Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2022:4462-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2022:4462-1

UNKNOWN

Security update for MozillaFirefox

Published Dec 13, 2022

Modified 3 years ago

Fix available

Details

This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 102.6.0 ESR (bsc#1206242):

CVE-2022-46880: Use-after-free in WebGL
CVE-2022-46872: Arbitrary file read from a compromised content process
CVE-2022-46881: Memory corruption in WebGL
CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions
CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
CVE-2022-46882: Use-after-free in WebGL
CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6

Affected Packages

SUSE:Enterprise Storage 7MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Enterprise Storage 7MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Enterprise Storage 7MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Enterprise Storage 7MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSMozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSMozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSMozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSMozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSMozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSMozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSMozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSMozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP4MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP4MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP4MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP4MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-BCLMozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-BCLMozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-BCLMozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-BCLMozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-LTSSMozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-LTSSMozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-LTSSMozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server 15 SP2-LTSSMozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Proxy 4.1MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Proxy 4.1MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Proxy 4.1MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Proxy 4.1MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Retail Branch Server 4.1MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Retail Branch Server 4.1MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Retail Branch Server 4.1MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Retail Branch Server 4.1MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Server 4.1MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Server 4.1MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Server 4.1MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

SUSE:Manager Server 4.1MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.3MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.3MozillaFirefox-branding-upstream

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.3MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.3MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.3MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.4MozillaFirefox

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.4MozillaFirefox-branding-upstream

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.4MozillaFirefox-devel

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.4MozillaFirefox-translations-common

Fixed in:

102.6.0-150200.152.70.1

openSUSE:Leap 15.4MozillaFirefox-translations-other

Fixed in:

102.6.0-150200.152.70.1

References

REPORThttps://bugzilla.suse.com/1206242 WEBhttps://www.suse.com/security/cve/CVE-2022-46872 WEBhttps://www.suse.com/security/cve/CVE-2022-46874 WEBhttps://www.suse.com/security/cve/CVE-2022-46875 WEBhttps://www.suse.com/security/cve/CVE-2022-46878 WEBhttps://www.suse.com/security/cve/CVE-2022-46880 WEBhttps://www.suse.com/security/cve/CVE-2022-46881 WEBhttps://www.suse.com/security/cve/CVE-2022-46882 ADVISORYhttps://www.suse.com/support/update/announcement/2022/suse-su-20224462-1/

SUSE-SU-2022:4462-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline