An update for firefox is now available for openEuler-20.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1465 Final 1.0 1.0 2023-08-06 Initial 2023-08-06 2023-08-06 openEuler SA Tool V1.0 2023-08-06 firefox security update An update for firefox is now available for openEuler-20.03-LTS-SP3. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fix(es): In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).(CVE-2021-45960) In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.(CVE-2021-46143) lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.(CVE-2022-22825) nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.(CVE-2022-22826) storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.(CVE-2022-22827) An update for firefox is now available for openEuler-20.03-LTS-SP3. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High firefox https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1465 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-45960 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-46143 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-22825 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-22826 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-22827 https://nvd.nist.gov/vuln/detail/CVE-2021-45960 https://nvd.nist.gov/vuln/detail/CVE-2021-46143 https://nvd.nist.gov/vuln/detail/CVE-2022-22825 https://nvd.nist.gov/vuln/detail/CVE-2022-22826 https://nvd.nist.gov/vuln/detail/CVE-2022-22827 openEuler-20.03-LTS-SP3 firefox-debugsource-79.0-12.oe1.aarch64.rpm firefox-79.0-12.oe1.aarch64.rpm firefox-debuginfo-79.0-12.oe1.aarch64.rpm firefox-79.0-12.oe1.src.rpm firefox-debuginfo-79.0-12.oe1.x86_64.rpm mozilla-crashreporter-firefox-debuginfo-79.0-12.oe1.x86_64.rpm firefox-debugsource-79.0-12.oe1.x86_64.rpm firefox-79.0-12.oe1.x86_64.rpm In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). 2023-08-06 CVE-2021-45960 openEuler-20.03-LTS-SP3 High 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H firefox security update 2023-08-06 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1465 In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. 2023-08-06 CVE-2021-46143 openEuler-20.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H firefox security update 2023-08-06 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1465 lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2023-08-06 CVE-2022-22825 openEuler-20.03-LTS-SP3 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H firefox security update 2023-08-06 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1465 nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2023-08-06 CVE-2022-22826 openEuler-20.03-LTS-SP3 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H firefox security update 2023-08-06 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1465 storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2023-08-06 CVE-2022-22827 openEuler-20.03-LTS-SP3 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H firefox security update 2023-08-06 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1465