Alerts This Week
Warning Icon 1 775
Alerts This Week
Warning Icon 1 775

SUSE: 2022:0696-1 Important Update: MozillaFirefox Security Fix

suse
Calendar Grey March 3, 2022
Dist Suse Esm H88
Critical SUSE Security Patch for MozillaFirefox resolves 10 vulnerabilities. Apply update to maintain system integrity.
An update that fixes 8 vulnerabilities is now available

Summary

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 (bsc#1195682) - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022-22756: Drag and dropping an image could have resulted in the dropped object being an executable - CVE-2022-22759: Sandboxed iframes could have executed script if the parent appended elements - CVE-2022-22760: Cross-Origin responses could be distinguished between script and non-script content-types - CVE-2022-22761: frame-ancestors Content Security Policy directive was not enforced for framed extension pages - CVE-2022-22763: Script Execution during invalid object state

Topics%20covered

Topics Covered

security advisory software update important SUSE Linux system safety patch instructions MozillaFirefox

References

#1195230 #1195682

Cross- CVE-2022-22753 CVE-2022-22754 CVE-2022-22756

CVE-2022-22759 CVE-2022-22760 CVE-2022-22761

CVE-2022-22763 CVE-2022-22764

Affected Products:

SUSE Enterprise Storage 7

SUSE Linux Enterprise Desktop 15-SP3

SUSE Linux Enterprise Desktop 15-SP4

SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS

SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS

SUSE Linux Enterprise High Performance Computing 15-SP3

SUSE Linux Enterprise High Performance Computing 15-SP4

SUSE Linux Enterprise Module for Desktop Applications 15-SP3

SUSE Linux Enterprise Module for Desktop Applications 15-SP4

SUSE Linux Enterprise Realtime Extension 15-SP2

SUSE Linux Enterprise Server 15-SP2-BCL

SUSE Linux E...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:0696-1
Rating: important

Topics%20covered

Topics Covered

security advisory software update important SUSE Linux system safety patch instructions MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here