OVAL Reference oval:org.opensuse.security:def:2838

Oval Definition:

oval:org.opensuse.security:def:2838

Revision Date:	2020-12-02	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues: Security issues fixed: - CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing (bsc#1173576). - CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster (bsc#1173576). - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 (bsc#1173576). - CVE-2020-12418: Information disclosure due to manipulated URL object (bsc#1173576). - CVE-2020-12419: Use-after-free in nsGlobalWindowInner (bsc#1173576). - CVE-2020-12420: Use-After-Free when trying to connect to a STUN server (bsc#1173576). - CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack (bsc#1173576). - CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates (bsc#1173576). - CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (bsc#1173576). - CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library (bsc#1173576). - CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process (bsc#1173576). - CVE-2020-12425: Out of bound read in Date.parse() (bsc#1173576). - CVE-2020-12426: Memory safety bugs fixed in Firefox 78 (bsc#1173576). - FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled (bsc#1167231). Non-security issues fixed: - Fixed interaction with freetype6 (bsc#1173613).
Family:	unix	Class:	patch
Status:		Reference(s):	1040109 1040113 1040115 1051510 1054914 1055117 1061840 1065600 1065729 1071995 1081947 1082293 1082318 1082555 1085196 1104967 1106214 1109158 1111666 1113722 1114279 1119086 1121197 1122417 1123034 1125886 1127701 1127988 1129180 1129186 1130840 1131304 1133291 1134156 1135534 1135708 1135715 1137069 1137865 1137959 1137982 1138461 1139083 1140155 1140255 1140359 1141013 1141113 1142076 1142635 1146042 1146519 1146540 1146664 1146882 1146884 1148133 1148712 1148868 1149313 1149446 1149495 1149496 1149555 1149651 1149955 1150305 1150381 1150423 1150846 1151067 1151192 1151350 1151610 1151661 1151662 1151667 1151680 1151891 1151955 1152024 1152025 1152026 1152161 1152187 1152243 1152325 1152457 1152460 1152466 1152525 1152972 1152974 1152975 1153102 1153238 1166238 1173576 1173613 1174543 353876 CVE-2017-18595 CVE-2017-9111 CVE-2017-9113 CVE-2017-9115 CVE-2019-12855 CVE-2019-12900 CVE-2019-12973 CVE-2019-13132 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-14821 CVE-2019-15291 CVE-2019-16056 CVE-2019-16935 CVE-2019-17113 CVE-2019-3835 CVE-2019-3839 CVE-2019-5481 CVE-2019-5482 CVE-2019-6237 CVE-2019-8571 CVE-2019-8583 CVE-2019-8584 CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8601 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8619 CVE-2019-8622 CVE-2019-8623 CVE-2019-9506 CVE-2019-9947 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 SUSE-SU-2019:1776-1 SUSE-SU-2019:1846-1 SUSE-SU-2019:1963-1 SUSE-SU-2019:2212-1 SUSE-SU-2019:2307-1 SUSE-SU-2019:2373-1 SUSE-SU-2019:2460-1 SUSE-SU-2019:2622-1 SUSE-SU-2019:2710-1 SUSE-SU-2019:2743-1 SUSE-SU-2020:1898-1 SUSE-SU-2020:2259-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 12 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Realtime packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Package Hub for SUSE Linux Enterprise 12	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information cron-4.2-55 is installed OR cronie-1.4.11-55 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gd-2.1.0-23 is installed OR gd-32bit-2.1.0-23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND haproxy-1.6.11-10 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information ffmpeg-3.4.2-4.12 is installed OR libavdevice57-3.4.2-4.12 is installed OR libavfilter6-3.4.2-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information MozillaFirefox-78.0.1-3.94 is installed OR MozillaFirefox-branding-SLE-78-4.14 is installed OR MozillaFirefox-devel-78.0.1-3.94 is installed OR MozillaFirefox-translations-common-78.0.1-3.94 is installed OR MozillaFirefox-translations-other-78.0.1-3.94 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 12 is installed AND Package Information libslurm29-16.05.8.1-5 is installed OR perl-slurm-16.05.8.1-5 is installed OR slurm-16.05.8.1-5 is installed OR slurm-auth-none-16.05.8.1-5 is installed OR slurm-devel-16.05.8.1-5 is installed OR slurm-doc-16.05.8.1-5 is installed OR slurm-lua-16.05.8.1-5 is installed OR slurm-munge-16.05.8.1-5 is installed OR slurm-pam_slurm-16.05.8.1-5 is installed OR slurm-plugins-16.05.8.1-5 is installed OR slurm-sched-wiki-16.05.8.1-5 is installed OR slurm-slurmdbd-16.05.8.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-25.28 is installed OR reiserfs-kmp-default-4.12.14-25.28 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-3.24 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-3.24 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-3.24 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-3.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.6 is installed OR kernel-default-livepatch-4.12.14-25.6 is installed OR kernel-livepatch-4_12_14-25_6-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_2-1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.4 is installed OR kernel-default-livepatch-4.12.14-197.4 is installed OR kernel-default-livepatch-devel-4.12.14-197.4 is installed OR kernel-livepatch-4_12_14-197_4-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_1-1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information libjavascriptcoregtk-4_0-18-32bit-2.24.2-3.27 is installed OR libwebkit2gtk-4_0-37-32bit-2.24.2-3.27 is installed OR webkit-jsc-4-2.24.2-3.27 is installed OR webkit2gtk3-2.24.2-3.27 is installed OR webkit2gtk3-minibrowser-2.24.2-3.27 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information ntp-4.2.8p15-4.10 is installed OR ntp-doc-4.2.8p15-4.10 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-pycrypto-2.6.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.8 is installed OR kernel-azure-base-4.12.14-5.8 is installed OR kernel-azure-devel-4.12.14-5.8 is installed OR kernel-devel-azure-4.12.14-5.8 is installed OR kernel-source-azure-4.12.14-5.8 is installed OR kernel-syms-azure-4.12.14-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.13 is installed OR kernel-azure-base-4.12.14-8.13 is installed OR kernel-azure-devel-4.12.14-8.13 is installed OR kernel-devel-azure-4.12.14-8.13 is installed OR kernel-source-azure-4.12.14-8.13 is installed OR kernel-syms-azure-4.12.14-8.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-2.7.14-7.14 is installed OR python-base-2.7.14-7.14 is installed OR python-curses-2.7.14-7.14 is installed OR python-devel-2.7.14-7.14 is installed OR python-gdbm-2.7.14-7.14 is installed OR python-xml-2.7.14-7.14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed AND Package Information cluster-md-kmp-rt-4.12.14-14.11 is installed OR dlm-kmp-rt-4.12.14-14.11 is installed OR gfs2-kmp-rt-4.12.14-14.11 is installed OR kernel-devel-rt-4.12.14-14.11 is installed OR kernel-rt-4.12.14-14.11 is installed OR kernel-rt-base-4.12.14-14.11 is installed OR kernel-rt-devel-4.12.14-14.11 is installed OR kernel-rt_debug-4.12.14-14.11 is installed OR kernel-rt_debug-devel-4.12.14-14.11 is installed OR kernel-source-rt-4.12.14-14.11 is installed OR kernel-syms-rt-4.12.14-14.11 is installed OR ocfs2-kmp-rt-4.12.14-14.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information dpdk-17.11.2-3.2 is installed OR dpdk-devel-17.11.2-3.2 is installed OR dpdk-kmp-default-17.11.2_k4.12.14_23-3.2 is installed OR dpdk-thunderx-17.11.2-3.2 is installed OR dpdk-thunderx-devel-17.11.2-3.2 is installed OR dpdk-thunderx-kmp-default-17.11.2_k4.12.14_23-3.2 is installed OR dpdk-tools-17.11.2-3.2 is installed OR libdpdk-17_11-0-17.11.2-3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information util-linux-systemd-2.33.1-4.5 is installed OR uuidd-2.33.1-4.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs4-4.5.0-5 is installed OR nodejs4-devel-4.5.0-5 is installed OR nodejs4-docs-4.5.0-5 is installed OR npm4-4.5.0-5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.46 is installed OR php7-7.2.5-4.46 is installed OR php7-bcmath-7.2.5-4.46 is installed OR php7-bz2-7.2.5-4.46 is installed OR php7-calendar-7.2.5-4.46 is installed OR php7-ctype-7.2.5-4.46 is installed OR php7-curl-7.2.5-4.46 is installed OR php7-dba-7.2.5-4.46 is installed OR php7-devel-7.2.5-4.46 is installed OR php7-dom-7.2.5-4.46 is installed OR php7-enchant-7.2.5-4.46 is installed OR php7-exif-7.2.5-4.46 is installed OR php7-fastcgi-7.2.5-4.46 is installed OR php7-fileinfo-7.2.5-4.46 is installed OR php7-fpm-7.2.5-4.46 is installed OR php7-ftp-7.2.5-4.46 is installed OR php7-gd-7.2.5-4.46 is installed OR php7-gettext-7.2.5-4.46 is installed OR php7-gmp-7.2.5-4.46 is installed OR php7-iconv-7.2.5-4.46 is installed OR php7-intl-7.2.5-4.46 is installed OR php7-json-7.2.5-4.46 is installed OR php7-ldap-7.2.5-4.46 is installed OR php7-mbstring-7.2.5-4.46 is installed OR php7-mysql-7.2.5-4.46 is installed OR php7-odbc-7.2.5-4.46 is installed OR php7-opcache-7.2.5-4.46 is installed OR php7-openssl-7.2.5-4.46 is installed OR php7-pcntl-7.2.5-4.46 is installed OR php7-pdo-7.2.5-4.46 is installed OR php7-pear-7.2.5-4.46 is installed OR php7-pear-Archive_Tar-7.2.5-4.46 is installed OR php7-pgsql-7.2.5-4.46 is installed OR php7-phar-7.2.5-4.46 is installed OR php7-posix-7.2.5-4.46 is installed OR php7-shmop-7.2.5-4.46 is installed OR php7-snmp-7.2.5-4.46 is installed OR php7-soap-7.2.5-4.46 is installed OR php7-sockets-7.2.5-4.46 is installed OR php7-sodium-7.2.5-4.46 is installed OR php7-sqlite-7.2.5-4.46 is installed OR php7-sysvmsg-7.2.5-4.46 is installed OR php7-sysvsem-7.2.5-4.46 is installed OR php7-sysvshm-7.2.5-4.46 is installed OR php7-tokenizer-7.2.5-4.46 is installed OR php7-wddx-7.2.5-4.46 is installed OR php7-xmlreader-7.2.5-4.46 is installed OR php7-xmlrpc-7.2.5-4.46 is installed OR php7-xmlwriter-7.2.5-4.46 is installed OR php7-xsl-7.2.5-4.46 is installed OR php7-zip-7.2.5-4.46 is installed OR php7-zlib-7.2.5-4.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_perl-2.0.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information bind-9.9.6P1-28.9.1 is installed OR bind-devel-9.9.6P1-28.9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND cifs-utils-devel-6.4-6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND osc-0.152.0-11.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information bluez-5.48-5.19 is installed OR bluez-cups-5.48-5.19 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information irssi-0.8.20-9 is installed OR irssi-devel-0.8.20-9 is installed

BACK