OVAL Reference oval:org.opensuse.security:def:51316

Oval Definition:

oval:org.opensuse.security:def:51316

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.4.1 ESR * Fixed: Security fix MFSA 2020-03 (bsc#1160498) * CVE-2019-17026 (bmo#1607443) IonMonkey type confusion with StoreElementHole and FallibleStoreElement - Firefox Extended Support Release 68.4.0 ESR * Fixed: Various security fixes MFSA 2020-02 (bsc#1160305) * CVE-2019-17015 (bmo#1599005) Memory corruption in parent process during new content process initialization on Windows * CVE-2019-17016 (bmo#1599181) Bypass of @namespace CSS sanitization during pasting * CVE-2019-17017 (bmo#1603055) Type Confusion in XPCVariant.cpp * CVE-2019-17021 (bmo#1599008) Heap address disclosure in parent process during content process initialization on Windows * CVE-2019-17022 (bmo#1602843) CSS sanitization does not escape HTML tags * CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826) Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
Family:	unix	Class:	patch
Status:		Reference(s):	1044231 1051510 1051858 1056686 1060463 1065729 1103203 1103990 1103992 1104353 1104745 1105026 1106855 1106857 1106858 1106989 1107604 1107609 1107612 1107616 1107618 1107619 1109837 1111666 1111974 1112178 1112374 1113956 1114279 1114685 1119680 1127611 1133021 1134090 1135855 1136157 1141895 1144333 1144903 1146539 1149841 1151021 1153108 1153158 1153161 1156510 1157424 1158095 1158187 1159285 1160305 1160498 1160659 1161561 1161951 1162689 1162691 1162928 1162929 1162931 1164078 1164507 1164692 1164825 1164860 1165111 1165404 1165488 1165527 1165741 1165813 1165873 1165929 1165950 1165980 1165984 1165985 1166003 1166101 1166102 1166103 1166104 1166632 1166658 1166730 1166731 1166732 1166733 1166734 1166735 1167373 1169659 1170313 1171746 1172437 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 904970 907150 920615 920633 930408 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2011-1946 CVE-2011-3635 CVE-2011-4349 CVE-2017-18922 CVE-2018-1000199 CVE-2018-15471 CVE-2018-16323 CVE-2018-16328 CVE-2018-16329 CVE-2018-16413 CVE-2018-16640 CVE-2018-16641 CVE-2018-16642 CVE-2018-16643 CVE-2018-16644 CVE-2018-16645 CVE-2018-21247 CVE-2019-10220 CVE-2019-12269 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-14835 CVE-2019-14889 CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-17133 CVE-2019-17569 CVE-2019-18860 CVE-2019-19768 CVE-2019-20839 CVE-2019-20840 CVE-2020-10757 CVE-2020-11945 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-1935 CVE-2020-1938 CVE-2020-8517 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383 SUSE-SU-2018:2677-1 SUSE-SU-2018:2977-1 SUSE-SU-2019:1576-1 SUSE-SU-2019:2864-1 SUSE-SU-2020:0078-1 SUSE-SU-2020:0130-1 SUSE-SU-2020:0598-1 SUSE-SU-2020:0836-1 SUSE-SU-2020:1156-1 SUSE-SU-2020:1922-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information coreutils-8.29-lp150.2 is installed OR coreutils-lang-8.29-lp150.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libXext-7.4-1.18 is installed OR xorg-x11-libXext-32bit-7.4-1.18 is installed OR xorg-x11-libXext-devel-7.4-1.18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND kernel-bigsmp-devel-3.0.101-0.40 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libgnomesu-1.0.0-352 is installed OR libgnomesu-lang-1.0.0-352 is installed OR libgnomesu0-1.0.0-352 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information colord-1.1.7-5 is installed OR colord-gtk-lang-0.1.25-3 is installed OR colord-lang-1.1.7-5 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-5 is installed OR libcolord2-32bit-1.1.7-5 is installed OR libcolorhug2-1.1.7-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gd-2.1.0-12 is installed OR gd-32bit-2.1.0-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information MozillaFirefox-68.4.1-3.66 is installed OR MozillaFirefox-devel-68.4.1-3.66 is installed OR MozillaFirefox-translations-common-68.4.1-3.66 is installed OR MozillaFirefox-translations-other-68.4.1-3.66 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information ImageMagick-7.0.7.34-3.24 is installed OR perl-PerlMagick-7.0.7.34-3.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-3-2 is installed OR kernel-livepatch-SLE15_Update_1-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_15-default-3-2 is installed OR kernel-livepatch-SLE15-SP1_Update_4-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND squid-4.11-5.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libjavascriptcoregtk-3_0-0-2.4.8-16 is installed OR libwebkitgtk-3_0-0-2.4.8-16 is installed OR libwebkitgtk3-lang-2.4.8-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_32-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_13-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND perl-Archive-Zip-1.34-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXcursor1-1.1.14-4.6 is installed OR libXcursor1-32bit-1.1.14-4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libssh-0.7.5-6.9 is installed OR libssh-devel-0.7.5-6.9 is installed OR libssh4-0.7.5-6.9 is installed OR libssh4-32bit-0.7.5-6.9 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND enigmail-2.0.11-3.16 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND slf4j-1.7.12-3.3 is installed

BACK