Overview

File _patchinfo of Package patchinfo.23589

<patchinfo incident="23589">
  <issue id="1198970" tracker="bnc">VUL-0: MozillaFirefox / MozillaThunderbird: update to 100 and 91.9esr</issue>
  <issue id="2022-29909" tracker="cve" />
  <issue id="2022-29911" tracker="cve" />
  <issue id="2022-29912" tracker="cve" />
  <issue id="2022-29914" tracker="cve" />
  <issue id="2022-29916" tracker="cve" />
  <issue id="2022-29917" tracker="cve" />
  <name>MozillaFirefox</name>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>recommended</category>
  <summary>Recommended update for MozillaFirefox</summary>
  <description>This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.9.0 ESR

MFSA 2022-17 (bsc#1198970)

* CVE-2022-29914: Fullscreen notification bypass using popups
* CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
* CVE-2022-29916: Leaking browser history with CSS variables
* CVE-2022-29911: iframe Sandbox bypass
* CVE-2022-29912: Reader mode bypassed SameSite cookies
* CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places