE-2022-22744 (bmo#1737252)
    The 'Copy as curl' feature in DevTools did not fully escape
    website-controlled data, potentially leading to command
    injection
  * CVE-2022-22747 (bmo#1735028)
    Crash when handling empty pkcs7 sequence
  * CVE-2022-22739 (bmo#1744158)
    Missing throttling on external protocol launch dialog
  * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
    bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869,
    bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011)
    Memory safety bugs fixed in Thunderbird 91.5
Comment 1 OBSbugzilla Bot 2022-01-11 22:50:03 UTC
This is an autogenerated message for OBS integration:
This bug (1194547) was mentioned in
https://build.opensuse.org/request/show/945699 Factory / MozillaFirefox
https://build.opensuse.org/request/show/945701 Factory / MozillaThunderbird
Comment 5 Swamp Workflow Management 2022-01-18 17:18:46 UTC
SUSE-SU-2022:0115-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1194547
CVE References: CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE OpenStack Cloud Crowbar 8 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE OpenStack Cloud 9 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE OpenStack Cloud 8 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Server 12-SP5 (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    MozillaFirefox-91.5.0-112.86.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    MozillaFirefox-91.5.0-112.86.1
HPE Helion Openstack 8 (src):    MozillaFirefox-91.5.0-112.86.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2022-01-20 14:27:53 UTC
openSUSE-SU-2022:0136-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1194547
CVE References: CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    MozillaFirefox-91.5.0-152.12.1
Comment 7 Swamp Workflow Management 2022-01-20 14:30:58 UTC
SUSE-SU-2022:0136-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1194547
CVE References: CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Manager Retail Branch Server 4.1 (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Manager Proxy 4.1 (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    MozillaFirefox-91.5.0-152.12.1
SUSE Enterprise Storage 7 (src):    MozillaFirefox-91.5.0-152.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2022-01-20 14:32:40 UTC
SUSE-SU-2022:0137-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1194547
CVE References: CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise Server for SAP 15 (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise Server 15-LTSS (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    MozillaFirefox-91.5.0-150.15.1
SUSE Enterprise Storage 6 (src):    MozillaFirefox-91.5.0-150.15.1
SUSE CaaS Platform 4.0 (src):    MozillaFirefox-91.5.0-150.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2022-01-25 17:21:11 UTC
SUSE-SU-2022:14880-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1194547
CVE References: CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    MozillaFirefox-91.5.0-78.159.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    MozillaFirefox-91.5.0-78.159.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Swamp Workflow Management 2022-01-26 11:40:07 UTC
SUSE-SU-2022:0199-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1194547
CVE References: CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    MozillaThunderbird-91.5.0-8.51.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    MozillaThunderbird-91.5.0-8.51.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2022-01-26 11:41:36 UTC
openSUSE-SU-2022:0199-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1194547
CVE References: CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    MozillaThunderbird-91.5.0-8.51.1
Comment 13 Swamp Workflow Management 2022-05-18 13:20:29 UTC
openSUSE-SU-2022:0136-1: An update that fixes 15 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1191938,1194547,1199047
CVE References: CVE-2020-27304,CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    MozillaFirefox-91.5.0-152.12.1, civetweb-1.15-lp153.2.3.1