Overview

File _patchinfo of Package patchinfo.20772

<patchinfo incident="20772">
  <issue tracker="bnc" id="1188891">VUL-0: MozillaFirefox / MozillaThunderbird: update to 91 and 78.13esr/91.0esr</issue>
  <issue tracker="cve" id="2021-29985"/>
  <issue tracker="cve" id="2021-29988"/>
  <issue tracker="cve" id="2021-29986"/>
  <issue tracker="cve" id="2021-29989"/>
  <issue tracker="cve" id="2021-29984"/>
  <issue tracker="cve" id="2021-29980"/>
  <issue tracker="jsc" id="SLE-18626"/>
  <packager>cgrobertson</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for MozillaFirefox</summary>
  <description>This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 78.13.0 ESR (MFSA 2021-34, bsc#1188891):

- CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
- CVE-2021-29988: Memory corruption as a result of incorrect style treatment
- CVE-2021-29984: Incorrect instruction reordering during JIT optimization
- CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
- CVE-2021-29985: Use-after-free media channels
- CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places