Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2022:4461-1

UNKNOWN

Security update for MozillaFirefox

Published Dec 13, 2022

Modified 3 years ago

Fix available

Details

This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 102.6.0 ESR (bsc#1206242):

CVE-2022-46880: Use-after-free in WebGL
CVE-2022-46872: Arbitrary file read from a compromised content process
CVE-2022-46881: Memory corruption in WebGL
CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions
CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
CVE-2022-46882: Use-after-free in WebGL
CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6

Affected Packages

SUSE:Enterprise Storage 6MozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Enterprise Storage 6MozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Enterprise Storage 6MozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Enterprise Storage 6MozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSMozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSMozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSMozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSMozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSMozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSMozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSMozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSMozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSMozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSMozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSMozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSMozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSMozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSMozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSMozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSMozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-BCLMozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-BCLMozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-BCLMozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-BCLMozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-LTSSMozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-LTSSMozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-LTSSMozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15 SP1-LTSSMozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15-LTSSMozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15-LTSSMozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15-LTSSMozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server 15-LTSSMozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15MozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15MozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15MozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15MozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1MozillaFirefox

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1MozillaFirefox-devel

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1MozillaFirefox-translations-common

Fixed in:

102.6.0-150000.150.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1MozillaFirefox-translations-other

Fixed in:

102.6.0-150000.150.68.1

References

REPORThttps://bugzilla.suse.com/1206242 WEBhttps://www.suse.com/security/cve/CVE-2022-46872 WEBhttps://www.suse.com/security/cve/CVE-2022-46874 WEBhttps://www.suse.com/security/cve/CVE-2022-46875 WEBhttps://www.suse.com/security/cve/CVE-2022-46878 WEBhttps://www.suse.com/security/cve/CVE-2022-46880 WEBhttps://www.suse.com/security/cve/CVE-2022-46881 WEBhttps://www.suse.com/security/cve/CVE-2022-46882 ADVISORYhttps://www.suse.com/support/update/announcement/2022/suse-su-20224461-1/

SUSE-SU-2022:4461-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2022:4461-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline