Oval Definition:	oval:org.opensuse.security:def:2791
Revision Date: 2020-12-02 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872) - CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. Family: unix Class: patch Status: Reference(s): 1036463 1076530 1082318 1096368 1101888 1101889 1105606 1106699 1121563 1121826 1124122 1125352 1125604 1126056 1127557 1130230 1132348 1132400 1132721 1133506 1133509 1135114 1138301 1138302 1138303 1138305 1138461 1138872 1139884 1139885 1139886 1139959 1140100 1140102 1140103 1140104 1140105 1140106 1140110 1140111 1140255 1140501 1140513 1140520 1140534 1140538 1140543 1140545 1140547 1140549 1140552 1140554 1140664 1140665 1140666 1140667 1140668 1140669 1140673 1141171 1145575 1145738 1145739 1145740 1145741 1145742 1154804 1154805 1155198 1155205 1155298 1155678 1155819 1156158 1157377 1158763 CVE-2017-15134 CVE-2017-15135 CVE-2018-10850 CVE-2018-10935 CVE-2018-14394 CVE-2018-14395 CVE-2018-14624 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168 CVE-2019-11708 CVE-2019-12855 CVE-2019-12974 CVE-2019-12974 CVE-2019-12975 CVE-2019-12975 CVE-2019-12976 CVE-2019-12976 CVE-2019-12977 CVE-2019-12977 CVE-2019-12978 CVE-2019-12978 CVE-2019-12979 CVE-2019-12979 CVE-2019-13012 CVE-2019-13132 CVE-2019-13133 CVE-2019-13133 CVE-2019-13134 CVE-2019-13134 CVE-2019-13135 CVE-2019-13135 CVE-2019-13136 CVE-2019-13136 CVE-2019-13137 CVE-2019-13137 CVE-2019-13295 CVE-2019-13295 CVE-2019-13296 CVE-2019-13296 CVE-2019-13297 CVE-2019-13297 CVE-2019-13298 CVE-2019-13298 CVE-2019-13299 CVE-2019-13299 CVE-2019-13300 CVE-2019-13300 CVE-2019-13301 CVE-2019-13301 CVE-2019-13302 CVE-2019-13302 CVE-2019-13303 CVE-2019-13303 CVE-2019-13304 CVE-2019-13304 CVE-2019-13305 CVE-2019-13305 CVE-2019-13306 CVE-2019-13306 CVE-2019-13307 CVE-2019-13307 CVE-2019-13308 CVE-2019-13308 CVE-2019-13309 CVE-2019-13309 CVE-2019-13310 CVE-2019-13310 CVE-2019-13311 CVE-2019-13311 CVE-2019-13391 CVE-2019-13391 CVE-2019-13454 CVE-2019-13454 CVE-2019-18900 CVE-2019-3842 CVE-2019-3843 CVE-2019-3844 CVE-2019-6133 CVE-2019-6454 CVE-2019-9517 SUSE-SU-2019:1207-2 SUSE-SU-2019:1299-2 SUSE-SU-2019:1364-2 SUSE-SU-2019:1643-1 SUSE-SU-2019:1682-1 SUSE-SU-2019:1776-1 SUSE-SU-2019:1833-1 SUSE-SU-2019:2018-1 SUSE-SU-2019:2106-1 SUSE-SU-2019:2212-1 SUSE-SU-2019:2237-1 SUSE-SU-2020:0087-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Realtime packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information python-keystoneclient-1.0.0-14 is installed OR python-keystoneclient-doc-1.0.0-14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR bash-lang-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND wget-1.14-21.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND telepathy-gabble-0.18.3-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-69 is installed OR cluster-network-kmp-default-4.4.21-69 is installed OR dlm-kmp-default-4.4.21-69 is installed OR gfs2-kmp-default-4.4.21-69 is installed OR ocfs2-kmp-default-4.4.21-69 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information samba-4.7.11+git.140.6bd0e5b30d8-4.21 is installed OR samba-python-4.7.11+git.140.6bd0e5b30d8-4.21 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information MozillaFirefox-60.7.2-3.48 is installed OR MozillaFirefox-devel-60.7.2-3.48 is installed OR MozillaFirefox-translations-common-60.7.2-3.48 is installed OR MozillaFirefox-translations-other-60.7.2-3.48 is installed Definition Synopsis SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed AND Package Information python-numpy_1_16_1-gnu-hpc-1.16.1-4.8 is installed OR python2-numpy-gnu-hpc-1.16.1-4.8 is installed OR python2-numpy-gnu-hpc-devel-1.16.1-4.8 is installed OR python3-numpy-gnu-hpc-1.16.1-4.8 is installed OR python3-numpy-gnu-hpc-devel-1.16.1-4.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-3.3 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-3.3 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-3.3 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.4 is installed OR reiserfs-kmp-default-4.12.14-197.4 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-23-default-2-4 is installed OR kernel-livepatch-SLE15_Update_0-2-4 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-195-default-2-4 is installed OR kernel-livepatch-SLE15-SP1_Update_0-2-4 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information libsolv-0.7.10-3.22 is installed OR libsolv-demo-0.7.10-3.22 is installed OR libzypp-17.19.0-3.34 is installed OR libzypp-devel-doc-17.19.0-3.34 is installed OR zypper-1.14.33-3.29 is installed OR zypper-aptitude-1.14.33-3.29 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information 389-ds-1.4.0.3-4.7 is installed OR 389-ds-snmp-1.4.0.3-4.7 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information libfreebl3-hmac-32bit-3.53-3.40 is installed OR libsoftokn3-hmac-32bit-3.53-3.40 is installed OR mozilla-nss-3.53-3.40 is installed OR mozilla-nss-sysinit-32bit-3.53-3.40 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-pycrypto-2.6.1-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.44 is installed OR kernel-azure-base-4.12.14-5.44 is installed OR kernel-azure-devel-4.12.14-5.44 is installed OR kernel-devel-azure-4.12.14-5.44 is installed OR kernel-source-azure-4.12.14-5.44 is installed OR kernel-syms-azure-4.12.14-5.44 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-numpy-1.16.1-4.8 is installed OR python2-numpy-1.16.1-4.8 is installed OR python2-numpy-devel-1.16.1-4.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed AND Package Information cluster-md-kmp-rt-4.12.14-14.8 is installed OR dlm-kmp-rt-4.12.14-14.8 is installed OR gfs2-kmp-rt-4.12.14-14.8 is installed OR kernel-devel-rt-4.12.14-14.8 is installed OR kernel-rt-4.12.14-14.8 is installed OR kernel-rt-base-4.12.14-14.8 is installed OR kernel-rt-devel-4.12.14-14.8 is installed OR kernel-rt_debug-4.12.14-14.8 is installed OR kernel-rt_debug-devel-4.12.14-14.8 is installed OR kernel-source-rt-4.12.14-14.8 is installed OR kernel-syms-rt-4.12.14-14.8 is installed OR ocfs2-kmp-rt-4.12.14-14.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information qemu-2.11.2-9.17 is installed OR qemu-arm-2.11.2-9.17 is installed OR qemu-block-curl-2.11.2-9.17 is installed OR qemu-block-iscsi-2.11.2-9.17 is installed OR qemu-block-rbd-2.11.2-9.17 is installed OR qemu-block-ssh-2.11.2-9.17 is installed OR qemu-guest-agent-2.11.2-9.17 is installed OR qemu-ipxe-1.0.0+-9.17 is installed OR qemu-kvm-2.11.2-9.17 is installed OR qemu-lang-2.11.2-9.17 is installed OR qemu-ppc-2.11.2-9.17 is installed OR qemu-s390-2.11.2-9.17 is installed OR qemu-seabios-1.11.0-9.17 is installed OR qemu-sgabios-8-9.17 is installed OR qemu-vgabios-1.11.0-9.17 is installed OR qemu-x86-2.11.2-9.17 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information libfreebl3-hmac-3.44.1-3.16 is installed OR libsoftokn3-hmac-3.44.1-3.16 is installed OR mozilla-nss-3.44.1-3.16 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs4-4.5.0-5 is installed OR nodejs4-devel-4.5.0-5 is installed OR nodejs4-docs-4.5.0-5 is installed OR npm4-4.5.0-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND supportutils-3.0-85 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information nut-cgi-2.7.1-4 is installed OR nut-devel-2.7.1-4 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information git-1.8.5.6-15.1 is installed OR git-arch-1.8.5.6-15.1 is installed OR git-core-1.8.5.6-15.1 is installed OR git-cvs-1.8.5.6-15.1 is installed OR git-daemon-1.8.5.6-15.1 is installed OR git-email-1.8.5.6-15.1 is installed OR git-gui-1.8.5.6-15.1 is installed OR git-svn-1.8.5.6-15.1 is installed OR git-web-1.8.5.6-15.1 is installed OR gitk-1.8.5.6-15.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND libpulse-devel-5.0-2.7 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information PackageKit-1.1.10-4.10 is installed OR PackageKit-gstreamer-plugin-1.1.10-4.10 is installed OR PackageKit-gtk3-module-1.1.10-4.10 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND enigmail-2.0.11-3.16 is installed
BACK