Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

openSUSE: 2021:3331-1 Important Memory Issues and Update Instructions

opensuse
Calendar Grey October 11, 2021
Dist Opensuse Esm H88
An urgent security update for Mozilla Firefox highlights various vulnerabilities in openSUSE, emphasizing crucial steps for necessary remediation.
An update that fixes 20 vulnerabilities is now available

Description

This update for MozillaFirefox fixes the following issues:

This update contains the Firefox Extended Support Release 91.2.0 ESR.

Firefox Extended Support Release 91.2.0 ESR

* Fixed: Various stability, functionality, and security fixes MFSA 2021-45

(bsc#1191332)

* CVE-2021-38496: Use-after-free in MessageTask

* CVE-2021-38497: Validation message could have been overlaid on another

origin

* CVE-2021-38498: Use-after-free of nsLanguageAtomService object

* CVE-2021-32810: Data race in crossbeam-deque

j-wgcw)

* CVE-2021-38500 (bmo#1725854, bmo#1728321) Memory safety bugs fixed in

Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2

* CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176) Memory safety

bugs fixed in Firefox 93 and Firefox ESR 91.2

- Fixed crash in FIPS mode (bsc#1190710)

* Fixed: Various stability, functionality, and security fixes

MFSA 2021-40 (bsc#1190269, bsc#1190274):

* CVE-2021-38492:...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory software update patch important memory issues openSUSE MozillaFirefox

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2021-3331=1

Package List

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

rust-cbindgen-0.19.0-1.9.1

References

https://www.suse.com/security/cve/CVE-2021-29980.html

https://www.suse.com/security/cve/CVE-2021-29981.html

https://www.suse.com/security/cve/CVE-2021-29982.html

https://www.suse.com/security/cve/CVE-2021-29983.html

https://www.suse.com/security/cve/CVE-2021-29984.html

https://www.suse.com/security/cve/CVE-2021-29985.html

https://www.suse.com/security/cve/CVE-2021-29986.html

https://www.suse.com/security/cve/CVE-2021-29987.html

https://www.suse.com/security/cve/CVE-2021-29988.html

https://www.suse.com/security/cve/CVE-2021-29989.html

https://www.suse.com/security/cve/CVE-2021-29990.html

https://www.suse.com/security/cve/CVE-2021-29991.html

https://www.suse.com/security/cve/CVE-2021-32810.html

https://www.suse.com/security/cve/CVE-2021-38492.html

https://www.suse.com/security/cve/CVE-2021-38495.html

https://www.suse.com/security/cve/CVE-2021-38496.html

https://www.suse.com/security/cve/CVE-2021-38497.html

https://www.suse.com/security/cve/CVE-2021-38498.html

https://www.suse.com/security/cve/CVE-2021-385...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2021:3331-1
Rating: important
Affected Products: openSUSE Leap 15.3 .

Topics%20covered

Topics Covered

security advisory software update patch important memory issues openSUSE MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here