Security update for MozillaFirefox SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:3273-1 Final 1 1 2022-09-14T04:48:57Z current 2022-09-14T04:48:57Z 2022-09-14T04:48:57Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for MozillaFirefox This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 (bsc#1202645) * CVE-2022-38472 (bmo#1769155) Address bar spoofing via XSLT error handling * CVE-2022-38473 (bmo#1771685) Cross-origin XSLT Documents would have inherited the parent's permissions * CVE-2022-38476 (bmo#1760998) Data race and potential use-after-free in PK11_ChangePW * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363) Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 * CVE-2022-38478 (bmo#1770630, bmo#1776658) Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 Firefox Extended Support Release 102.1 ESR * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-30 (bsc#1201758) * CVE-2022-36319 (bmo#1737722) Mouse Position spoofing with CSS transforms * CVE-2022-36318 (bmo#1771774) Directory indexes for bundled resources reflected URL parameters * CVE-2022-36314 (bmo#1773894) Opening local <code>.lnk</code> files could cause unexpected network loads * CVE-2022-2505 (bmo#1769739, bmo#1772824) Memory safety bugs fixed in Firefox 103 and 102.1 - Firefox Extended Support Release 102.0.1 ESR * Fixed: Fixed bookmark shortcut creation by dragging to Windows File Explorer and dropping partially broken (bmo#1774683) * Fixed: Fixed bookmarks sidebar flashing white when opened in dark mode (bmo#1776157) * Fixed: Fixed multilingual spell checking not working with content in both English and a non-Latin alphabet (bmo#1773802) * Fixed: Developer tools: Fixed an issue where the console output keep getting scrolled to the bottom when the last visible message is an evaluation result (bmo#1776262) * Fixed: Fixed *Delete cookies and site data when Firefox is closed* checkbox getting disabled on startup (bmo#1777419) * Fixed: Various stability fixes Firefox 102.0 ESR: * New: - We now provide more secure connections: Firefox can now automatically upgrade to HTTPS using HTTPS RR as Alt-Svc headers. - For added viewing pleasure, full-range color levels are now supported for video playback on many systems. - Find it easier now! Mac users can now access the macOS share options from the Firefox File menu. - Voilà! Support for images containing ICC v4 profiles is enabled on macOS. - Firefox now supports the new AVIF image format, which is based on the modern and royalty-free AV1 video codec. It offers significant bandwidth savings for sites compared to existing image formats. It also supports transparency and other advanced features. - Firefox PDF viewer now supports filling more forms (e.g., XFA-based forms, used by multiple governments and banks). Learn more. - When available system memory is critically low, Firefox on Windows will automatically unload tabs based on their last access time, memory usage, and other attributes. This helps to reduce Firefox out-of-memory crashes. Forgot something? Switching to an unloaded tab automatically reloads it. - To prevent session loss for macOS users who are running Firefox from a mounted .dmg file, they’ll now be prompted to finish installation. Bear in mind, this permission prompt only appears the first time these users run Firefox on their computer. - For your safety, Firefox now blocks downloads that rely on insecure connections, protecting against potentially malicious or unsafe downloads. Learn more and see where to find downloads in Firefox. - Improved web compatibility for privacy protections with SmartBlock 3.0: In Private Browsing and Strict Tracking Protection, Firefox goes to great lengths to protect your web browsing activity from trackers. As part of this, the built- in content blocking will automatically block third-party scripts, images, and other content from being loaded from cross-site tracking companies reported by Disconnect. Learn more. - Introducing a new referrer tracking protection in Strict Tracking Protection and Private Browsing. This feature prevents sites from unknowingly leaking private information to trackers. Learn more. - Introducing Firefox Suggest, a feature that provides website suggestions as you type into the address bar. Learn more about this faster way to navigate the web and locale- specific features. - Firefox macOS now uses Apple's low-power mode for fullscreen video on sites such as YouTube and Twitch. This meaningfully extends battery life in long viewing sessions. Now your kids can find out what the fox says on a loop without you ever missing a beat… - With this release, power users can use about:unloads to release system resources by manually unloading tabs without closing them. - On Windows, there will now be fewer interruptions because Firefox won’t prompt you for updates. Instead, a background agent will download and install updates even if Firefox is closed. - On Linux, we’ve improved WebGL performance and reduced power consumption for many users. - To better protect all Firefox users against side-channel attacks, such as Spectre, we introduced Site Isolation. - Firefox no longer warns you by default when you exit the browser or close a window using a menu, button, or three-key command. This should cut back on unwelcome notifications, which is always nice—however, if you prefer a bit of notice, you’ll still have full control over the quit/close modal behavior. All warnings can be managed within Firefox Settings. No worries! More details here. - Firefox supports the new Snap Layouts menus when running on Windows 11. - RLBox—a new technology that hardens Firefox against potential security vulnerabilities in third-party libraries—is now enabled on all platforms. - We’ve reduced CPU usage on macOS in Firefox and WindowServer during event processing. - We’ve also reduced the power usage of software decoded video on macOS, especially in fullscreen. This includes streaming sites such as Netflix and Amazon Prime Video. - You can now move the Picture-in-Picture toggle button to the opposite side of the video. Simply look for the new context menu option Move Picture-in-Picture Toggle to Left (Right) Side. - We’ve made significant improvements in noise suppression and auto-gain-control, as well as slight improvements in echo-cancellation to provide you with a better overall experience. - We’ve also significantly reduced main-thread load. - When printing, you can now choose to print only the odd/even pages. - Firefox now supports and displays the new style of scrollbars on Windows 11. - Firefox has a new optimized download flow. Instead of prompting every time, files will download automatically. However, they can still be opened from the downloads panel with just one click. Easy! More information - Firefox no longer asks what to do for each file by default. You won’t be prompted to choose a helper application or save to disk before downloading a file unless you have changed your download action setting for that type of file. - Any files you download will be immediately saved on your disk. Depending on the current configuration, they’ll be saved in your preferred download folder, or you’ll be asked to select a location for each download. Windows and Linux users will find their downloaded files in the destination folder. They’ll no longer be put in the Temp folder. - Firefox allows users to choose from a number of built-in search engines to set as their default. In this release, some users who had previously configured a default engine might notice their default search engine has changed since Mozilla was unable to secure formal permission to continue including certain search engines in Firefox. - You can now toggle Narrate in ReaderMode with the keyboard shortcut 'n.' - You can find added support for search—with or without diacritics—in the PDF viewer. - The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11). - Firefox now supports credit card autofill and capture in Germany, France, and the United Kingdom. - We now support captions/subtitles display on YouTube, Prime Video, and Netflix videos you watch in Picture-in-Picture. Just turn on the subtitles on the in-page video player, and they will appear in PiP. - Picture-in-Picture now also supports video captions on websites that use Web Video Text Track (WebVTT) format (e.g., Coursera.org, Canadian Broadcasting Corporation, and many more). - On the first run after install, Firefox detects when its language does not match the operating system language and offers the user a choice between the two languages. - Firefox spell checking now checks spelling in multiple languages. To enable additional languages, select them in the text field’s context menu. - HDR video is now supported in Firefox on Mac—starting with YouTube! Firefox users on macOS 11+ (with HDR-compatible screens) can enjoy higher-fidelity video content. No need to manually flip any preferences to turn HDR video support on—just make sure battery preferences are NOT set to “optimize video streaming while on battery”. - Hardware-accelerated AV1 video decoding is enabled on Windows with supported GPUs (Intel Gen 11+, AMD RDNA 2 Excluding Navi 24, GeForce 30). Installing the AV1 Video Extension from the Microsoft Store may also be required. - Video overlay is enabled on Windows for Intel GPUs, reducing power usage during video playback. - Improved fairness between painting and handling other events. This noticeably improves the performance of the volume slider on Twitch. - Scrollbars on Linux and Windows 11 won't take space by default. On Linux, users can change this in Settings. On Windows, Firefox follows the system setting (System Settings > Accessibility > Visual Effects > Always show scrollbars). - Firefox now ignores less restricted referrer policies—including unsafe-url, no-referrer-when-downgrade, and origin-when-cross-origin—for cross-site subresource/iframe requests to prevent privacy leaks from the referrer. - Reading is now easier with the prefers-contrast media query, which allows sites to detect if the user has requested that web content is presented with a higher (or lower) contrast. - All non-configured MIME types can now be assigned a custom action upon download completion. - Firefox now allows users to use as many microphones as they want, at the same time, during video conferencing. The most exciting benefit is that you can easily switch your microphones at any time (if your conferencing service provider enables this flexibility). - Print preview has been updated. * Fixed: Various security fixes. - MFSA 2022-24 (bsc#1200793) * CVE-2022-34479 (bmo#1745595) A popup window could be resized in a way to overlay the address bar with web content * CVE-2022-34470 (bmo#1765951) Use-after-free in nsSHistory * CVE-2022-34468 (bmo#1768537) CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * CVE-2022-34482 (bmo#845880) Drag and drop of malicious image could have led to malicious executable and potential code execution * CVE-2022-34483 (bmo#1335845) Drag and drop of malicious image could have led to malicious executable and potential code execution * CVE-2022-34476 (bmo#1387919) ASN.1 parser could have been tricked into accepting malformed ASN.1 * CVE-2022-34481 (bmo#1483699, bmo#1497246) Potential integer overflow in ReplaceElementsAt * CVE-2022-34474 (bmo#1677138) Sandboxed iframes could redirect to external schemes * CVE-2022-34469 (bmo#1721220) TLS certificate errors on HSTS-protected domains could be bypassed by the user on Firefox for Android * CVE-2022-34471 (bmo#1766047) Compromised server could trick a browser into an addon downgrade * CVE-2022-34472 (bmo#1770123) Unavailable PAC file resulted in OCSP requests being blocked * CVE-2022-34478 (bmo#1773717) Microsoft protocols can be attacked if a user accepts a prompt * CVE-2022-2200 (bmo#1771381) Undesired attributes could be set as part of prototype pollution * CVE-2022-34480 (bmo#1454072) Free of uninitialized pointer in lg_init * CVE-2022-34477 (bmo#1731614) MediaError message property leaked information on cross- origin same-site pages * CVE-2022-34475 (bmo#1757210) HTML Sanitizer could have been bypassed via same-origin script via use tags * CVE-2022-34473 (bmo#1770888) HTML Sanitizer could have been bypassed via use tags * CVE-2022-34484 (bmo#1763634, bmo#1772651) Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 * CVE-2022-34485 (bmo#1768409, bmo#1768578) Memory safety bugs fixed in Firefox 102 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2022-3273,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2022-3273,SUSE-2022-3273,SUSE-OpenStack-Cloud-9-2022-3273,SUSE-OpenStack-Cloud-Crowbar-9-2022-3273,SUSE-SLE-SAP-12-SP4-2022-3273,SUSE-SLE-SDK-12-SP5-2022-3273,SUSE-SLE-SERVER-12-SP2-BCL-2022-3273,SUSE-SLE-SERVER-12-SP3-BCL-2022-3273,SUSE-SLE-SERVER-12-SP4-LTSS-2022-3273,SUSE-SLE-SERVER-12-SP5-2022-3273 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ Link for SUSE-SU-2022:3273-1 https://lists.suse.com/pipermail/sle-updates/2022-September/025151.html E-Mail link for SUSE-SU-2022:3273-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1200793 SUSE Bug 1200793 https://bugzilla.suse.com/1201758 SUSE Bug 1201758 https://bugzilla.suse.com/1202645 SUSE Bug 1202645 https://www.suse.com/security/cve/CVE-2022-2200/ SUSE CVE CVE-2022-2200 page https://www.suse.com/security/cve/CVE-2022-2505/ SUSE CVE CVE-2022-2505 page https://www.suse.com/security/cve/CVE-2022-34468/ SUSE CVE CVE-2022-34468 page https://www.suse.com/security/cve/CVE-2022-34469/ SUSE CVE CVE-2022-34469 page https://www.suse.com/security/cve/CVE-2022-34470/ SUSE CVE CVE-2022-34470 page https://www.suse.com/security/cve/CVE-2022-34471/ SUSE CVE CVE-2022-34471 page https://www.suse.com/security/cve/CVE-2022-34472/ SUSE CVE CVE-2022-34472 page https://www.suse.com/security/cve/CVE-2022-34473/ SUSE CVE CVE-2022-34473 page https://www.suse.com/security/cve/CVE-2022-34474/ SUSE CVE CVE-2022-34474 page https://www.suse.com/security/cve/CVE-2022-34475/ SUSE CVE CVE-2022-34475 page https://www.suse.com/security/cve/CVE-2022-34476/ SUSE CVE CVE-2022-34476 page https://www.suse.com/security/cve/CVE-2022-34477/ SUSE CVE CVE-2022-34477 page https://www.suse.com/security/cve/CVE-2022-34478/ SUSE CVE CVE-2022-34478 page https://www.suse.com/security/cve/CVE-2022-34479/ SUSE CVE CVE-2022-34479 page https://www.suse.com/security/cve/CVE-2022-34480/ SUSE CVE CVE-2022-34480 page https://www.suse.com/security/cve/CVE-2022-34481/ SUSE CVE CVE-2022-34481 page https://www.suse.com/security/cve/CVE-2022-34482/ SUSE CVE CVE-2022-34482 page https://www.suse.com/security/cve/CVE-2022-34483/ SUSE CVE CVE-2022-34483 page https://www.suse.com/security/cve/CVE-2022-34484/ SUSE CVE CVE-2022-34484 page https://www.suse.com/security/cve/CVE-2022-34485/ SUSE CVE CVE-2022-34485 page https://www.suse.com/security/cve/CVE-2022-36314/ SUSE CVE CVE-2022-36314 page https://www.suse.com/security/cve/CVE-2022-36318/ SUSE CVE CVE-2022-36318 page https://www.suse.com/security/cve/CVE-2022-36319/ SUSE CVE CVE-2022-36319 page https://www.suse.com/security/cve/CVE-2022-38472/ SUSE CVE CVE-2022-38472 page https://www.suse.com/security/cve/CVE-2022-38473/ SUSE CVE CVE-2022-38473 page https://www.suse.com/security/cve/CVE-2022-38476/ SUSE CVE CVE-2022-38476 page https://www.suse.com/security/cve/CVE-2022-38477/ SUSE CVE CVE-2022-38477 page https://www.suse.com/security/cve/CVE-2022-38478/ SUSE CVE CVE-2022-38478 page Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 MozillaFirefox-102.2.0-112.130.1 MozillaFirefox-branding-SLE-102-35.9.1 MozillaFirefox-branding-upstream-102.2.0-112.130.1 MozillaFirefox-devel-102.2.0-112.130.1 MozillaFirefox-translations-common-102.2.0-112.130.1 MozillaFirefox-translations-other-102.2.0-112.130.1 MozillaFirefox-102.2.0-112.130.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production MozillaFirefox-branding-SLE-102-35.9.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production MozillaFirefox-102.2.0-112.130.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production MozillaFirefox-branding-SLE-102-35.9.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production MozillaFirefox-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL MozillaFirefox-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL MozillaFirefox-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP5 MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE Linux Enterprise Server 12 SP5 MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP5 MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server 12 SP5 MozillaFirefox-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 MozillaFirefox-102.2.0-112.130.1 as a component of SUSE OpenStack Cloud 9 MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE OpenStack Cloud 9 MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE OpenStack Cloud 9 MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE OpenStack Cloud 9 MozillaFirefox-102.2.0-112.130.1 as a component of SUSE OpenStack Cloud Crowbar 9 MozillaFirefox-branding-SLE-102-35.9.1 as a component of SUSE OpenStack Cloud Crowbar 9 MozillaFirefox-devel-102.2.0-112.130.1 as a component of SUSE OpenStack Cloud Crowbar 9 MozillaFirefox-translations-common-102.2.0-112.130.1 as a component of SUSE OpenStack Cloud Crowbar 9 If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-2200 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-2200.html CVE-2022-2200 Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. CVE-2022-2505 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-2505.html CVE-2022-2505 https://bugzilla.suse.com/1201758 SUSE Bug 1201758 An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-34468 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34468.html CVE-2022-34468 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102. CVE-2022-34469 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34469.html CVE-2022-34469 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-34470 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34470.html CVE-2022-34470 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version. This vulnerability affects Firefox < 102. CVE-2022-34471 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34471.html CVE-2022-34471 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-34472 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34472.html CVE-2022-34472 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102. CVE-2022-34473 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34473.html CVE-2022-34473 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox < 102. CVE-2022-34474 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34474.html CVE-2022-34474 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 SVG <code>&lt;use&gt;</code> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects Firefox < 102. CVE-2022-34475 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34475.html CVE-2022-34475 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102. CVE-2022-34476 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34476.html CVE-2022-34476 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 102. CVE-2022-34477 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34477.html CVE-2022-34477 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-34478 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34478.html CVE-2022-34478 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-34479 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34479.html CVE-2022-34479 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102. CVE-2022-34480 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34480.html CVE-2022-34480 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-34481 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34481.html CVE-2022-34481 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox < 102. CVE-2022-34482 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34482.html CVE-2022-34482 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102. CVE-2022-34483 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34483.html CVE-2022-34483 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. CVE-2022-34484 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34484.html CVE-2022-34484 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102. CVE-2022-34485 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-34485.html CVE-2022-34485 https://bugzilla.suse.com/1200793 SUSE Bug 1200793 When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. CVE-2022-36314 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-36314.html CVE-2022-36314 https://bugzilla.suse.com/1201758 SUSE Bug 1201758 When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. CVE-2022-36318 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-36318.html CVE-2022-36318 https://bugzilla.suse.com/1201758 SUSE Bug 1201758 When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. CVE-2022-36319 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-36319.html CVE-2022-36319 https://bugzilla.suse.com/1201758 SUSE Bug 1201758 An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. CVE-2022-38472 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-38472.html CVE-2022-38472 https://bugzilla.suse.com/1202645 SUSE Bug 1202645 https://bugzilla.suse.com/1205832 SUSE Bug 1205832 A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. CVE-2022-38473 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-38473.html CVE-2022-38473 https://bugzilla.suse.com/1202645 SUSE Bug 1202645 A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2. CVE-2022-38476 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-38476.html CVE-2022-38476 https://bugzilla.suse.com/1202645 SUSE Bug 1202645 Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104. CVE-2022-38477 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-38477.html CVE-2022-38477 https://bugzilla.suse.com/1202645 SUSE Bug 1202645 Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. CVE-2022-38478 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-102.2.0-112.130.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-branding-SLE-102-35.9.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-branding-SLE-102-35.9.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-102.2.0-112.130.1 SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-102.2.0-112.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223273-1/ https://www.suse.com/security/cve/CVE-2022-38478.html CVE-2022-38478 https://bugzilla.suse.com/1202645 SUSE Bug 1202645