Oval Definition:	oval:org.opensuse.security:def:2845
Revision Date: 2020-12-02 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes (bsc#1174538) * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker * CVE-2020-6514: WebRTC data channel leaks internal address to peer * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy * CVE-2020-15653: Bypassing iframe sandbox when allowing popups * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture * CVE-2020-15656: Type confusion for special arguments in IonMonkey * CVE-2020-15658: Overriding file type when saving to disk * CVE-2020-15657: DLL hijacking due to incorrect loading path * CVE-2020-15654: Custom cursor can overlay user interface * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1 Family: unix Class: patch Status: Reference(s): 1082318 1109412 1109413 1109414 1111996 1112534 1112535 1113247 1113252 1113255 1116827 1118644 1118830 1118831 1120640 1121034 1121035 1121056 1124593 1126088 1128828 1131314 1131553 1132666 1132767 1133131 1133232 1134444 1135350 1135584 1136035 1137503 1138172 1138173 1138939 1139937 1140491 1141174 1141913 1142614 1142772 1145093 1145617 1145618 1145759 1146608 1146656 1147132 1148742 1149093 1150011 1150406 1151439 1151990 1151991 1151992 1151993 1151994 1151995 1152002 1152308 1152590 1154016 1154025 1174538 CVE-2017-18594 CVE-2018-1000876 CVE-2018-15173 CVE-2018-17358 CVE-2018-17359 CVE-2018-17360 CVE-2018-17985 CVE-2018-18309 CVE-2018-18483 CVE-2018-18484 CVE-2018-18605 CVE-2018-18606 CVE-2018-18607 CVE-2018-19931 CVE-2018-19932 CVE-2018-20623 CVE-2018-20651 CVE-2018-20671 CVE-2018-20843 CVE-2018-6323 CVE-2018-6543 CVE-2018-6759 CVE-2018-6872 CVE-2018-7208 CVE-2018-7568 CVE-2018-7569 CVE-2018-7570 CVE-2018-7642 CVE-2018-7643 CVE-2018-8945 CVE-2019-1010180 CVE-2019-10222 CVE-2019-11039 CVE-2019-11040 CVE-2019-12904 CVE-2019-14822 CVE-2019-14973 CVE-2019-16884 CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2019-7164 CVE-2019-7548 CVE-2019-9893 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-6463 CVE-2020-6514 SUSE-SU-2019:1832-1 SUSE-SU-2019:1835-1 SUSE-SU-2019:1971-1 SUSE-SU-2019:2020-1 SUSE-SU-2019:2253-1 SUSE-SU-2019:2387-1 SUSE-SU-2019:2425-1 SUSE-SU-2019:2517-1 SUSE-SU-2019:2736-1 SUSE-SU-2019:2779-1 SUSE-SU-2019:2810-1 SUSE-SU-2020:2118-1 SUSE-SU-2020:2744-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information openstack-cinder-2014.2.3.dev13-1 is installed OR openstack-cinder-volume-2014.2.3.dev13-1 is installed OR python-cinder-2014.2.3.dev13-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information dbus-1-1.8.8-1 is installed OR dbus-1-x11-1.8.8-1 is installed OR libdbus-1-3-1.8.8-1 is installed OR libdbus-1-3-32bit-1.8.8-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information kernel-default-4.4.49-92.11 is installed OR kernel-default-devel-4.4.49-92.11 is installed OR kernel-default-extra-4.4.49-92.11 is installed OR kernel-devel-4.4.49-92.11 is installed OR kernel-macros-4.4.49-92.11 is installed OR kernel-source-4.4.49-92.11 is installed OR kernel-syms-4.4.49-92.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND python-requests-2.8.1-6.16 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND tiff-4.0.9-5.20 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND facter-2.0.2-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information MozillaFirefox-78.1.0-3.100 is installed OR MozillaFirefox-devel-78.1.0-3.100 is installed OR MozillaFirefox-translations-common-78.1.0-3.100 is installed OR MozillaFirefox-translations-other-78.1.0-3.100 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.1-5 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information libncurses5-6.1-5.6 is installed OR libncurses5-32bit-6.1-5.6 is installed OR ncurses-6.1-5.6 is installed OR ncurses5-devel-6.1-5.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.7 is installed OR reiserfs-kmp-default-4.12.14-197.7 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-3-2 is installed OR kernel-livepatch-SLE15_Update_1-3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_4-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_1-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information php7-7.2.5-4.35 is installed OR php7-embed-7.2.5-4.35 is installed OR php7-readline-7.2.5-4.35 is installed OR php7-sodium-7.2.5-4.35 is installed OR php7-tidy-7.2.5-4.35 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information opencv-3.3.1-6.6 is installed OR opencv-doc-3.3.1-6.6 is installed OR python2-opencv-3.3.1-6.6 is installed OR python3-opencv-3.3.1-6.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.33 is installed OR kernel-azure-base-4.12.14-5.33 is installed OR kernel-azure-devel-4.12.14-5.33 is installed OR kernel-devel-azure-4.12.14-5.33 is installed OR kernel-source-azure-4.12.14-5.33 is installed OR kernel-syms-azure-4.12.14-5.33 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information cloud-init-19.2-8.11 is installed OR cloud-init-config-suse-19.2-8.11 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-requests-2.20.1-6.3 is installed OR python2-requests-2.20.1-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.3 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information libvirt-5.1.0-8.3 is installed OR libvirt-admin-5.1.0-8.3 is installed OR libvirt-bash-completion-5.1.0-8.3 is installed OR libvirt-client-5.1.0-8.3 is installed OR libvirt-daemon-5.1.0-8.3 is installed OR libvirt-daemon-config-network-5.1.0-8.3 is installed OR libvirt-daemon-config-nwfilter-5.1.0-8.3 is installed OR libvirt-daemon-driver-interface-5.1.0-8.3 is installed OR libvirt-daemon-driver-libxl-5.1.0-8.3 is installed OR libvirt-daemon-driver-lxc-5.1.0-8.3 is installed OR libvirt-daemon-driver-network-5.1.0-8.3 is installed OR libvirt-daemon-driver-nodedev-5.1.0-8.3 is installed OR libvirt-daemon-driver-nwfilter-5.1.0-8.3 is installed OR libvirt-daemon-driver-qemu-5.1.0-8.3 is installed OR libvirt-daemon-driver-secret-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-core-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-disk-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-iscsi-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-logical-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-mpath-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-rbd-5.1.0-8.3 is installed OR libvirt-daemon-driver-storage-scsi-5.1.0-8.3 is installed OR libvirt-daemon-hooks-5.1.0-8.3 is installed OR libvirt-daemon-lxc-5.1.0-8.3 is installed OR libvirt-daemon-qemu-5.1.0-8.3 is installed OR libvirt-daemon-xen-5.1.0-8.3 is installed OR libvirt-devel-5.1.0-8.3 is installed OR libvirt-doc-5.1.0-8.3 is installed OR libvirt-lock-sanlock-5.1.0-8.3 is installed OR libvirt-nss-5.1.0-8.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9 is installed OR gcc5-5.3.1+r233831-9 is installed OR gcc5-c++-5.3.1+r233831-9 is installed OR gcc5-fortran-5.3.1+r233831-9 is installed OR gcc5-info-5.3.1+r233831-9 is installed OR gcc5-locale-5.3.1+r233831-9 is installed OR libffi-devel-gcc5-5.3.1+r233831-9 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs4-4.5.0-5 is installed OR nodejs4-devel-4.5.0-5 is installed OR nodejs4-docs-4.5.0-5 is installed OR npm4-4.5.0-5 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.11.3-3.5 is installed OR nodejs8-devel-8.11.3-3.5 is installed OR nodejs8-docs-8.11.3-3.5 is installed OR npm8-8.11.3-3.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.16.0-1.9 is installed OR nodejs10-devel-10.16.0-1.9 is installed OR nodejs10-docs-10.16.0-1.9 is installed OR npm10-10.16.0-1.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache2-2.4.16-5 is installed OR apache2-doc-2.4.16-5 is installed OR apache2-example-pages-2.4.16-5 is installed OR apache2-prefork-2.4.16-5 is installed OR apache2-utils-2.4.16-5 is installed OR apache2-worker-2.4.16-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bash-4.3-82 is installed OR bash-doc-4.3-82 is installed OR libreadline6-6.3-82 is installed OR libreadline6-32bit-6.3-82 is installed OR readline-doc-6.3-82 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information libvirt-1.2.5-27.10.1 is installed OR libvirt-devel-1.2.5-27.10.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND dhcp-devel-4.3.3-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND postgresql94-devel-9.4.9-14.1 is installed
BACK