Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

openSUSE Leap 15.3 and 15.4: 2022:0783-1 Important: Firefox Issues

opensuse
Calendar Grey March 9, 2022
Dist Opensuse Esm H88
Important security patch for Mozilla Firefox resolves two use-after-free vulnerabilities in openSUSE. Ensure timely installation.
An update that fixes two vulnerabilities is now available

Description

This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.6.1 ESR (bsc#1196809):

- CVE-2022-26485: Use-after-free in XSLT parameter processing

- CVE-2022-26486: Use-after-free in WebGPU IPC Framework

Topics%20covered

Topics Covered

security advisory important update openSUSE use-after-free MozillaFirefox

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.4:

zypper in -t patch openSUSE-SLE-15.4-2022-783=1

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2022-783=1

Package List

- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):

MozillaFirefox-91.6.1-152.19.1

MozillaFirefox-branding-upstream-91.6.1-152.19.1

MozillaFirefox-debuginfo-91.6.1-152.19.1

MozillaFirefox-debugsource-91.6.1-152.19.1

MozillaFirefox-devel-91.6.1-152.19.1

MozillaFirefox-translations-common-91.6.1-152.19.1

MozillaFirefox-translations-other-91.6.1-152.19.1

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

MozillaFirefox-91.6.1-152.19.1

MozillaFirefox-branding-upstream-91.6.1-152.19.1

MozillaFirefox-debuginfo-91.6.1-152.19.1

MozillaFirefox-debugsource-91.6.1-152.19.1

MozillaFirefox-devel-91.6.1-152.19.1

MozillaFirefox-translations-common-91.6.1-152.19.1

MozillaFirefox-translations-other-91.6.1-152.19.1

References

https://www.suse.com/security/cve/CVE-2022-26485.html

https://www.suse.com/security/cve/CVE-2022-26486.html

https://bugzilla.suse.com/1196809

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2022:0783-1
Rating: important
Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 .

Topics%20covered

Topics Covered

security advisory important update openSUSE use-after-free MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here