Oval Definition:oval:org.opensuse.security:def:51216
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

Security issues fixed:

- CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox - CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks - CVE-2019-7317: Use-after-free in png_image_free of libpng library - CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 - CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS - CVE-2019-9816: Type confusion with object groups and UnboxedObjects - CVE-2019-9817: Stealing of cross-domain images using canvas - CVE-2019-9818: Use-after-free in crash generation server - CVE-2019-9819: Compartment mismatch with fetch API - CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell

Non-security issues fixed:

- Font and date adjustments to accommodate the new Reiwa era in Japan - Update to Firefox ESR 60.7 (bsc#1135824)
Family:unixClass:patch
Status:Reference(s):1012382
1043912
1044189
1044231
1046302
1046306
1046307
1046543
1050244
1051510
1051858
1054914
1055014
1055117
1056686
1058659
1060463
1064232
1065600
1065729
1068032
1069138
1071995
1077761
1077989
1078720
1080157
1082555
1083647
1083663
1084332
1085042
1085262
1086282
1089663
1090528
1092903
1093389
1094244
1095344
1096748
1097105
1098459
1098822
1099922
1099999
1100000
1100001
1100132
1101557
1101669
1102346
1102870
1102875
1102877
1102879
1102882
1102896
1103363
1103387
1103421
1103948
1103949
1103961
1103990
1103992
1104172
1104353
1104745
1104824
1104967
1105247
1105524
1105536
1105597
1105603
1105672
1105907
1106007
1106016
1106105
1106121
1106170
1106178
1106191
1106229
1106230
1106231
1106233
1106235
1106236
1106237
1106238
1106240
1106291
1106297
1106333
1106369
1106426
1106427
1106464
1106509
1106511
1106594
1106636
1106688
1106697
1106743
1106779
1106800
1106890
1106891
1106892
1106893
1106894
1106896
1106897
1106898
1106899
1106900
1106901
1106902
1106903
1106905
1106906
1106948
1106995
1107008
1107060
1107061
1107065
1107073
1107074
1107078
1107265
1107319
1107320
1107522
1107535
1107689
1107735
1107756
1107870
1107924
1107945
1107966
1108010
1108093
1108243
1108520
1108870
1109269
1109511
1109837
1111666
1111974
1112178
1112374
1113956
1114279
1114685
1119680
1127611
1132549
1132664
1133021
1134090
1135824
1136157
1140747
1141895
1144333
1144903
1146539
1149841
1152107
1153108
1153158
1153161
1155419
1156510
1157424
1158187
1158755
1159285
1160659
1161561
1161951
1162002
1162928
1162929
1162931
1164078
1164507
1165111
1165404
1165488
1165527
1165631
1165741
1165813
1165873
1165929
1165950
1165980
1165984
1165985
1166003
1166101
1166102
1166103
1166104
1166632
1166658
1166730
1166731
1166732
1166733
1166734
1166735
1170011
1171078
1171456
1171457
1171458
1171673
1171732
1171868
1172257
1172775
1172781
1172782
1172783
1172999
1173265
1173280
1173514
1173567
1173573
1173659
1173999
1174000
1174052
1174115
1174462
1174543
1175070
1175071
1175074
920344
CVE-2010-3609
CVE-2012-1616
CVE-2012-4425
CVE-2014-2653
CVE-2018-10938
CVE-2018-10940
CVE-2018-1128
CVE-2018-1129
CVE-2018-12896
CVE-2018-13093
CVE-2018-13094
CVE-2018-13095
CVE-2018-14613
CVE-2018-14617
CVE-2018-16658
CVE-2018-6554
CVE-2018-6555
CVE-2019-10220
CVE-2019-11234
CVE-2019-11235
CVE-2019-11478
CVE-2019-11691
CVE-2019-11692
CVE-2019-11693
CVE-2019-11694
CVE-2019-11698
CVE-2019-15681
CVE-2019-16746
CVE-2019-17133
CVE-2019-19768
CVE-2019-20908
CVE-2019-7317
CVE-2019-9800
CVE-2019-9815
CVE-2019-9816
CVE-2019-9817
CVE-2019-9818
CVE-2019-9819
CVE-2019-9820
CVE-2020-0305
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10769
CVE-2020-10773
CVE-2020-10957
CVE-2020-10958
CVE-2020-10967
CVE-2020-11984
CVE-2020-11993
CVE-2020-12771
CVE-2020-12888
CVE-2020-13974
CVE-2020-14416
CVE-2020-15393
CVE-2020-15780
CVE-2020-1749
CVE-2020-8647
CVE-2020-8648
CVE-2020-8649
CVE-2020-9383
CVE-2020-9490
SUSE-SU-2018:2964-1
SUSE-SU-2018:2980-1
SUSE-SU-2019:1086-1
SUSE-SU-2019:1405-1
SUSE-SU-2019:1888-1
SUSE-SU-2019:2859-1
SUSE-SU-2020:0836-1
SUSE-SU-2020:0891-1
SUSE-SU-2020:1379-1
SUSE-SU-2020:2009-1
SUSE-SU-2020:2311-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-24.6.0esr-0.8 is installed
  • OR MozillaFirefox-branding-SLED-24-0.7 is installed
  • OR MozillaFirefox-translations-24.6.0esr-0.8 is installed
  • OR libfreebl3-3.16.1-0.8 is installed
  • OR libfreebl3-32bit-3.16.1-0.8 is installed
  • OR libsoftokn3-3.16.1-0.8 is installed
  • OR libsoftokn3-32bit-3.16.1-0.8 is installed
  • OR mozilla-nspr-4.10.6-0.3 is installed
  • OR mozilla-nspr-32bit-4.10.6-0.3 is installed
  • OR mozilla-nss-3.16.1-0.8 is installed
  • OR mozilla-nss-32bit-3.16.1-0.8 is installed
  • OR mozilla-nss-tools-3.16.1-0.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND argyllcms-1.6.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libXi6-1.7.4-9 is installed
  • OR libXi6-32bit-1.7.4-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libblkid1-2.28-40 is installed
  • OR libblkid1-32bit-2.28-40 is installed
  • OR libfdisk1-2.28-40 is installed
  • OR libmount1-2.28-40 is installed
  • OR libmount1-32bit-2.28-40 is installed
  • OR libsmartcols1-2.28-40 is installed
  • OR libuuid-devel-2.28-40 is installed
  • OR libuuid1-2.28-40 is installed
  • OR libuuid1-32bit-2.28-40 is installed
  • OR python-libmount-2.28-40 is installed
  • OR util-linux-2.28-40 is installed
  • OR util-linux-lang-2.28-40 is installed
  • OR util-linux-systemd-2.28-40 is installed
  • OR uuidd-2.28-40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gegl-0_2-0.2.0-14 is installed
  • OR gegl-0_2-lang-0.2.0-14 is installed
  • OR libgegl-0_2-0-0.2.0-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • augeas-1.2.0-17.3 is installed
  • OR augeas-lenses-1.2.0-17.3 is installed
  • OR libaugeas0-1.2.0-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-60.7.0-3.40 is installed
  • OR MozillaFirefox-devel-60.7.0-3.40 is installed
  • OR MozillaFirefox-translations-common-60.7.0-3.40 is installed
  • OR MozillaFirefox-translations-other-60.7.0-3.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.19 is installed
  • OR reiserfs-kmp-default-4.12.14-25.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.37 is installed
  • OR reiserfs-kmp-default-4.12.14-197.37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_16-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_4-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_4-default-3-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_1-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • freeradius-server-3.0.16-3.3 is installed
  • OR freeradius-server-devel-3.0.16-3.3 is installed
  • OR freeradius-server-krb5-3.0.16-3.3 is installed
  • OR freeradius-server-ldap-3.0.16-3.3 is installed
  • OR freeradius-server-libs-3.0.16-3.3 is installed
  • OR freeradius-server-mysql-3.0.16-3.3 is installed
  • OR freeradius-server-perl-3.0.16-3.3 is installed
  • OR freeradius-server-postgresql-3.0.16-3.3 is installed
  • OR freeradius-server-python-3.0.16-3.3 is installed
  • OR freeradius-server-sqlite-3.0.16-3.3 is installed
  • OR freeradius-server-utils-3.0.16-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • apache2-2.4.43-3.5 is installed
  • OR apache2-devel-2.4.43-3.5 is installed
  • OR apache2-doc-2.4.43-3.5 is installed
  • OR apache2-worker-2.4.43-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cups-pk-helper-0.2.5-3 is installed
  • OR cups-pk-helper-lang-0.2.5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND unrar-5.0.14-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • bzip2-1.0.6-29 is installed
  • OR bzip2-doc-1.0.6-29 is installed
  • OR libbz2-1-1.0.6-29 is installed
  • OR libbz2-1-32bit-1.0.6-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.95 is installed
  • OR kernel-default-base-4.4.121-92.95 is installed
  • OR kernel-default-devel-4.4.121-92.95 is installed
  • OR kernel-devel-4.4.121-92.95 is installed
  • OR kernel-macros-4.4.121-92.95 is installed
  • OR kernel-source-4.4.121-92.95 is installed
  • OR kernel-syms-4.4.121-92.95 is installed
  • OR lttng-modules-2.7.1-9.6 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • res-signingkeys-3.0.38-52.26 is installed
  • OR smt-3.0.38-52.26 is installed
  • OR smt-support-3.0.38-52.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND dnsmasq-2.76-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_72-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND chrony-2.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • dovecot23-2.3.10-4.22 is installed
  • OR dovecot23-backend-mysql-2.3.10-4.22 is installed
  • OR dovecot23-backend-pgsql-2.3.10-4.22 is installed
  • OR dovecot23-backend-sqlite-2.3.10-4.22 is installed
  • OR dovecot23-devel-2.3.10-4.22 is installed
  • OR dovecot23-fts-2.3.10-4.22 is installed
  • OR dovecot23-fts-lucene-2.3.10-4.22 is installed
  • OR dovecot23-fts-solr-2.3.10-4.22 is installed
  • OR dovecot23-fts-squat-2.3.10-4.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.55 is installed
  • OR kernel-default-base-4.12.14-150.55 is installed
  • OR kernel-default-devel-4.12.14-150.55 is installed
  • OR kernel-devel-4.12.14-150.55 is installed
  • OR kernel-docs-4.12.14-150.55 is installed
  • OR kernel-macros-4.12.14-150.55 is installed
  • OR kernel-obs-build-4.12.14-150.55 is installed
  • OR kernel-source-4.12.14-150.55 is installed
  • OR kernel-syms-4.12.14-150.55 is installed
  • OR kernel-vanilla-4.12.14-150.55 is installed
  • OR kernel-vanilla-base-4.12.14-150.55 is installed
  • OR reiserfs-kmp-default-4.12.14-150.55 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • kernel-default-4.4.121-92.109 is installed
  • OR kernel-default-base-4.4.121-92.109 is installed
  • OR kernel-default-devel-4.4.121-92.109 is installed
  • OR kernel-default-man-4.4.121-92.109 is installed
  • OR kernel-devel-4.4.121-92.109 is installed
  • OR kernel-macros-4.4.121-92.109 is installed
  • OR kernel-source-4.4.121-92.109 is installed
  • OR kernel-syms-4.4.121-92.109 is installed
  • OR kgraft-patch-4_4_121-92_109-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_29-1-3.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ucode-intel-20190618-13.47 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND nodejs6-6.14.4-11.18 is installed
    • BACK