OVAL Reference oval:org.opensuse.security:def:1814

Oval Definition:

oval:org.opensuse.security:def:1814

Revision Date:	2022-02-23	Version:	1
Title:	Security update for MozillaThunderbird (Important)
Description:	This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 91.6.1 / MFSA 2022-07 (bsc#1196072) * CVE-2022-0566 (bmo#1753094) Crafted email could trigger an out-of-bounds write - Mozilla Thunderbird 91.6 / MFSA 2022-06 (bsc#1195682) * CVE-2022-22753 (bmo#1732435) Privilege Escalation to SYSTEM on Windows via Maintenance Service * CVE-2022-22754 (bmo#1750565) Extensions could have bypassed permission confirmation during update * CVE-2022-22756 (bmo#1317873) Drag and dropping an image could have resulted in the dropped object being an executable * CVE-2022-22759 (bmo#1739957) Sandboxed iframes could have executed script if the parent appended elements * CVE-2022-22760 (bmo#1740985, bmo#1748503) Cross-Origin responses could be distinguished between script and non-script content-types * CVE-2022-22761 (bmo#1745566) frame-ancestors Content Security Policy directive was not enforced for framed extension pages * CVE-2022-22763 (bmo#1740534) Script Execution during invalid object state * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545, bmo#1748210, bmo#1748279) Memory safety bugs fixed in Thunderbird 91.6
Family:	unix	Class:	patch
Status:		Reference(s):	1079548 1092115 1123156 1135656 1142770 1152692 1153611 1154790 1155327 1157465 1158940 1159003 1159118 1160931 1161066 1162327 1162504 1162729 1163018 1163184 1164505 1165425 1165776 1165784 1166240 1166379 1166481 1166881 1167244 1168170 1168345 1168938 1172021 1172225 1195682 1196072 CVE-2013-2027 CVE-2015-3164 CVE-2017-10971 CVE-2017-10972 CVE-2017-12176 CVE-2017-12187 CVE-2017-13721 CVE-2017-13723 CVE-2017-2624 CVE-2018-14665 CVE-2018-6459 CVE-2018-9154 CVE-2019-1010190 CVE-2019-15034 CVE-2019-17361 CVE-2019-18802 CVE-2019-18897 CVE-2019-19956 CVE-2019-20382 CVE-2019-20807 CVE-2019-6778 CVE-2020-10029 CVE-2020-10663 CVE-2020-10933 CVE-2020-11501 CVE-2020-1711 CVE-2020-7039 CVE-2020-8608 CVE-2022-0566 CVE-2022-22753 CVE-2022-22754 CVE-2022-22756 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22763 CVE-2022-22764 SUSE-SU-2020:0668-1 SUSE-SU-2020:0684-1 SUSE-SU-2020:0722-1 SUSE-SU-2020:0743-1 SUSE-SU-2020:0844-1 SUSE-SU-2020:0948-1 SUSE-SU-2020:0957-1 SUSE-SU-2020:0995-1 SUSE-SU-2020:1420-2 SUSE-SU-2020:1532-2 SUSE-SU-2020:1551-1 SUSE-SU-2022:0559-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for CAP 15 SUSE Linux Enterprise Module for Containers 15 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 15 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information krb5-mini-1.12.1-16 is installed OR krb5-mini-devel-1.12.1-16 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information krb5-mini-1.12.1-36 is installed OR krb5-mini-devel-1.12.1-36 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND Package Information libudev-mini-devel-228-149 is installed OR libudev-mini1-228-149 is installed OR systemd-mini-228-149 is installed OR systemd-mini-devel-228-149 is installed OR udev-mini-228-149 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libssh-0.6.3-4.1 is installed OR libssh4-0.6.3-4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND jython-2.2.1-4.36 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed AND Package Information MozillaThunderbird-91.6.1-8.54.1 is installed OR MozillaThunderbird-translations-common-91.6.1-8.54.1 is installed OR MozillaThunderbird-translations-other-91.6.1-8.54.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_51-60_20-default-2-2.1 is installed OR kgraft-patch-3_12_51-60_20-xen-2-2.1 is installed OR kgraft-patch-SLE12-SP1_Update_1-2-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information nmap-7.70-3.5 is installed OR nping-7.70-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information glibc-2.26-13.39 is installed OR glibc-32bit-2.26-13.39 is installed OR glibc-devel-2.26-13.39 is installed OR glibc-extra-2.26-13.39 is installed OR glibc-i18ndata-2.26-13.39 is installed OR glibc-info-2.26-13.39 is installed OR glibc-locale-2.26-13.39 is installed OR glibc-locale-base-2.26-13.39 is installed OR glibc-locale-base-32bit-2.26-13.39 is installed OR glibc-profile-2.26-13.39 is installed OR nscd-2.26-13.39 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information jasper-2.0.14-3.11 is installed OR libjasper4-2.0.14-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for CAP 15 is installed AND cf-cli-6.43.0-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 is installed AND Package Information containerd-1.2.6-5.16 is installed OR docker-19.03.1_ce-6.26 is installed OR docker-bash-completion-19.03.1_ce-6.26 is installed OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15 is installed OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information containerd-1.2.6-5.16 is installed OR docker-19.03.1_ce-6.26 is installed OR docker-bash-completion-19.03.1_ce-6.26 is installed OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15 is installed OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information typelib-1_0-JavaScriptCore-4_0-2.20.3-3.3 is installed OR typelib-1_0-WebKit2-4_0-2.20.3-3.3 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.20.3-3.3 is installed OR webkit2gtk3-2.20.3-3.3 is installed OR webkit2gtk3-devel-2.20.3-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information bluez-5.48-5.16 is installed OR bluez-devel-5.48-5.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information python3-base-3.6.8-3.16 is installed OR python3-tools-3.6.8-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information glibc-2.26-13.24 is installed OR glibc-devel-32bit-2.26-13.24 is installed OR glibc-devel-static-2.26-13.24 is installed OR glibc-utils-2.26-13.24 is installed OR glibc-utils-src-2.26-13.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 is installed AND Package Information libpmi0-17.11.13-6.15 is installed OR libslurm32-17.11.13-6.15 is installed OR perl-slurm-17.11.13-6.15 is installed OR slurm-17.11.13-6.15 is installed OR slurm-auth-none-17.11.13-6.15 is installed OR slurm-config-17.11.13-6.15 is installed OR slurm-devel-17.11.13-6.15 is installed OR slurm-doc-17.11.13-6.15 is installed OR slurm-lua-17.11.13-6.15 is installed OR slurm-munge-17.11.13-6.15 is installed OR slurm-node-17.11.13-6.15 is installed OR slurm-pam_slurm-17.11.13-6.15 is installed OR slurm-plugins-17.11.13-6.15 is installed OR slurm-slurmdbd-17.11.13-6.15 is installed OR slurm-sql-17.11.13-6.15 is installed OR slurm-torque-17.11.13-6.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2n-3.3 is installed OR libopenssl1_0_0-1.0.2n-3.3 is installed OR openssl-1_0_0-1.0.2n-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-23-default-2-4 is installed OR kernel-livepatch-SLE15_Update_0-2-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-195-default-2-4 is installed OR kernel-livepatch-SLE15-SP1_Update_0-2-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information ffmpeg-3.4.2-4.12 is installed OR ffmpeg-private-devel-3.4.2-4.12 is installed OR libavdevice-devel-3.4.2-4.12 is installed OR libavdevice57-3.4.2-4.12 is installed OR libavfilter-devel-3.4.2-4.12 is installed OR libavfilter6-3.4.2-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information bzip2-1.0.6-5.3 is installed OR bzip2-doc-1.0.6-5.3 is installed OR libbz2-devel-32bit-1.0.6-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND yast2-rmt-1.1.2-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php7-7.0.7-15 is installed OR php7-7.0.7-15 is installed OR php7-bcmath-7.0.7-15 is installed OR php7-bz2-7.0.7-15 is installed OR php7-calendar-7.0.7-15 is installed OR php7-ctype-7.0.7-15 is installed OR php7-curl-7.0.7-15 is installed OR php7-dba-7.0.7-15 is installed OR php7-dom-7.0.7-15 is installed OR php7-enchant-7.0.7-15 is installed OR php7-exif-7.0.7-15 is installed OR php7-fastcgi-7.0.7-15 is installed OR php7-fileinfo-7.0.7-15 is installed OR php7-fpm-7.0.7-15 is installed OR php7-ftp-7.0.7-15 is installed OR php7-gd-7.0.7-15 is installed OR php7-gettext-7.0.7-15 is installed OR php7-gmp-7.0.7-15 is installed OR php7-iconv-7.0.7-15 is installed OR php7-imap-7.0.7-15 is installed OR php7-intl-7.0.7-15 is installed OR php7-json-7.0.7-15 is installed OR php7-ldap-7.0.7-15 is installed OR php7-mbstring-7.0.7-15 is installed OR php7-mcrypt-7.0.7-15 is installed OR php7-mysql-7.0.7-15 is installed OR php7-odbc-7.0.7-15 is installed OR php7-opcache-7.0.7-15 is installed OR php7-openssl-7.0.7-15 is installed OR php7-pcntl-7.0.7-15 is installed OR php7-pdo-7.0.7-15 is installed OR php7-pear-7.0.7-15 is installed OR php7-pear-Archive_Tar-7.0.7-15 is installed OR php7-pgsql-7.0.7-15 is installed OR php7-phar-7.0.7-15 is installed OR php7-posix-7.0.7-15 is installed OR php7-pspell-7.0.7-15 is installed OR php7-shmop-7.0.7-15 is installed OR php7-snmp-7.0.7-15 is installed OR php7-soap-7.0.7-15 is installed OR php7-sockets-7.0.7-15 is installed OR php7-sqlite-7.0.7-15 is installed OR php7-sysvmsg-7.0.7-15 is installed OR php7-sysvsem-7.0.7-15 is installed OR php7-sysvshm-7.0.7-15 is installed OR php7-tokenizer-7.0.7-15 is installed OR php7-wddx-7.0.7-15 is installed OR php7-xmlreader-7.0.7-15 is installed OR php7-xmlrpc-7.0.7-15 is installed OR php7-xmlwriter-7.0.7-15 is installed OR php7-xsl-7.0.7-15 is installed OR php7-zip-7.0.7-15 is installed OR php7-zlib-7.0.7-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND ant-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND libapr1-1.5.1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information liblzo2-2-2.08-1.6 is installed OR liblzo2-2-32bit-2.08-1.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libpoppler-glib8-0.43.0-15.1 is installed OR libpoppler-qt4-4-0.43.0-15.1 is installed OR libpoppler60-0.43.0-15.1 is installed OR poppler-tools-0.43.0-15.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND augeas-devel-1.2.0-3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND xorg-x11-server-wayland-1.20.3-20 is installed

BACK