OVAL Reference oval:org.opensuse.security:def:1806

Oval Definition:

oval:org.opensuse.security:def:1806

Revision Date:	2022-01-26	Version:	1
Title:	Security update for MozillaThunderbird (Important)
Description:	This update for MozillaThunderbird fixes the following issues: - CVE-2021-4140: Fixed Iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547). - CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547). - CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547). - CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547). - CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547). - CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).
Family:	unix	Class:	patch
Status:		Reference(s):	1046303 1050244 1050549 1051510 1051858 1061840 1065600 1065729 1068709 1068711 1071995 1083647 1085030 1086301 1086313 1086314 1088810 1090888 1103989 1103990 1103991 1104353 1104427 1104745 1105392 1109837 1111666 1112178 1112374 1112504 1113956 1114279 1114685 1115026 1118338 1118661 1118987 1123328 1126206 1127371 1127611 1127682 1129551 1129770 1133021 1133147 1134973 1140025 1140120 1140844 1142685 1142770 1143959 1144162 1144333 1146519 1146544 1151548 1151910 1151927 1152107 1152631 1152990 1152992 1152994 1152995 1153535 1153917 1154243 1154601 1154768 1154916 1155331 1155334 1155689 1156259 1156286 1156462 1157155 1157157 1157169 1157303 1157424 1157480 1157692 1157853 1157895 1157908 1157966 1158013 1158021 1158026 1158071 1158094 1158132 1158381 1158533 1158637 1158638 1158639 1158640 1158641 1158643 1158644 1158645 1158646 1158647 1158649 1158651 1158652 1158819 1158823 1158824 1158827 1158834 1158893 1158900 1158903 1158904 1158954 1159024 1159028 1159271 1159297 1159329 1159377 1159394 1159483 1159484 1159500 1159569 1159588 1159841 1159908 1159909 1159910 1159911 1159955 1160147 1160195 1160210 1160211 1160218 1160433 1160442 1160469 1160470 1160476 1160560 1160618 1160678 1160755 1160756 1160784 1160787 1160802 1160803 1160804 1160917 1160966 1160979 1161087 1161243 1161360 1161472 1161514 1161518 1161522 1161523 1161549 1161552 1161674 1161702 1161719 1161907 1161931 1161933 1161934 1161935 1161936 1161937 1162028 1162067 1162109 1162139 1162197 1162200 1162224 1162367 1162396 1162557 1162617 1162618 1162619 1162623 1162825 1162928 1162943 1163206 1163383 1163384 1163762 1163774 1163809 1163836 1163840 1163841 1163842 1163843 1163844 1163845 1163846 1163849 1163850 1163851 1163852 1163853 1163855 1163856 1163857 1163858 1163859 1163860 1163861 1163862 1163863 1163867 1163869 1163880 1163971 1164051 1164069 1164098 1164115 1164314 1164315 1164388 1164471 1164598 1164632 1164705 1164712 1164727 1164728 1164729 1164730 1164731 1164732 1164733 1164734 1164735 1164804 1165439 1165471 1166751 1168170 1168699 1194547 862963 CVE-2012-6708 CVE-2014-7204 CVE-2015-9251 CVE-2017-1000231 CVE-2017-1000232 CVE-2017-9432 CVE-2018-11805 CVE-2018-14553 CVE-2019-1010190 CVE-2019-11038 CVE-2019-14615 CVE-2019-14896 CVE-2019-14897 CVE-2019-15213 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-16746 CVE-2019-16994 CVE-2019-18808 CVE-2019-19036 CVE-2019-19045 CVE-2019-19051 CVE-2019-19054 CVE-2019-19066 CVE-2019-19318 CVE-2019-19319 CVE-2019-19332 CVE-2019-19338 CVE-2019-19447 CVE-2019-19523 CVE-2019-19526 CVE-2019-19527 CVE-2019-19532 CVE-2019-19533 CVE-2019-19535 CVE-2019-19537 CVE-2019-19767 CVE-2019-19927 CVE-2019-19965 CVE-2019-19966 CVE-2019-20054 CVE-2019-20095 CVE-2019-20096 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9674 CVE-2020-0556 CVE-2020-1730 CVE-2020-1747 CVE-2020-1930 CVE-2020-1931 CVE-2020-2732 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-7053 CVE-2020-8130 CVE-2020-8428 CVE-2020-8492 CVE-2020-8648 CVE-2020-8992 CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22744 CVE-2022-22745 CVE-2022-22746 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 SUSE-SU-2020:0468-1 SUSE-SU-2020:0510-1 SUSE-SU-2020:0594-1 SUSE-SU-2020:0737-1 SUSE-SU-2020:0801-1 SUSE-SU-2020:0811-1 SUSE-SU-2020:0918-1 SUSE-SU-2020:0957-1 SUSE-SU-2020:0959-1 SUSE-SU-2020:0967-1 SUSE-SU-2022:0199-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Containers 15 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information libreoffice-4.3.5.2-10 is installed OR libreoffice-sdk-4.3.5.2-10 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information krb5-mini-1.12.1-22 is installed OR krb5-mini-devel-1.12.1-22 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.49-92.11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.425-19.1 is installed OR flash-player-gnome-11.2.202.425-19.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND yast2-3.1.155-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND ctags-5.8-1.27 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed AND Package Information MozillaThunderbird-91.5.0-8.51.1 is installed OR MozillaThunderbird-translations-common-91.5.0-8.51.1 is installed OR MozillaThunderbird-translations-other-91.5.0-8.51.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND python-requests-2.8.1-6.16 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_62-60_64_8-default-3-2.1 is installed OR kgraft-patch-3_12_62-60_64_8-xen-3-2.1 is installed OR kgraft-patch-SLE12-SP1_Update_8-3-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information glib2-2.54.3-4.7 is installed OR glib2-devel-32bit-2.54.3-4.7 is installed OR glib2-tools-32bit-2.54.3-4.7 is installed OR libgthread-2_0-0-32bit-2.54.3-4.7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND facter-2.0.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.26.4-3.43 is installed OR libwebkit2gtk-4_0-37-2.26.4-3.43 is installed OR libwebkit2gtk3-lang-2.26.4-3.43 is installed OR webkit2gtk-4_0-injected-bundles-2.26.4-3.43 is installed OR webkit2gtk3-2.26.4-3.43 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information libvpx-1.6.1-6.6 is installed OR libvpx4-1.6.1-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 is installed AND Package Information containerd-1.2.5-5.13 is installed OR docker-18.09.6_ce-6.17 is installed OR docker-bash-completion-18.09.6_ce-6.17 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information docker-18.09.6_ce-6.20 is installed OR docker-bash-completion-18.09.6_ce-6.20 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 SP2 is installed AND slirp4netns-0.4.7-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libtiff5-32bit-4.0.9-5.9 is installed OR tiff-4.0.9-5.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information ffmpeg-3.4.2-4.17 is installed OR libavcodec57-3.4.2-4.17 is installed OR libavutil-devel-3.4.2-4.17 is installed OR libavutil55-3.4.2-4.17 is installed OR libpostproc-devel-3.4.2-4.17 is installed OR libpostproc54-3.4.2-4.17 is installed OR libswresample-devel-3.4.2-4.17 is installed OR libswresample2-3.4.2-4.17 is installed OR libswscale-devel-3.4.2-4.17 is installed OR libswscale4-3.4.2-4.17 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information libgit2-0.26.8-3.8 is installed OR libgit2-26-0.26.8-3.8 is installed OR libgit2-devel-0.26.8-3.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information python3-base-3.6.8-3.16 is installed OR python3-tools-3.6.8-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information cups154-1.5.4-2 is installed OR cups154-client-1.5.4-2 is installed OR cups154-filters-1.5.4-2 is installed OR cups154-libs-1.5.4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-3.10 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-3.10 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-3.10 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-3.10 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-23-default-2-4 is installed OR kernel-livepatch-SLE15_Update_0-2-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information binutils-2.31-6.3 is installed OR binutils-gold-2.31-6.3 is installed OR cross-arm-binutils-2.31-6.3 is installed OR cross-avr-binutils-2.31-6.3 is installed OR cross-epiphany-binutils-2.31-6.3 is installed OR cross-hppa-binutils-2.31-6.3 is installed OR cross-hppa64-binutils-2.31-6.3 is installed OR cross-i386-binutils-2.31-6.3 is installed OR cross-ia64-binutils-2.31-6.3 is installed OR cross-m68k-binutils-2.31-6.3 is installed OR cross-mips-binutils-2.31-6.3 is installed OR cross-ppc-binutils-2.31-6.3 is installed OR cross-ppc64-binutils-2.31-6.3 is installed OR cross-riscv64-binutils-2.31-6.3 is installed OR cross-rx-binutils-2.31-6.3 is installed OR cross-s390-binutils-2.31-6.3 is installed OR cross-sparc-binutils-2.31-6.3 is installed OR cross-sparc64-binutils-2.31-6.3 is installed OR cross-spu-binutils-2.31-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information evolution-3.26.6-4.3 is installed OR glade-catalog-evolution-3.26.6-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openssh-7.6p1-9.3 is installed OR openssh-fips-7.6p1-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information libpython3_4m1_0-3.4.1-2 is installed OR python3-base-3.4.1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information accountsservice-0.6.35-1 is installed OR accountsservice-lang-0.6.35-1 is installed OR libaccountsservice0-0.6.35-1 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXt6-1.1.4-3 is installed OR libXt6-32bit-1.1.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libjson-c2-0.11-2.22 is installed OR libjson-c2-32bit-0.11-2.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libopenssl-devel-1.0.2j-55.1 is installed OR libopenssl1_0_0-1.0.2j-55.1 is installed OR libopenssl1_0_0-hmac-1.0.2j-55.1 is installed OR openssl-1.0.2j-55.1 is installed OR openssl-doc-1.0.2j-55.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information FastCGI-2.4.0-167.1 is installed OR perl-FastCGI-2.4.0-167.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND libstaroffice-0_0-0-0.0.6-5 is installed

BACK