Oval Definition:oval:org.opensuse.security:def:2703
Revision Date:2020-12-02Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872)

- CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

Family:unixClass:patch
Status:Reference(s):1027282
1041090
1042670
1063993
1068664
1073269
1073748
1078326
1078485
1079300
1079730
1081750
1083507
1083630
1084650
1086001
1088004
1088009
1100408
1101982
1109847
1111793
1112142
1112143
1112144
1112146
1112147
1112148
1112152
1112153
1112294
1112578
1112646
1113245
1113700
1113755
1114957
1116717
1117275
1119493
1120307
1120489
1121600
1121967
1122191
1123156
1123179
1124628
1125330
1127987
1129346
1129821
1130262
1130840
1130847
1132728
1132729
1132732
1133135
1138459
1138872
1141853
1149792
1149955
1153238
1153830
1159035
1160305
1160498
1162610
214983
298378
346490
367853
379534
380942
399190
406051
425138
426563
430761
432677
436966
437293
441088
462375
525295
534721
551715
572673
577032
581765
603255
617751
637176
638233
658604
673071
682554
697251
707667
718009
747125
747794
751718
754447
766778
794139
804978
827982
831442
834601
836739
856835
856836
857470
863741
885882
898572
901715
935856
945401
964182
984751
985177
985348
989523
997436
CVE-2007-2052
CVE-2008-1721
CVE-2008-2315
CVE-2008-2316
CVE-2008-3142
CVE-2008-3143
CVE-2008-3144
CVE-2011-1521
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2013-1752
CVE-2013-1753
CVE-2013-4238
CVE-2014-1912
CVE-2014-4650
CVE-2014-7185
CVE-2016-0772
CVE-2016-1000110
CVE-2016-5636
CVE-2016-5699
CVE-2017-1000158
CVE-2017-12627
CVE-2017-18207
CVE-2018-1000030
CVE-2018-1000802
CVE-2018-1060
CVE-2018-1061
CVE-2018-13785
CVE-2018-14647
CVE-2018-16435
CVE-2018-16872
CVE-2018-18335
CVE-2018-18356
CVE-2018-18506
CVE-2018-18954
CVE-2018-19364
CVE-2018-19489
CVE-2018-20217
CVE-2018-20852
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3183
CVE-2018-3214
CVE-2018-3639
CVE-2019-10160
CVE-2019-10160
CVE-2019-11708
CVE-2019-16056
CVE-2019-16935
CVE-2019-17015
CVE-2019-17016
CVE-2019-17017
CVE-2019-17021
CVE-2019-17022
CVE-2019-17024
CVE-2019-17026
CVE-2019-2602
CVE-2019-2684
CVE-2019-2698
CVE-2019-3825
CVE-2019-5010
CVE-2019-5736
CVE-2019-5785
CVE-2019-6778
CVE-2019-9636
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
CVE-2019-9947
CVE-2019-9948
CVE-2020-8597
SUSE-SU-2019:0058-1
SUSE-SU-2019:0362-1
SUSE-SU-2019:0423-1
SUSE-SU-2019:0527-1
SUSE-SU-2019:0871-1
SUSE-SU-2019:0977-1
SUSE-SU-2019:1211-2
SUSE-SU-2019:1682-1
SUSE-SU-2019:2064-1
SUSE-SU-2020:0078-1
SUSE-SU-2020:0234-1
SUSE-SU-2020:0489-1
Platform(s):SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for High Performance Computing 15
SUSE Linux Enterprise Module for High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Package Hub for SUSE Linux Enterprise 12
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND kernel-zfcpdump-3.12.51-52.31.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND dracut-037-34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • cpio-2.11-29 is installed
  • OR cpio-lang-2.11-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • gstreamer-0_10-plugins-good-0.10.31-16 is installed
  • OR gstreamer-0_10-plugins-good-lang-0.10.31-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND libwavpack1-4.60.99-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND conntrack-tools-1.4.2-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND ctdb-4.6.16+git.124.aee309c5c18-3.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND haproxy-1.8.17~git0.e89d25b2-3.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-197.7 is installed
  • OR dlm-kmp-default-4.12.14-197.7 is installed
  • OR gfs2-kmp-default-4.12.14-197.7 is installed
  • OR kernel-default-4.12.14-197.7 is installed
  • OR ocfs2-kmp-default-4.12.14-197.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • postgresql10-10.10-4.16 is installed
  • OR postgresql10-test-10.10-4.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-3.48 is installed
  • OR MozillaFirefox-devel-60.7.2-3.48 is installed
  • OR MozillaFirefox-translations-common-60.7.2-3.48 is installed
  • OR MozillaFirefox-translations-other-60.7.2-3.48 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 is installed
  • AND Package Information
  • python-numpy_1_16_1-gnu-hpc-1.16.1-4.8 is installed
  • OR python2-numpy-gnu-hpc-1.16.1-4.8 is installed
  • OR python2-numpy-gnu-hpc-devel-1.16.1-4.8 is installed
  • OR python3-numpy-gnu-hpc-1.16.1-4.8 is installed
  • OR python3-numpy-gnu-hpc-devel-1.16.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed
  • AND Package Information
  • libslurm32-17.11.13-6.18 is installed
  • OR slurm-17.11.13-6.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.3 is installed
  • OR reiserfs-kmp-default-4.12.14-25.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.18 is installed
  • OR reiserfs-kmp-default-4.12.14-197.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.3 is installed
  • OR kernel-default-livepatch-4.12.14-25.3 is installed
  • OR kernel-livepatch-4_12_14-25_3-default-1-1.3 is installed
  • OR kernel-livepatch-SLE15_Update_1-1-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-195-default-2-4 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_0-2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-6.9 is installed
  • OR docker-runc-test-1.0.0rc5+gitr3562_69663f0bd4b6-6.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-accessibility-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-javadoc-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-src-1.8.0.212-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND python-requests-2.3.0-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.13 is installed
  • OR kernel-azure-base-4.12.14-5.13 is installed
  • OR kernel-azure-devel-4.12.14-5.13 is installed
  • OR kernel-devel-azure-4.12.14-5.13 is installed
  • OR kernel-source-azure-4.12.14-5.13 is installed
  • OR kernel-syms-azure-4.12.14-5.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • rsyslog-8.33.1-3.3 is installed
  • OR rsyslog-module-gssapi-8.33.1-3.3 is installed
  • OR rsyslog-module-mysql-8.33.1-3.3 is installed
  • OR rsyslog-module-pgsql-8.33.1-3.3 is installed
  • OR rsyslog-module-relp-8.33.1-3.3 is installed
  • OR rsyslog-module-snmp-8.33.1-3.3 is installed
  • OR rsyslog-module-udpspoof-8.33.1-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php5-5.5.14-4 is installed
  • OR php5-5.5.14-4 is installed
  • OR php5-bcmath-5.5.14-4 is installed
  • OR php5-bz2-5.5.14-4 is installed
  • OR php5-calendar-5.5.14-4 is installed
  • OR php5-ctype-5.5.14-4 is installed
  • OR php5-curl-5.5.14-4 is installed
  • OR php5-dba-5.5.14-4 is installed
  • OR php5-dom-5.5.14-4 is installed
  • OR php5-enchant-5.5.14-4 is installed
  • OR php5-exif-5.5.14-4 is installed
  • OR php5-fastcgi-5.5.14-4 is installed
  • OR php5-fileinfo-5.5.14-4 is installed
  • OR php5-fpm-5.5.14-4 is installed
  • OR php5-ftp-5.5.14-4 is installed
  • OR php5-gd-5.5.14-4 is installed
  • OR php5-gettext-5.5.14-4 is installed
  • OR php5-gmp-5.5.14-4 is installed
  • OR php5-iconv-5.5.14-4 is installed
  • OR php5-intl-5.5.14-4 is installed
  • OR php5-json-5.5.14-4 is installed
  • OR php5-ldap-5.5.14-4 is installed
  • OR php5-mbstring-5.5.14-4 is installed
  • OR php5-mcrypt-5.5.14-4 is installed
  • OR php5-mysql-5.5.14-4 is installed
  • OR php5-odbc-5.5.14-4 is installed
  • OR php5-openssl-5.5.14-4 is installed
  • OR php5-pcntl-5.5.14-4 is installed
  • OR php5-pdo-5.5.14-4 is installed
  • OR php5-pear-5.5.14-4 is installed
  • OR php5-pgsql-5.5.14-4 is installed
  • OR php5-pspell-5.5.14-4 is installed
  • OR php5-shmop-5.5.14-4 is installed
  • OR php5-snmp-5.5.14-4 is installed
  • OR php5-soap-5.5.14-4 is installed
  • OR php5-sockets-5.5.14-4 is installed
  • OR php5-sqlite-5.5.14-4 is installed
  • OR php5-suhosin-5.5.14-4 is installed
  • OR php5-sysvmsg-5.5.14-4 is installed
  • OR php5-sysvsem-5.5.14-4 is installed
  • OR php5-sysvshm-5.5.14-4 is installed
  • OR php5-tokenizer-5.5.14-4 is installed
  • OR php5-wddx-5.5.14-4 is installed
  • OR php5-xmlreader-5.5.14-4 is installed
  • OR php5-xmlrpc-5.5.14-4 is installed
  • OR php5-xmlwriter-5.5.14-4 is installed
  • OR php5-xsl-5.5.14-4 is installed
  • OR php5-zip-5.5.14-4 is installed
  • OR php5-zlib-5.5.14-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs10-10.16.3-1.12 is installed
  • OR nodejs10-devel-10.16.3-1.12 is installed
  • OR nodejs10-docs-10.16.3-1.12 is installed
  • OR npm10-10.16.3-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND ant-1.9.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • accountsservice-0.6.35-3 is installed
  • OR accountsservice-lang-0.6.35-3 is installed
  • OR libaccountsservice0-0.6.35-3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libruby2_1-2_1-2.1.2-12 is installed
  • OR ruby2.1-2.1.2-12 is installed
  • OR ruby2.1-stdlib-2.1.2-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_48-52_27-default-5-2.2 is installed
  • OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed
  • OR kgraft-patch-SLE12_Update_8-5-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND libXcursor-devel-1.1.14-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • gnome-online-accounts-devel-3.20.4-7.2 is installed
  • OR typelib-1_0-Goa-1_0-3.20.4-7.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.6 is installed
  • OR kernel-default-extra-4.12.14-25.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • evolution-3.26.6-4.3 is installed
  • OR evolution-devel-3.26.6-4.3 is installed
  • OR evolution-lang-3.26.6-4.3 is installed
  • OR evolution-plugin-bogofilter-3.26.6-4.3 is installed
  • OR evolution-plugin-pst-import-3.26.6-4.3 is installed
  • OR evolution-plugin-spamassassin-3.26.6-4.3 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • chromedriver-54.0.2840.59-109 is installed
  • OR chromium-54.0.2840.59-109 is installed
  • OR chromium-ffmpegsumo-54.0.2840.59-109 is installed
    • BACK