Oval Definition:oval:org.opensuse.security:def:51226
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872)

- CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

Family:unixClass:patch
Status:Reference(s):1010979
1010980
1020451
1020456
1020458
1020460
1045450
1050549
1051510
1052904
1053043
1055117
1055121
1057152
1058115
1061840
1065600
1065729
1070872
1071995
1082555
1083647
1085030
1085535
1085536
1088278
1088804
1094244
1097583
1097584
1097585
1097586
1097587
1097588
1100132
1103098
1103259
1104129
1111331
1112128
1112178
1113399
1113722
1114279
1114498
1114542
1114638
1115637
1117328
1119086
1119680
1120318
1120805
1120807
1120902
1122767
1123105
1125342
1126068
1126069
1126221
1126356
1126704
1126740
1127175
1127371
1127372
1127374
1127378
1127445
1128415
1128544
1129276
1129770
1130130
1130154
1130195
1130335
1130336
1130337
1130338
1130425
1130427
1130518
1130527
1130567
1131062
1131107
1131167
1131168
1131169
1131170
1131171
1131172
1131173
1131174
1131175
1131176
1131177
1131178
1131179
1131180
1131290
1131335
1131336
1131416
1131427
1131442
1131467
1131574
1131587
1131659
1131673
1131847
1131848
1131851
1131900
1131934
1131935
1132083
1132219
1132226
1132227
1132365
1132368
1132369
1132370
1132372
1132373
1132384
1132397
1132402
1132403
1132404
1132405
1132407
1132411
1132412
1132413
1132414
1132426
1132527
1132531
1132555
1132558
1132561
1132562
1132563
1132564
1132570
1132571
1132572
1132589
1132618
1132681
1132726
1132828
1132943
1133005
1133094
1133095
1133115
1133149
1133185
1133486
1133529
1133584
1133667
1133668
1133672
1133674
1133675
1133698
1133702
1133731
1133769
1133772
1133774
1133778
1133779
1133780
1133825
1133850
1133851
1133852
1138872
1140750
1148868
1149841
1151021
1152472
1152489
1153108
1153274
1154353
1154492
1155518
1155798
1156317
1156321
1156395
1157169
1157770
1158050
1158242
1158265
1158748
1158765
1158983
1159781
1159867
1160947
1161495
1162002
1162063
1162400
1162702
1164648
1164777
1164780
1165211
1165933
1165975
1166985
1167104
1167651
1167773
1168230
1168779
1168838
1168959
1169021
1169094
1169194
1169514
1169681
1169771
1170011
1170284
1170442
1170617
1170774
1170879
1170891
1170895
1171150
1171189
1171191
1171219
1171220
1171246
1171417
1171513
1171529
1171530
1171662
1171688
1171699
1171732
1171739
1171743
1171759
1171828
1171857
1171868
1171904
1171915
1171982
1171983
1171988
1172017
1172046
1172061
1172062
1172063
1172064
1172065
1172066
1172067
1172068
1172069
1172073
1172086
1172095
1172169
1172170
1172201
1172208
1172223
1172342
1172343
1172344
1172365
1172366
1172374
1172391
1172393
1172394
1172453
1172458
1172461
1172467
1172484
1172506
1172537
1172543
1172687
1172719
1172739
1172751
1172759
1172775
1172781
1172782
1172783
1172814
1172823
1172841
1172871
1172938
1172939
1172940
1172956
1172983
1172984
1172985
1172986
1172987
1172988
1172989
1172990
1172999
1173060
1173068
1173074
1173085
1173139
1173206
1173271
1173280
1173284
1173428
1173438
1173461
1173514
1173552
1173573
1173625
1173746
1173776
1173817
1173818
1173820
1173822
1173823
1173824
1173825
1173826
1173827
1173828
1173830
1173831
1173832
1173833
1173834
1173836
1173837
1173838
1173839
1173841
1173843
1173844
1173845
1173847
1173849
1173860
1173894
1173941
1174018
1174072
1174116
1174126
1174127
1174128
1174129
1174185
1174244
1174263
1174264
1174331
1174332
1174333
1174345
1174356
1174396
1174398
1174407
1174409
1174411
1174438
1174462
1174513
1174527
1174543
1174627
1174922
1174923
1175568
962849
CVE-2009-1885
CVE-2009-3627
CVE-2013-0221
CVE-2013-0222
CVE-2013-0223
CVE-2014-3230
CVE-2016-9398
CVE-2016-9399
CVE-2017-14132
CVE-2017-5499
CVE-2017-5503
CVE-2017-5504
CVE-2017-5505
CVE-2017-9782
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16880
CVE-2018-18873
CVE-2018-19139
CVE-2018-19543
CVE-2018-20570
CVE-2018-20622
CVE-2018-5391
CVE-2018-5740
CVE-2018-5743
CVE-2018-5745
CVE-2018-9252
CVE-2019-10220
CVE-2019-11091
CVE-2019-11708
CVE-2019-13272
CVE-2019-13314
CVE-2019-14835
CVE-2019-15239
CVE-2019-19462
CVE-2019-20810
CVE-2019-20812
CVE-2019-3882
CVE-2019-6465
CVE-2019-9003
CVE-2019-9500
CVE-2019-9503
CVE-2020-0305
CVE-2020-10135
CVE-2020-10711
CVE-2020-10732
CVE-2020-10751
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10773
CVE-2020-10781
CVE-2020-12656
CVE-2020-12673
CVE-2020-12674
CVE-2020-12769
CVE-2020-12771
CVE-2020-12888
CVE-2020-13143
CVE-2020-13777
CVE-2020-13974
CVE-2020-14416
CVE-2020-15393
CVE-2020-15780
CVE-2020-8027
SUSE-SU-2018:3881-1
SUSE-SU-2019:1407-1
SUSE-SU-2019:1682-1
SUSE-SU-2019:3249-1
SUSE-SU-2020:1584-1
SUSE-SU-2020:2266-1
SUSE-SU-2020:2689-1
SUSE-SU-2020:2712-1
SUSE-SU-2020:3045-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP2
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Live Patching 15 SP2
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-17.0.9esr-0.3 is installed
  • OR MozillaFirefox-translations-17.0.9esr-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND libaugeas0-0.9.0-3.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • coreutils-8.22-5 is installed
  • OR coreutils-lang-8.22-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libXxf86vm1-1.1.3-3 is installed
  • OR libXxf86vm1-32bit-1.1.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libfreetype6-2.6.3-7.8 is installed
  • OR libfreetype6-32bit-2.6.3-7.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gpg2-2.0.24-8 is installed
  • OR gpg2-lang-2.0.24-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • ceph-common-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR libcephfs2-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR librados2-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR libradosstriper1-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR librbd1-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR librgw2-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-cephfs-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-rados-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-rbd-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-rgw-12.2.8+git.1536505967.080f2248ff-2.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-3.48 is installed
  • OR MozillaFirefox-devel-60.7.2-3.48 is installed
  • OR MozillaFirefox-translations-common-60.7.2-3.48 is installed
  • OR MozillaFirefox-translations-other-60.7.2-3.48 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.17 is installed
  • OR reiserfs-kmp-default-4.12.14-150.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP2 is installed
  • AND Package Information
  • openldap2-2.4.46-9.37 is installed
  • OR openldap2-back-meta-2.4.46-9.37 is installed
  • OR openldap2-back-perl-2.4.46-9.37 is installed
  • OR openldap2-ppolicy-check-password-1.2-9.37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_3-default-6-2 is installed
  • OR kernel-livepatch-SLE15_Update_1-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_15-default-2-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_4-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.9 is installed
  • OR kernel-default-livepatch-5.3.18-24.9 is installed
  • OR kernel-default-livepatch-devel-5.3.18-24.9 is installed
  • OR kernel-livepatch-5_3_18-24_9-default-1-5.3 is installed
  • OR kernel-livepatch-SLE15-SP2_Update_1-1-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • bind-9.11.2-12.11 is installed
  • OR bind-chrootenv-9.11.2-12.11 is installed
  • OR bind-doc-9.11.2-12.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • python3-virt-bootstrap-1.0.0-5.3 is installed
  • OR virt-bootstrap-1.0.0-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • dracut-037-66 is installed
  • OR dracut-fips-037-66 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_32-default-4-3 is installed
  • OR kgraft-patch-3_12_69-60_64_32-xen-4-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_13-4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • cron-4.2-58 is installed
  • OR cronie-1.4.11-58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libsystemd0-228-150.53 is installed
  • OR libsystemd0-32bit-228-150.53 is installed
  • OR libudev1-228-150.53 is installed
  • OR libudev1-32bit-228-150.53 is installed
  • OR systemd-228-150.53 is installed
  • OR systemd-32bit-228-150.53 is installed
  • OR systemd-bash-completion-228-150.53 is installed
  • OR systemd-sysvinit-228-150.53 is installed
  • OR udev-228-150.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.5_02-43.30 is installed
  • OR xen-doc-html-4.7.5_02-43.30 is installed
  • OR xen-libs-4.7.5_02-43.30 is installed
  • OR xen-libs-32bit-4.7.5_02-43.30 is installed
  • OR xen-tools-4.7.5_02-43.30 is installed
  • OR xen-tools-domU-4.7.5_02-43.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_45-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_14-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • evince-3.20.1-5 is installed
  • OR evince-browser-plugin-3.20.1-5 is installed
  • OR evince-lang-3.20.1-5 is installed
  • OR evince-plugin-djvudocument-3.20.1-5 is installed
  • OR evince-plugin-dvidocument-3.20.1-5 is installed
  • OR evince-plugin-pdfdocument-3.20.1-5 is installed
  • OR evince-plugin-psdocument-3.20.1-5 is installed
  • OR evince-plugin-tiffdocument-3.20.1-5 is installed
  • OR evince-plugin-xpsdocument-3.20.1-5 is installed
  • OR libevdocument3-4-3.20.1-5 is installed
  • OR libevview3-3-3.20.1-5 is installed
  • OR nautilus-evince-3.20.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND ucode-intel-20190618-13.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_72-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND binutils-2.32-9.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libxml2-2.9.4-46.15 is installed
  • OR libxml2-2-2.9.4-46.15 is installed
  • OR libxml2-2-32bit-2.9.4-46.15 is installed
  • OR libxml2-doc-2.9.4-46.15 is installed
  • OR libxml2-tools-2.9.4-46.15 is installed
  • OR python-libxml2-2.9.4-46.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cron-4.2-58 is installed
  • OR cronie-1.4.11-58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • gnutls-3.6.7-6.29 is installed
  • OR libgnutls-devel-3.6.7-6.29 is installed
  • OR libgnutls30-3.6.7-6.29 is installed
  • OR libgnutls30-32bit-3.6.7-6.29 is installed
  • OR libgnutls30-hmac-3.6.7-6.29 is installed
  • OR libgnutls30-hmac-32bit-3.6.7-6.29 is installed
  • OR libgnutlsxx-devel-3.6.7-6.29 is installed
  • OR libgnutlsxx28-3.6.7-6.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • dovecot23-2.3.10-4.27 is installed
  • OR dovecot23-backend-mysql-2.3.10-4.27 is installed
  • OR dovecot23-backend-pgsql-2.3.10-4.27 is installed
  • OR dovecot23-backend-sqlite-2.3.10-4.27 is installed
  • OR dovecot23-devel-2.3.10-4.27 is installed
  • OR dovecot23-fts-2.3.10-4.27 is installed
  • OR dovecot23-fts-lucene-2.3.10-4.27 is installed
  • OR dovecot23-fts-solr-2.3.10-4.27 is installed
  • OR dovecot23-fts-squat-2.3.10-4.27 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libvirt-2.0.0-27.54 is installed
  • OR libvirt-client-2.0.0-27.54 is installed
  • OR libvirt-daemon-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.54 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-xen-2.0.0-27.54 is installed
  • OR libvirt-doc-2.0.0-27.54 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.54 is installed
  • OR libvirt-nss-2.0.0-27.54 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • BACK