OVAL Reference oval:org.opensuse.security:def:4232

Oval Definition:

oval:org.opensuse.security:def:4232

Revision Date:	2021-11-19	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-49 (bsc#1192250) * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:	unix	Class:	patch
Status:		Reference(s):	1027519 1065600 1065729 1068059 1071995 1085030 1087303 1087931 1093447 1097108 1098369 1101499 1102230 1103203 1105026 1106191 1116319 1116320 1116322 1116324 1120163 1131390 1133021 1141122 1149032 1152472 1152489 1153274 1154353 1154488 1154492 1155518 1156395 1157119 1159058 1160634 1160673 1160922 1163581 1167171 1167773 1169790 1171634 1171688 1172108 1172177 1172182 1172184 1172186 1172197 1172205 1172247 1172418 1172745 1172871 1172963 1173351 1173376 1173377 1173378 1173380 1173455 1173468 1173485 1173668 1173798 1173813 1173954 1174002 1174003 1174026 1174205 1174247 1174362 1174387 1174421 1174484 1174625 1174645 1174689 1174699 1174737 1174757 1174762 1174770 1174771 1174777 1174805 1174824 1174825 1174852 1174865 1174880 1174897 1174906 1174969 1175009 1175010 1175011 1175012 1175013 1175014 1175015 1175016 1175017 1175018 1175019 1175020 1175021 1175052 1175112 1175116 1175128 1175149 1175175 1175176 1175180 1175181 1175182 1175183 1175184 1175185 1175186 1175187 1175188 1175189 1175190 1175191 1175192 1175195 1175199 1175213 1175232 1175263 1175284 1175296 1175344 1175345 1175346 1175347 1175367 1175377 1175440 1175493 1175546 1175550 1175557 1175654 1175664 1175665 1175671 1175691 1175768 1175769 1175770 1175771 1175772 1175774 1175775 1175834 1175873 1176569 1177409 1177412 1177413 1177414 1177582 1177916 1192250 CVE-2018-10196 CVE-2018-10853 CVE-2018-10938 CVE-2018-14629 CVE-2018-14734 CVE-2018-15471 CVE-2018-16841 CVE-2018-16851 CVE-2018-16853 CVE-2018-3760 CVE-2019-16770 CVE-2019-18904 CVE-2019-5418 CVE-2019-5419 CVE-2019-5420 CVE-2020-0543 CVE-2020-11076 CVE-2020-11077 CVE-2020-13943 CVE-2020-14314 CVE-2020-14331 CVE-2020-14356 CVE-2020-15049 CVE-2020-15169 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 CVE-2020-15705 CVE-2020-15810 CVE-2020-15811 CVE-2020-16166 CVE-2020-24606 CVE-2020-25654 CVE-2020-27670 CVE-2020-27671 CVE-2020-27672 CVE-2020-27673 CVE-2020-5247 CVE-2020-5249 CVE-2020-5267 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167 CVE-2020-8184 CVE-2020-8185 CVE-2021-38503 CVE-2021-38504 CVE-2021-38505 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-38510 SUSE-SU-2018:1994-1 SUSE-SU-2018:2935-1 SUSE-SU-2018:4066-1 SUSE-SU-2019:1437-1 SUSE-SU-2020:0278-1 SUSE-SU-2020:1902-1 SUSE-SU-2020:2307-1 SUSE-SU-2020:2346-1 SUSE-SU-2020:2442-1 SUSE-SU-2020:2486-1 SUSE-SU-2020:2928-1 SUSE-SU-2020:3049-1 SUSE-SU-2020:3054-1 SUSE-SU-2020:3069-1 SUSE-SU-2020:3160-1 SUSE-SU-2021:3745-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Availability 15 SP2 SUSE Linux Enterprise High Availability Extension 11 SP4 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 SUSE Package Hub for SUSE Linux Enterprise 12	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND libwmf-0.2.8.4-206.29.29.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information gnome-settings-daemon-3.10.2-20 is installed OR gnome-settings-daemon-lang-3.10.2-20 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed AND Package Information MozillaFirefox-91.3.0-152.6.1 is installed OR MozillaFirefox-devel-91.3.0-152.6.1 is installed OR MozillaFirefox-translations-common-91.3.0-152.6.1 is installed OR MozillaFirefox-translations-other-91.3.0-152.6.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_60-52_63-default-5-2.1 is installed OR kgraft-patch-3_12_60-52_63-xen-5-2.1 is installed OR kgraft-patch-SLE12_Update_18-5-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-97.1 is installed OR libopenssl0_9_8-0.9.8j-97.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND ctdb-4.4.2-29 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ruby2.5-rubygem-sprockets-3.7.2-3.3 is installed OR rubygem-sprockets-3.7.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP1 is installed AND Package Information crmsh-4.1.0+git.1602227275.3d680577-3.39 is installed OR crmsh-scripts-4.1.0+git.1602227275.3d680577-3.39 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP2 is installed AND Package Information cluster-md-kmp-default-5.3.18-24.12 is installed OR dlm-kmp-default-5.3.18-24.12 is installed OR gfs2-kmp-default-5.3.18-24.12 is installed OR kernel-default-5.3.18-24.12 is installed OR ocfs2-kmp-default-5.3.18-24.12 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND libvirt-4.0.0-9.32 is installed OR libvirt-admin-4.0.0-9.32 is installed OR libvirt-client-4.0.0-9.32 is installed OR libvirt-daemon-4.0.0-9.32 is installed OR libvirt-daemon-config-network-4.0.0-9.32 is installed OR libvirt-daemon-config-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-interface-4.0.0-9.32 is installed OR libvirt-daemon-driver-libxl-4.0.0-9.32 is installed OR libvirt-daemon-driver-lxc-4.0.0-9.32 is installed OR libvirt-daemon-driver-network-4.0.0-9.32 is installed OR libvirt-daemon-driver-nodedev-4.0.0-9.32 is installed OR libvirt-daemon-driver-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-qemu-4.0.0-9.32 is installed OR libvirt-daemon-driver-secret-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-core-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-disk-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-iscsi-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-logical-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-mpath-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-rbd-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-scsi-4.0.0-9.32 is installed OR libvirt-daemon-hooks-4.0.0-9.32 is installed OR libvirt-daemon-lxc-4.0.0-9.32 is installed OR libvirt-daemon-qemu-4.0.0-9.32 is installed OR libvirt-daemon-xen-4.0.0-9.32 is installed OR libvirt-devel-4.0.0-9.32 is installed OR libvirt-doc-4.0.0-9.32 is installed OR libvirt-libs-4.0.0-9.32 is installed OR libvirt-lock-sanlock-4.0.0-9.32 is installed OR libvirt-nss-4.0.0-9.32 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND libvirt-4.0.0-9.32 is installed OR libvirt-admin-4.0.0-9.32 is installed OR libvirt-client-4.0.0-9.32 is installed OR libvirt-daemon-4.0.0-9.32 is installed OR libvirt-daemon-config-network-4.0.0-9.32 is installed OR libvirt-daemon-config-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-interface-4.0.0-9.32 is installed OR libvirt-daemon-driver-libxl-4.0.0-9.32 is installed OR libvirt-daemon-driver-lxc-4.0.0-9.32 is installed OR libvirt-daemon-driver-network-4.0.0-9.32 is installed OR libvirt-daemon-driver-nodedev-4.0.0-9.32 is installed OR libvirt-daemon-driver-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-qemu-4.0.0-9.32 is installed OR libvirt-daemon-driver-secret-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-core-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-disk-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-iscsi-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-logical-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-mpath-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-rbd-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-scsi-4.0.0-9.32 is installed OR libvirt-daemon-hooks-4.0.0-9.32 is installed OR libvirt-daemon-lxc-4.0.0-9.32 is installed OR libvirt-daemon-qemu-4.0.0-9.32 is installed OR libvirt-daemon-xen-4.0.0-9.32 is installed OR libvirt-devel-4.0.0-9.32 is installed OR libvirt-doc-4.0.0-9.32 is installed OR libvirt-libs-4.0.0-9.32 is installed OR libvirt-lock-sanlock-4.0.0-9.32 is installed OR libvirt-nss-4.0.0-9.32 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_140-94_42-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_15-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_13-default-3-2 is installed OR kernel-livepatch-SLE15_Update_3-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.51-60.25.1 is installed OR kernel-ec2-devel-3.12.51-60.25.1 is installed OR kernel-ec2-extra-3.12.51-60.25.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information grub2-2.02-26.33 is installed OR grub2-x86_64-xen-2.02-26.33 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information xen-4.13.1_04-3.4 is installed OR xen-devel-4.13.1_04-3.4 is installed OR xen-tools-4.13.1_04-3.4 is installed OR xen-tools-xendomains-wait-disk-4.13.1_04-3.4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.36-4.47 is installed OR tomcat-admin-webapps-9.0.36-4.47 is installed OR tomcat-el-3_0-api-9.0.36-4.47 is installed OR tomcat-jsp-2_3-api-9.0.36-4.47 is installed OR tomcat-lib-9.0.36-4.47 is installed OR tomcat-servlet-4_0-api-9.0.36-4.47 is installed OR tomcat-webapps-9.0.36-4.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information ofed-1.5.4.1-0.11.5 is installed OR ofed-doc-1.5.4.1-0.11.5 is installed OR ofed-kmp-default-1.5.4.1_3.0.76_0.11-0.11.5 is installed OR ofed-kmp-pae-1.5.4.1_3.0.76_0.11-0.11.5 is installed OR ofed-kmp-ppc64-1.5.4.1_3.0.76_0.11-0.11.5 is installed OR ofed-kmp-trace-1.5.4.1_3.0.76_0.11-0.11.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information gpgme-1.1.6-25.32.1 is installed OR libgpgme11-1.1.6-25.32.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information MozillaFirefox-38.4.0esr-51 is installed OR MozillaFirefox-translations-38.4.0esr-51 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache2-2.4.23-14 is installed OR apache2-doc-2.4.23-14 is installed OR apache2-example-pages-2.4.23-14 is installed OR apache2-prefork-2.4.23-14 is installed OR apache2-utils-2.4.23-14 is installed OR apache2-worker-2.4.23-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libksba8-1.3.0-23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information nodejs10-10.21.0-1.21 is installed OR nodejs10-devel-10.21.0-1.21 is installed OR nodejs10-docs-10.21.0-1.21 is installed OR npm10-10.21.0-1.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND permissions-20180125-3.21 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information finch-devel-2.10.9-8.1 is installed OR libpurple-2.10.9-8.1 is installed OR libpurple-devel-2.10.9-8.1 is installed OR libpurple-lang-2.10.9-8.1 is installed OR pidgin-2.10.9-8.1 is installed OR pidgin-devel-2.10.9-8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information bind-9.9.6P1-32.1 is installed OR bind-devel-9.9.6P1-32.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information jasper-1.900.14-181.1 is installed OR libjasper-devel-1.900.14-181.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND libreoffice-sdk-5.2.5.1-42 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND argyllcms-1.6.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information NetworkManager-1.0.12-8 is installed OR NetworkManager-lang-1.0.12-8 is installed OR typelib-1_0-NM-1_0-1.0.12-8 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information NetworkManager-1.0.12-12 is installed OR NetworkManager-lang-1.0.12-12 is installed OR typelib-1_0-NM-1_0-1.0.12-12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information MozillaThunderbird-60.2.1-3.13 is installed OR MozillaThunderbird-translations-common-60.2.1-3.13 is installed OR MozillaThunderbird-translations-other-60.2.1-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.2.1-3.58 is installed OR MozillaThunderbird-translations-common-68.2.1-3.58 is installed OR MozillaThunderbird-translations-other-68.2.1-3.58 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information freerdp-2.1.2-15.7 is installed OR freerdp-devel-2.1.2-15.7 is installed OR libfreerdp2-2.1.2-15.7 is installed OR libwinpr2-2.1.2-15.7 is installed OR winpr2-devel-2.1.2-15.7 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information chromedriver-53.0.2785.89-96 is installed OR chromium-53.0.2785.89-96 is installed OR chromium-desktop-gnome-53.0.2785.89-96 is installed OR chromium-desktop-kde-53.0.2785.89-96 is installed OR chromium-ffmpegsumo-53.0.2785.89-96 is installed

BACK