OVAL Reference oval:org.opensuse.security:def:43100

Oval Definition:

oval:org.opensuse.security:def:43100

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox - CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks - CVE-2019-7317: Use-after-free in png_image_free of libpng library - CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 - CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS - CVE-2019-9816: Type confusion with object groups and UnboxedObjects - CVE-2019-9817: Stealing of cross-domain images using canvas - CVE-2019-9818: Use-after-free in crash generation server - CVE-2019-9819: Compartment mismatch with fetch API - CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell Non-security issues fixed: - Font and date adjustments to accommodate the new Reiwa era in Japan - Update to Firefox ESR 60.7 (bsc#1135824)
Family:	unix	Class:	patch
Status:		Reference(s):	1006984 1006989 1016715 1037811 1045315 1047443 1049423 1052449 1073230 1076017 1082318 1082858 1083488 1083915 1085114 1085447 1097560 1097824 1102682 1103809 1103810 1104076 1104826 1119553 1119554 1119555 1119556 1119557 1119558 1128828 1132256 1133375 1135824 1136446 1136976 1137597 1140747 1142614 1145092 1155321 1156318 1159329 1161719 1163809 1165528 1169658 1172515 1176315 977043 CVE-2012-6706 CVE-2016-10396 CVE-2016-4975 CVE-2016-8743 CVE-2017-11423 CVE-2017-13166 CVE-2017-6419 CVE-2018-0202 CVE-2018-1000004 CVE-2018-1000085 CVE-2018-1068 CVE-2018-12470 CVE-2018-12471 CVE-2018-12472 CVE-2018-4437 CVE-2018-4438 CVE-2018-4441 CVE-2018-4442 CVE-2018-4443 CVE-2018-4464 CVE-2018-5390 CVE-2018-7566 CVE-2019-10208 CVE-2019-11070 CVE-2019-11477 CVE-2019-11478 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11694 CVE-2019-11698 CVE-2019-3846 CVE-2019-6201 CVE-2019-6251 CVE-2019-7285 CVE-2019-7292 CVE-2019-7317 CVE-2019-8457 CVE-2019-8503 CVE-2019-8506 CVE-2019-8515 CVE-2019-8524 CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9800 CVE-2019-9815 CVE-2019-9816 CVE-2019-9817 CVE-2019-9818 CVE-2019-9819 CVE-2019-9820 CVE-2019-9893 CVE-2019-9928 CVE-2020-10018 CVE-2020-11793 CVE-2020-17507 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 SUSE-SU-2018:0424-1 SUSE-SU-2018:0809-1 SUSE-SU-2018:1031-1 SUSE-SU-2018:2898-2 SUSE-SU-2019:0146-1 SUSE-SU-2019:1155-1 SUSE-SU-2019:1388-1 SUSE-SU-2019:2159-1 SUSE-SU-2019:2941-1 SUSE-SU-2020:1135-1 SUSE-SU-2020:2760-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Containers 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information cracklib-2.9.6-lp150.2 is installed OR libcrack2-2.9.6-lp150.2 is installed OR libcrack2-32bit-2.9.6-lp150.2 is installed
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information MozillaFirefox-52.7-78 is installed OR MozillaFirefox-branding-upstream-52.7-78 is installed OR MozillaFirefox-buildsymbols-52.7-78 is installed OR MozillaFirefox-devel-52.7-78 is installed OR MozillaFirefox-translations-common-52.7-78 is installed OR MozillaFirefox-translations-other-52.7-78 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information coreutils-8.12-6.25.29 is installed OR coreutils-lang-8.12-6.25.29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.508-0.14 is installed OR flash-player-gnome-11.2.202.508-0.14 is installed OR flash-player-kde4-11.2.202.508-0.14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gimp-2.8.10-1 is installed OR gimp-lang-2.8.10-1 is installed OR gimp-plugins-python-2.8.10-1 is installed OR libgimp-2_0-0-2.8.10-1 is installed OR libgimpui-2_0-0-2.8.10-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND coolkey-1.1.0-147 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ecryptfs-utils-103-7 is installed OR ecryptfs-utils-32bit-103-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information openssh-7.2p2-69 is installed OR openssh-helpers-7.2p2-69 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libssh-devel-0.7.5-4 is installed OR libssh4-0.7.5-4 is installed OR libssh4-32bit-0.7.5-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information giflib-devel-5.1.4-2 is installed OR libgif7-5.1.4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 is installed AND docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-6.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information conky-1.10.6-1 is installed OR conky-doc-1.10.6-1 is installed OR vim-plugin-conky-1.10.6-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information conky-1.10.6-1 is installed OR conky-doc-1.10.6-1 is installed OR vim-plugin-conky-1.10.6-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND cups-ddk-2.2.7-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information openldap2-2.4.46-9.19 is installed OR openldap2-back-meta-2.4.46-9.19 is installed OR openldap2-back-perl-2.4.46-9.19 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND gv-3.7.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-23-default-6-16 is installed OR kernel-livepatch-SLE15_Update_0-6-16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_21-default-4-2 is installed OR kernel-livepatch-SLE15-SP1_Update_6-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information bluez-5.48-5.8 is installed OR bluez-auto-enable-devices-5.48-5.8 is installed OR bluez-test-5.48-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information libvirt-5.1.0-8.3 is installed OR wireshark-plugin-libvirt-5.1.0-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND aws-cli-1.16.61-6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information subversion-1.10.0-3.3 is installed OR subversion-server-1.10.0-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information gnuplot-5.2.2-3.3 is installed OR gnuplot-doc-5.2.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND jakarta-commons-fileupload-1.1.1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information libvirt-1.2.5-21 is installed OR libvirt-client-1.2.5-21 is installed OR libvirt-daemon-1.2.5-21 is installed OR libvirt-daemon-config-network-1.2.5-21 is installed OR libvirt-daemon-config-nwfilter-1.2.5-21 is installed OR libvirt-daemon-driver-interface-1.2.5-21 is installed OR libvirt-daemon-driver-libxl-1.2.5-21 is installed OR libvirt-daemon-driver-lxc-1.2.5-21 is installed OR libvirt-daemon-driver-network-1.2.5-21 is installed OR libvirt-daemon-driver-nodedev-1.2.5-21 is installed OR libvirt-daemon-driver-nwfilter-1.2.5-21 is installed OR libvirt-daemon-driver-qemu-1.2.5-21 is installed OR libvirt-daemon-driver-secret-1.2.5-21 is installed OR libvirt-daemon-driver-storage-1.2.5-21 is installed OR libvirt-daemon-lxc-1.2.5-21 is installed OR libvirt-daemon-qemu-1.2.5-21 is installed OR libvirt-daemon-xen-1.2.5-21 is installed OR libvirt-doc-1.2.5-21 is installed OR libvirt-lock-sanlock-1.2.5-21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.10-14 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.10-14 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.10-14 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.10-14 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND MozillaFirefox-60.7.0-109.72 is installed OR MozillaFirefox-devel-60.7.0-109.72 is installed OR MozillaFirefox-translations-common-60.7.0-109.72 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS is installed AND MozillaFirefox-60.7.0-109.72 is installed OR MozillaFirefox-devel-60.7.0-109.72 is installed OR MozillaFirefox-translations-common-60.7.0-109.72 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-9-2 is installed OR kgraft-patch-3_12_69-60_64_32-xen-9-2 is installed OR kgraft-patch-SLE12-SP1_Update_13-9-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP2 is installed AND ipsec-tools-0.8.0-19.3 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND ipsec-tools-0.8.0-19.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache-commons-daemon-1.0.15-4 is installed OR apache-commons-daemon-javadoc-1.0.15-4 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP2-BCL is installed AND res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL is installed AND res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS is installed AND apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND kgraft-patch-4_4_103-92_56-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-4-2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS is installed AND kgraft-patch-4_4_103-92_56-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-devel-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gnutls-3.3.27-1 is installed OR libgnutls-openssl27-3.3.27-1 is installed OR libgnutls28-3.3.27-1 is installed OR libgnutls28-32bit-3.3.27-1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-BCL is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND kgraft-patch-4_4_180-94_100-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS is installed AND kgraft-patch-4_4_180-94_100-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND MozillaFirefox-68.9.0-109.123 is installed OR MozillaFirefox-translations-common-68.9.0-109.123 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS is installed AND MozillaFirefox-68.9.0-109.123 is installed OR MozillaFirefox-translations-common-68.9.0-109.123 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND perl-Mail-SpamAssassin-3.4.2-44.3 is installed OR spamassassin-3.4.2-44.3 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND perl-Mail-SpamAssassin-3.4.2-44.3 is installed OR spamassassin-3.4.2-44.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND libpolkit0-0.113-5.15 is installed OR polkit-0.113-5.15 is installed OR typelib-1_0-Polkit-1_0-0.113-5.15 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND libpolkit0-0.113-5.15 is installed OR polkit-0.113-5.15 is installed OR typelib-1_0-Polkit-1_0-0.113-5.15 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND bluez-5.13-5.20 is installed OR libbluetooth3-5.13-5.20 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND bluez-5.13-5.20 is installed OR libbluetooth3-5.13-5.20 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND libosip2-3.5.0-20 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information PackageKit-1.1.3-24.6 is installed OR PackageKit-gstreamer-plugin-1.1.3-24.6 is installed OR PackageKit-gtk3-module-1.1.3-24.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information libwebkit2gtk3-lang-2.22.5-2.32 is installed OR webkit2gtk3-2.22.5-2.32 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND Package Information evolution-3.22.6-19.9 is installed OR evolution-lang-3.22.6-19.9 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND kernel-default-extra-4.12.14-23 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information libproxy1-config-gnome3-0.4.15-2 is installed OR libproxy1-networkmanager-0.4.15-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-multi_xml-0.5.5-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openstack-nova-14.0.10~dev13-4.11 is installed OR openstack-nova-api-14.0.10~dev13-4.11 is installed OR openstack-nova-cells-14.0.10~dev13-4.11 is installed OR openstack-nova-cert-14.0.10~dev13-4.11 is installed OR openstack-nova-compute-14.0.10~dev13-4.11 is installed OR openstack-nova-conductor-14.0.10~dev13-4.11 is installed OR openstack-nova-console-14.0.10~dev13-4.11 is installed OR openstack-nova-consoleauth-14.0.10~dev13-4.11 is installed OR openstack-nova-doc-14.0.10~dev13-4.11 is installed OR openstack-nova-novncproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-placement-api-14.0.10~dev13-4.11 is installed OR openstack-nova-scheduler-14.0.10~dev13-4.11 is installed OR openstack-nova-serialproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-vncproxy-14.0.10~dev13-4.11 is installed OR python-nova-14.0.10~dev13-4.11 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.4-11.18 is installed

BACK