OVAL Reference oval:org.opensuse.security:def:51259

Oval Definition:

oval:org.opensuse.security:def:51259

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR (bsc#1171186): - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020-6831: Buffer overflow in SCTP chunk input validation - CVE-2020-12392: Arbitrary local file access with 'Copy as cURL' - CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection - CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1058115 1065729 1082555 1083647 1089895 1103098 1103203 1103678 1103990 1103991 1103992 1104745 1109837 1111666 1112178 1112374 1113956 1114279 1119947 1121816 1121821 1122292 1122299 1124278 1125687 1127354 1127355 1127371 1133021 1137001 1141780 1141782 1141783 1141785 1141787 1141789 1142685 1144333 1147021 1151794 1152489 1154824 1157169 1158265 1160388 1160467 1160468 1160947 1163102 1163103 1163104 1164780 1164871 1165183 1165478 1165741 1166066 1166969 1166978 1167574 1167851 1167867 1168332 1168670 1168789 1169020 1169514 1169525 1169762 1170056 1170125 1170145 1170284 1170345 1170457 1170522 1170592 1170617 1170618 1170620 1170621 1170770 1170778 1170791 1170901 1171078 1171098 1171118 1171186 1171189 1171191 1171195 1171202 1171205 1171214 1171217 1171218 1171219 1171220 1171244 1171293 1171417 1171527 1171599 1171600 1171601 1171602 1171604 1171605 1171606 1171607 1171608 1171609 1171610 1171611 1171612 1171613 1171614 1171615 1171616 1171617 1171618 1171619 1171620 1171621 1171622 1171623 1171624 1171625 1171626 1171662 1171679 1171691 1171692 1171694 1171695 1171736 1171817 1171948 1171949 1171951 1171952 1171979 1171982 1171983 1172017 1172096 1172097 1172098 1172099 1172101 1172102 1172103 1172104 1172127 1172130 1172185 1172188 1172199 1172201 1172202 1172221 1172249 1172251 1172317 1172342 1172343 1172344 1172356 1172366 1172378 1172391 1172397 1172453 1174543 1175070 1175071 1178074 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2011-0904 CVE-2011-0905 CVE-2011-1145 CVE-2011-1164 CVE-2011-1709 CVE-2012-5134 CVE-2018-1000199 CVE-2018-11212 CVE-2018-16884 CVE-2018-5391 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-12450 CVE-2019-14896 CVE-2019-14897 CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-19462 CVE-2019-20806 CVE-2019-20812 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-4473 CVE-2019-6109 CVE-2019-6111 CVE-2019-7317 CVE-2019-9455 CVE-2020-0034 CVE-2020-0543 CVE-2020-10690 CVE-2020-10711 CVE-2020-10720 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-11993 CVE-2020-12114 CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12655 CVE-2020-12656 CVE-2020-12657 CVE-2020-12659 CVE-2020-12768 CVE-2020-12769 CVE-2020-13143 CVE-2020-6831 CVE-2020-9490 SUSE-SU-2018:3881-1 SUSE-SU-2019:0496-1 SUSE-SU-2019:1594-1 SUSE-SU-2019:2291-1 SUSE-SU-2020:0454-1 SUSE-SU-2020:1209-1 SUSE-SU-2020:1297-2 SUSE-SU-2020:1599-1 SUSE-SU-2020:3067-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information gtk2-2.18.9-0.23 is installed OR gtk2-32bit-2.18.9-0.23 is installed OR gtk2-devel-2.18.9-0.23 is installed OR gtk2-lang-2.18.9-0.23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.7.0esr-0.8 is installed OR MozillaFirefox-translations-24.7.0esr-0.8 is installed OR libfreebl3-3.16.2-0.8 is installed OR libfreebl3-32bit-3.16.2-0.8 is installed OR libsoftokn3-3.16.2-0.8 is installed OR libsoftokn3-32bit-3.16.2-0.8 is installed OR mozilla-nss-3.16.2-0.8 is installed OR mozilla-nss-32bit-3.16.2-0.8 is installed OR mozilla-nss-tools-3.16.2-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gdm-3.10.0.1-13 is installed OR gdm-branding-upstream-3.10.0.1-13 is installed OR gdm-lang-3.10.0.1-13 is installed OR gdmflexiserver-3.10.0.1-13 is installed OR libgdm1-3.10.0.1-13 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND libmpfr4-3.1.2-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libFLAC++6-1.3.0-11 is installed OR libFLAC++6-32bit-1.3.0-11 is installed OR libFLAC8-1.3.0-11 is installed OR libFLAC8-32bit-1.3.0-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information glib2-2.54.3-4.15 is installed OR glib2-devel-32bit-2.54.3-4.15 is installed OR glib2-tools-32bit-2.54.3-4.15 is installed OR libgthread-2_0-0-32bit-2.54.3-4.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information MozillaFirefox-68.8.0-3.87 is installed OR MozillaFirefox-devel-68.8.0-3.87 is installed OR MozillaFirefox-translations-common-68.8.0-3.87 is installed OR MozillaFirefox-translations-other-68.8.0-3.87 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed AND Package Information libvpx-1.6.1-6.6 is installed OR libvpx-devel-1.6.1-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-3.24 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-3.24 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.40-3.24 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-3.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-6-2 is installed OR kernel-livepatch-SLE15_Update_1-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.45 is installed OR kernel-default-livepatch-4.12.14-197.45 is installed OR kernel-default-livepatch-devel-4.12.14-197.45 is installed OR kernel-livepatch-4_12_14-197_45-default-1-3.5 is installed OR kernel-livepatch-SLE15-SP1_Update_12-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openssh-7.6p1-9.23 is installed OR openssh-fips-7.6p1-9.23 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.17.0-3.28 is installed OR nodejs8-devel-8.17.0-3.28 is installed OR nodejs8-docs-8.17.0-3.28 is installed OR npm8-8.17.0-3.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ibus-chewing-1.4.10.1-2 is installed OR ibus-pinyin-1.5.0-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_32-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_13-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gdm-3.10.0.1-52 is installed OR gdm-lang-3.10.0.1-52 is installed OR gdmflexiserver-3.10.0.1-52 is installed OR libgdm1-3.10.0.1-52 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND autofs-5.0.9-27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND gdb-8.3.1-2.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information xen-4.10.4_14-3.38 is installed OR xen-devel-4.10.4_14-3.38 is installed OR xen-libs-4.10.4_14-3.38 is installed OR xen-tools-4.10.4_14-3.38 is installed OR xen-tools-domU-4.10.4_14-3.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information apache2-2.4.33-3.41 is installed OR apache2-devel-2.4.33-3.41 is installed OR apache2-doc-2.4.33-3.41 is installed OR apache2-prefork-2.4.33-3.41 is installed OR apache2-utils-2.4.33-3.41 is installed OR apache2-worker-2.4.33-3.41 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND python-requests-2.11.1-6.31 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.100 is installed OR kernel-default-base-4.4.180-94.100 is installed OR kernel-default-devel-4.4.180-94.100 is installed OR kernel-devel-4.4.180-94.100 is installed OR kernel-macros-4.4.180-94.100 is installed OR kernel-source-4.4.180-94.100 is installed OR kernel-syms-4.4.180-94.100 is installed OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed

BACK