Oval Definition:	oval:org.opensuse.security:def:51207
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.5.0 ESR * Fixed: Various stability and security fixes - Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368) * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 (bmo#1606596) Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543, bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785) Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 Family: unix Class: patch Status: Reference(s): 1046305 1046306 1046307 1051510 1055186 1065600 1065729 1081917 1082318 1083647 1086288 1086315 1086317 1086327 1086331 1086906 1087092 1090888 1094244 1097104 1097577 1097583 1097584 1097585 1097586 1097587 1097588 1097808 1100132 1101480 1101669 1101822 1102517 1102715 1103269 1103277 1103363 1103445 1103886 1104353 1104365 1104427 1104482 1104494 1104495 1104683 1104708 1104777 1104890 1104897 1105292 1105296 1105322 1105355 1105378 1105396 1105467 1105731 1112066 1112178 1112695 1113668 1113669 1113956 1136020 1149841 1151021 1154366 1159913 1160922 1162296 1163368 1165548 1165631 1166751 1167527 1168468 1168554 1168669 1169972 1171675 1171688 1171742 1172402 1173032 1173115 1173376 1173377 1173378 1173380 1173805 1174899 1175228 1175749 1175882 1176011 1176022 1176038 1176235 1176242 1176278 1176316 1176317 1176318 1176319 1176320 1176321 1176381 1176395 1176410 1176423 1176482 1176507 1176536 1176544 1176545 1176546 1176548 1176659 1176698 1176699 1176700 1176721 1176722 1176725 1176732 1176788 1176789 1176869 1176877 1176935 1176950 1176962 1176966 1176990 1177027 1177030 1177041 1177042 1177043 1177044 1177121 1177206 1177258 1177291 1177293 1177294 1177295 1177296 1177513 1177729 1177895 1178890 1178891 802154 971975 CVE-2011-0421 CVE-2012-0037 CVE-2012-1162 CVE-2012-1163 CVE-2014-7202 CVE-2014-7203 CVE-2018-10853 CVE-2018-10902 CVE-2018-15572 CVE-2018-19131 CVE-2018-19132 CVE-2018-9363 CVE-2019-14835 CVE-2019-18904 CVE-2019-5108 CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-0556 CVE-2020-12351 CVE-2020-12402 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14381 CVE-2020-14390 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 CVE-2020-1749 CVE-2020-25212 CVE-2020-25284 CVE-2020-25641 CVE-2020-25643 CVE-2020-25645 CVE-2020-26088 CVE-2020-27153 CVE-2020-27745 CVE-2020-27746 CVE-2020-6796 CVE-2020-6797 CVE-2020-6798 CVE-2020-6799 CVE-2020-6800 SUSE-SU-2018:2538-1 SUSE-SU-2018:3786-1 SUSE-SU-2020:0383-1 SUSE-SU-2020:1179-1 SUSE-SU-2020:1556-1 SUSE-SU-2020:1850-1 SUSE-SU-2020:1888-1 SUSE-SU-2020:2905-1 SUSE-SU-2020:3034-1 SUSE-SU-2020:3506-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libX11-7.4-5.11.11 is installed OR xorg-x11-libX11-32bit-7.4-5.11.11 is installed OR xorg-x11-libX11-devel-7.4-5.11.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information lcms2-2.5-0.7 is installed OR liblcms2-2-2.5-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libraptor2-0-2.0.10-3 is installed OR raptor-2.0.10-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libHX28-3.18-1 is installed OR libHX28-32bit-3.18-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libXt6-1.1.4-3 is installed OR libXt6-32bit-1.1.4-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information finch-2.12.0-1 is installed OR libpurple-2.12.0-1 is installed OR libpurple-branding-upstream-2.12.0-1 is installed OR libpurple-lang-2.12.0-1 is installed OR libpurple-plugin-sametime-2.12.0-1 is installed OR libpurple-tcl-2.12.0-1 is installed OR pidgin-2.12.0-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information NetworkManager-1.0.12-13.6 is installed OR NetworkManager-lang-1.0.12-13.6 is installed OR libnm-glib-vpn1-1.0.12-13.6 is installed OR libnm-glib4-1.0.12-13.6 is installed OR libnm-util2-1.0.12-13.6 is installed OR libnm0-1.0.12-13.6 is installed OR typelib-1_0-NM-1_0-1.0.12-13.6 is installed OR typelib-1_0-NMClient-1_0-1.0.12-13.6 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-13.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information MozillaFirefox-68.5.0-3.72 is installed OR MozillaFirefox-devel-68.5.0-3.72 is installed OR MozillaFirefox-translations-common-68.5.0-3.72 is installed OR MozillaFirefox-translations-other-68.5.0-3.72 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information MozillaFirefox-68.9.0-3.91 is installed OR MozillaFirefox-devel-68.9.0-3.91 is installed OR MozillaFirefox-translations-common-68.9.0-3.91 is installed OR MozillaFirefox-translations-other-68.9.0-3.91 is installed Definition Synopsis SUSE Linux Enterprise Module for High Performance Computing 15 SP2 is installed AND Package Information libnss_slurm2-20.02.6-3.3 is installed OR libpmi0-20.02.6-3.3 is installed OR libslurm35-20.02.6-3.3 is installed OR perl-slurm-20.02.6-3.3 is installed OR slurm-20.02.6-3.3 is installed OR slurm-auth-none-20.02.6-3.3 is installed OR slurm-config-20.02.6-3.3 is installed OR slurm-config-man-20.02.6-3.3 is installed OR slurm-devel-20.02.6-3.3 is installed OR slurm-doc-20.02.6-3.3 is installed OR slurm-lua-20.02.6-3.3 is installed OR slurm-munge-20.02.6-3.3 is installed OR slurm-node-20.02.6-3.3 is installed OR slurm-pam_slurm-20.02.6-3.3 is installed OR slurm-plugins-20.02.6-3.3 is installed OR slurm-slurmdbd-20.02.6-3.3 is installed OR slurm-sql-20.02.6-3.3 is installed OR slurm-sview-20.02.6-3.3 is installed OR slurm-torque-20.02.6-3.3 is installed OR slurm-webdoc-20.02.6-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.61 is installed OR reiserfs-kmp-default-4.12.14-197.61 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.16 is installed OR kernel-default-livepatch-4.12.14-25.16 is installed OR kernel-livepatch-4_12_14-25_16-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_4-1-1.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_51-default-4-2 is installed OR kernel-livepatch-SLE15-SP1_Update_14-4-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND squid-4.4-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libfreebl3-hmac-3.53.1-3.45 is installed OR libsoftokn3-hmac-3.53.1-3.45 is installed OR mozilla-nss-3.53.1-3.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND clamav-0.98.7-13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_21-default-8-2 is installed OR kgraft-patch-3_12_67-60_64_21-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_10-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information python3-rpm-4.11.2-16.21 is installed OR rpm-4.11.2-16.21 is installed OR rpm-32bit-4.11.2-16.21 is installed OR rpm-build-4.11.2-16.21 is installed OR rpm-python-4.11.2-16.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cups-filters-1.0.58-17 is installed OR cups-filters-cups-browsed-1.0.58-17 is installed OR cups-filters-foomatic-rip-1.0.58-17 is installed OR cups-filters-ghostscript-1.0.58-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information rmt-server-2.5.7-3.31 is installed OR rmt-server-config-2.5.7-3.31 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information xen-4.10.4_12-3.35 is installed OR xen-devel-4.10.4_12-3.35 is installed OR xen-libs-4.10.4_12-3.35 is installed OR xen-tools-4.10.4_12-3.35 is installed OR xen-tools-domU-4.10.4_12-3.35 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information bluez-5.48-13.3 is installed OR bluez-cups-5.48-13.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information icu-52.1-8.7 is installed OR libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.52 is installed OR libopenssl1_0_0-1.0.2j-60.52 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.52 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.52 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.52 is installed OR openssl-1.0.2j-60.52 is installed OR openssl-doc-1.0.2j-60.52 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ucode-intel-20191112a-13.56 is installed
BACK