OVAL Reference oval:org.opensuse.security:def:1081

Oval Definition:

oval:org.opensuse.security:def:1081

Revision Date:	2022-06-28	Version:	1
Title:	Security update for MozillaFirefox (Important) (in QA)
Description:	This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR (MFSA 2022-25) (bsc#1200793): - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI - CVE-2022-34470: Use-after-free in nsSHistory - CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked - CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt - CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content - CVE-2022-34481: Potential integer overflow in ReplaceElementsAt - CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 This patch is currently in QA and not yet available for download.
Family:	unix	Class:	patch
Status:		Reference(s):	1200793 CVE-2014-3540 CVE-2014-3540 CVE-2017-5838 CVE-2017-5847 CVE-2017-5848 CVE-2019-6706 CVE-2022-2200 CVE-2022-31744 CVE-2022-34468 CVE-2022-34470 CVE-2022-34472 CVE-2022-34478 CVE-2022-34479 CVE-2022-34481 CVE-2022-34484
Platform(s):	openSUSE 13.2 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Storage 7.1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 SUSE Package Hub for SUSE Linux Enterprise 12 SUSE Package Hub for SUSE Linux Enterprise 15	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND ppp-2.4.7-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND Package Information liblua5_3-5-5.3.4-3.3.2 is installed OR liblua5_3-5-32bit-5.3.4-3.3.2 is installed OR lua53-5.3.4-3.3.2 is installed OR lua53-devel-5.3.4-3.3.2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND Package Information MozillaFirefox-91.11.0-150200.152.46.1 is installed OR MozillaFirefox-devel-91.11.0-150200.152.46.1 is installed OR MozillaFirefox-translations-common-91.11.0-150200.152.46.1 is installed OR MozillaFirefox-translations-other-91.11.0-150200.152.46.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ruby2.5-rubygem-sprockets-3.7.2-3.3 is installed OR rubygem-sprockets-3.7.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information libxmlsec1-gcrypt1-1.2.26-3.3 is installed OR libxmlsec1-gnutls1-1.2.26-3.3 is installed OR libxmlsec1-openssl1-1.2.26-3.3 is installed OR xmlsec1-1.2.26-3.3 is installed OR xmlsec1-gnutls-devel-1.2.26-3.3 is installed OR xmlsec1-openssl-devel-1.2.26-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information gstreamer-plugins-bad-1.12.5-3.3 is installed OR gstreamer-plugins-bad-devel-1.12.5-3.3 is installed OR gstreamer-plugins-bad-lang-1.12.5-3.3 is installed OR libgstadaptivedemux-1_0-0-1.12.5-3.3 is installed OR libgstbadallocators-1_0-0-1.12.5-3.3 is installed OR libgstbadaudio-1_0-0-1.12.5-3.3 is installed OR libgstbadbase-1_0-0-1.12.5-3.3 is installed OR libgstbadvideo-1_0-0-1.12.5-3.3 is installed OR libgstbasecamerabinsrc-1_0-0-1.12.5-3.3 is installed OR libgstcodecparsers-1_0-0-1.12.5-3.3 is installed OR libgstinsertbin-1_0-0-1.12.5-3.3 is installed OR libgstmpegts-1_0-0-1.12.5-3.3 is installed OR libgstplayer-1_0-0-1.12.5-3.3 is installed OR libgsturidownloader-1_0-0-1.12.5-3.3 is installed OR libgstwayland-1_0-0-1.12.5-3.3 is installed OR typelib-1_0-GstBadAllocators-1_0-1.12.5-3.3 is installed OR typelib-1_0-GstGL-1_0-1.12.5-3.3 is installed OR typelib-1_0-GstInsertBin-1_0-1.12.5-3.3 is installed OR typelib-1_0-GstMpegts-1_0-1.12.5-3.3 is installed OR typelib-1_0-GstPlayer-1_0-1.12.5-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2p-3.11 is installed OR libopenssl1_0_0-1.0.2p-3.11 is installed OR openssl-1_0_0-1.0.2p-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.13 is installed OR kernel-default-livepatch-4.12.14-25.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information libqb-1.0.3+20171226.6d62b64-3.3 is installed OR libqb0-1.0.3+20171226.6d62b64-3.3 is installed OR libqb0-32bit-1.0.3+20171226.6d62b64-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND python-azure-agent-2.2.36-7.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.3 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND apache-commons-beanutils-1.9.2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cvs-1.12.12-181.63 is installed OR cvs-doc-1.12.12-181.63 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information tomcat-8.0.36-11.4 is installed OR tomcat-admin-webapps-8.0.36-11.4 is installed OR tomcat-docs-webapp-8.0.36-11.4 is installed OR tomcat-el-3_0-api-8.0.36-11.4 is installed OR tomcat-javadoc-8.0.36-11.4 is installed OR tomcat-jsp-2_3-api-8.0.36-11.4 is installed OR tomcat-lib-8.0.36-11.4 is installed OR tomcat-servlet-3_1-api-8.0.36-11.4 is installed OR tomcat-webapps-8.0.36-11.4 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information NetworkManager-applet-1.8.10-3 is installed OR NetworkManager-applet-lang-1.8.10-3 is installed OR NetworkManager-connection-editor-1.8.10-3 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information irssi-0.8.20-9 is installed OR irssi-devel-0.8.20-9 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND Package Information bitcoin-0.16.3-bp150.3.3 is installed OR bitcoin-qt5-0.16.3-bp150.3.3 is installed OR bitcoin-test-0.16.3-bp150.3.3 is installed OR bitcoin-utils-0.16.3-bp150.3.3 is installed OR bitcoind-0.16.3-bp150.3.3 is installed OR libbitcoinconsensus-devel-0.16.3-bp150.3.3 is installed OR libbitcoinconsensus0-0.16.3-bp150.3.3 is installed

BACK