SUSE-SU-2022:14906-1

Description of the patch:

This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.7.0 ESR (bsc#1196900):

• CVE-2022-26383: Browser window spoof using fullscreen mode
• CVE-2022-26384: iframe allow-scripts sandbox bypass
• CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures
• CVE-2022-26381: Use-after-free in text reflows
• CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users

Firefox Extended Support Release 91.6.1 ESR (bsc#1196809):

• CVE-2022-26485: Use-after-free in XSLT parameter processing
• CVE-2022-26486: Use-after-free in WebGPU IPC Framework