OVAL Reference oval:org.opensuse.security:def:50631

Oval Definition:

oval:org.opensuse.security:def:50631

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868). - CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868). - CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868). - CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868). - CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868). - CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868). - CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868). - CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868). - CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868). - CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868). mozilla-nss to version 3.44.1: Added IPSEC IKE support to softoken * Many new FIPS test cases
Family:	unix	Class:	patch
Status:		Reference(s):	1044231 1051510 1051858 1054914 1055117 1056686 1060463 1061840 1065600 1065729 1071995 1082555 1083647 1085030 1103990 1103992 1104353 1104745 1104967 1107424 1109158 1109837 1109911 1111666 1111974 1112178 1112374 1113722 1113956 1114279 1114592 1114685 1119086 1119680 1120386 1122292 1122299 1123034 1127611 1127988 1129403 1131304 1132665 1133021 1134090 1135114 1135254 1136157 1137069 1137865 1137959 1140155 1140868 1141013 1141780 1141782 1141783 1141785 1141787 1141789 1141895 1141897 1142076 1142635 1142649 1142654 1144065 1144333 1145051 1146042 1146090 1146091 1146093 1146094 1146095 1146097 1146099 1146100 1146519 1146539 1146540 1146664 1147021 1148133 1148517 1148712 1148868 1149145 1149313 1149332 1149446 1149555 1149651 1150381 1150423 1151350 1151582 1151610 1151667 1151680 1151891 1151955 1152024 1152025 1152026 1152161 1152325 1152457 1152460 1152466 1152972 1152974 1152975 1153108 1154804 1154805 1155198 1155205 1155298 1155678 1155819 1156158 1156317 1156321 1157292 1157377 1157424 1157770 1157893 1158187 1158763 1158983 1158996 1159198 1159285 1160659 1161561 1161951 1162171 1162629 1162632 1162929 1162931 1163102 1163103 1163104 1164078 1164507 1164777 1164780 1164893 1165019 1165111 1165182 1165185 1165211 1165280 1165289 1165404 1165488 1165527 1165741 1165813 1165823 1165873 1165929 1165949 1165950 1165980 1165984 1165985 1166003 1166101 1166102 1166103 1166104 1166238 1166632 1166730 1166731 1166732 1166733 1166734 1166735 1166982 1167005 1167216 1167290 1167316 1167421 1167423 1167627 1167629 1168075 1168273 1168276 1168295 1168367 1168424 1168443 1168552 1168829 1168854 1169013 1169307 1169308 1171252 1171254 1172405 CVE-2017-18595 CVE-2018-11212 CVE-2018-16548 CVE-2019-10214 CVE-2019-10220 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-13272 CVE-2019-14250 CVE-2019-14821 CVE-2019-15239 CVE-2019-15291 CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-15847 CVE-2019-18900 CVE-2019-19126 CVE-2019-19768 CVE-2019-19770 CVE-2019-20503 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-3701 CVE-2019-4473 CVE-2019-7317 CVE-2019-9458 CVE-2019-9506 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 CVE-2019-9811 CVE-2020-10942 CVE-2020-11494 CVE-2020-12653 CVE-2020-12654 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 CVE-2020-8022 CVE-2020-8647 CVE-2020-8649 CVE-2020-8834 CVE-2020-9383 SUSE-SU-2019:1869-1 SUSE-SU-2019:2259-1 SUSE-SU-2019:2291-1 SUSE-SU-2019:2340-1 SUSE-SU-2019:2706-1 SUSE-SU-2019:2750-1 SUSE-SU-2019:3061-1 SUSE-SU-2019:3249-1 SUSE-SU-2020:0262-1 SUSE-SU-2020:0432-1 SUSE-SU-2020:0455-1 SUSE-SU-2020:0622-1 SUSE-SU-2020:0686-1 SUSE-SU-2020:1123-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND vorbis-tools-1.1.1-174 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND lxc-0.8.0-0.25 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information dia-0.97.2-13 is installed OR dia-lang-0.97.2-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information finch-2.10.9-8 is installed OR libpurple-2.10.9-8 is installed OR libpurple-lang-2.10.9-8 is installed OR libpurple-meanwhile-2.10.9-8 is installed OR libpurple-tcl-2.10.9-8 is installed OR pidgin-2.10.9-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bind-libs-9.9.9P1-46 is installed OR bind-libs-32bit-9.9.9P1-46 is installed OR bind-utils-9.9.9P1-46 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND libusbmuxd4-1.0.10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information empathy-3.12.13-8.3 is installed OR empathy-lang-3.12.13-8.3 is installed OR telepathy-mission-control-plugin-goa-3.12.13-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information libsolv-0.7.10-3.13 is installed OR python-solv-0.7.10-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libfreebl3-3.44.1-3.16 is installed OR libfreebl3-32bit-3.44.1-3.16 is installed OR libsoftokn3-3.44.1-3.16 is installed OR libsoftokn3-32bit-3.44.1-3.16 is installed OR mozilla-nss-3.44.1-3.16 is installed OR mozilla-nss-32bit-3.44.1-3.16 is installed OR mozilla-nss-certs-3.44.1-3.16 is installed OR mozilla-nss-certs-32bit-3.44.1-3.16 is installed OR mozilla-nss-devel-3.44.1-3.16 is installed OR mozilla-nss-sysinit-3.44.1-3.16 is installed OR mozilla-nss-tools-3.44.1-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-150.38 is installed OR reiserfs-kmp-default-4.12.14-150.38 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_22-default-5-2 is installed OR kernel-livepatch-SLE15_Update_11-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_18-default-6-2 is installed OR kernel-livepatch-SLE15-SP1_Update_5-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-3.24 is installed OR java-1_8_0-ibm-32bit-1.8.0_sr5.40-3.24 is installed OR java-1_8_0-ibm-demo-1.8.0_sr5.40-3.24 is installed OR java-1_8_0-ibm-devel-32bit-1.8.0_sr5.40-3.24 is installed OR java-1_8_0-ibm-src-1.8.0_sr5.40-3.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND skopeo-0.1.32-4.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.16.3-1.12 is installed OR nodejs10-devel-10.16.3-1.12 is installed OR nodejs10-docs-10.16.3-1.12 is installed OR npm10-10.16.3-1.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information coreutils-8.22-9 is installed OR coreutils-lang-8.22-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND unrar-5.0.14-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information file-5.19-9 is installed OR file-magic-5.19-9 is installed OR libmagic1-5.19-9 is installed OR libmagic1-32bit-5.19-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_05-43.42 is installed OR xen-doc-html-4.7.6_05-43.42 is installed OR xen-libs-4.7.6_05-43.42 is installed OR xen-libs-32bit-4.7.6_05-43.42 is installed OR xen-tools-4.7.6_05-43.42 is installed OR xen-tools-domU-4.7.6_05-43.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information pam_pkcs11-0.6.8-7.5 is installed OR pam_pkcs11-32bit-0.6.8-7.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information evince-3.20.2-6.22 is installed OR evince-browser-plugin-3.20.2-6.22 is installed OR evince-lang-3.20.2-6.22 is installed OR evince-plugin-djvudocument-3.20.2-6.22 is installed OR evince-plugin-dvidocument-3.20.2-6.22 is installed OR evince-plugin-pdfdocument-3.20.2-6.22 is installed OR evince-plugin-psdocument-3.20.2-6.22 is installed OR evince-plugin-tiffdocument-3.20.2-6.22 is installed OR evince-plugin-xpsdocument-3.20.2-6.22 is installed OR libevdocument3-4-3.20.2-6.22 is installed OR libevview3-3-3.20.2-6.22 is installed OR nautilus-evince-3.20.2-6.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libdcerpc-binding0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-binding0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-samr-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-samr0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-krb5pac-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-krb5pac0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-krb5pac0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-nbt-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-nbt0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-nbt0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-standard-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-standard0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-standard0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libnetapi-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libnetapi0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libnetapi0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-credentials-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-credentials0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-credentials0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-errors-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-errors0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-errors0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-hostconfig-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-hostconfig0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-hostconfig0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-passdb-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-passdb0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-passdb0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-policy-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-policy0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-util-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-util0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-util0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamdb-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamdb0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamdb0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbclient-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbclient0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbclient0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbconf-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbconf0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbconf0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbldap-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbldap2-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbldap2-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libtevent-util-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libtevent-util0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libtevent-util0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libwbclient-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libwbclient0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libwbclient0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-client-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-client-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-core-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-libs-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-libs-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-winbind-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-winbind-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information gstreamer-plugins-base-1.12.5-3.3 is installed OR gstreamer-plugins-base-lang-1.12.5-3.3 is installed OR libgstallocators-1_0-0-1.12.5-3.3 is installed OR libgstapp-1_0-0-1.12.5-3.3 is installed OR libgstaudio-1_0-0-1.12.5-3.3 is installed OR libgstfft-1_0-0-1.12.5-3.3 is installed OR libgstpbutils-1_0-0-1.12.5-3.3 is installed OR libgstriff-1_0-0-1.12.5-3.3 is installed OR libgstrtp-1_0-0-1.12.5-3.3 is installed OR libgstrtsp-1_0-0-1.12.5-3.3 is installed OR libgstsdp-1_0-0-1.12.5-3.3 is installed OR libgsttag-1_0-0-1.12.5-3.3 is installed OR libgstvideo-1_0-0-1.12.5-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information libraw-0.18.9-3.8 is installed OR libraw-devel-0.18.9-3.8 is installed OR libraw16-0.18.9-3.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information xen-4.5.5_18-22.31 is installed OR xen-doc-html-4.5.5_18-22.31 is installed OR xen-kmp-default-4.5.5_18_k3.12.74_60.64.60-22.31 is installed OR xen-libs-4.5.5_18-22.31 is installed OR xen-libs-32bit-4.5.5_18-22.31 is installed OR xen-tools-4.5.5_18-22.31 is installed OR xen-tools-domU-4.5.5_18-22.31 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information dbus-1-1.8.22-29.17 is installed OR dbus-1-x11-1.8.22-29.17 is installed OR libdbus-1-3-1.8.22-29.17 is installed OR libdbus-1-3-32bit-1.8.22-29.17 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-urllib3-1.22-5.6 is installed

BACK