Oval Definition:oval:org.opensuse.security:def:51343
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Firefox was updated to 78.3.0 ESR (bsc#1176756, MFSA 2020-43) - CVE-2020-15677: Download origin spoofing via redirect - CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a contenteditable element - CVE-2020-15678: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario - CVE-2020-15673: Fixed memory safety bugs - Enhance fix for wayland-detection (bsc#1174420) - Attempt to fix langpack-parallelization by introducing separate obj-dirs for each lang (bsc#1173986, bsc#1167976)

- Firefox was updated to 78.2.0 ESR (bsc#1175686, MFSA 2020-38) - CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege - CVE-2020-15664: Attacker-induced prompt for extension installation - CVE-2020-15670: Fixed memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

- Fixed Firefox tab crash in FIPS mode (bsc#1174284). - Fixed broken translation-loading (bsc#1173991) - allow addon sideloading - mark signatures for langpacks non-mandatory - do not autodisable user profile scopes - Google API key is not usable for geolocation service any more
Family:unixClass:patch
Status:Reference(s):1051510
1061840
1065600
1071995
1088047
1094555
1098633
1103203
1106383
1106751
1109137
1114279
1119532
1120423
1124167
1125330
1127155
1128432
1128902
1128910
1131645
1132154
1132390
1133191
1133401
1133738
1134303
1134395
1135280
1135296
1135556
1135642
1136157
1136446
1136598
1136922
1136935
1137103
1137194
1137429
1137597
1137625
1137728
1137884
1137995
1137996
1137998
1137999
1138000
1138002
1138003
1138005
1138006
1138007
1138008
1138009
1138010
1138011
1138012
1138013
1138014
1138015
1138016
1138017
1138018
1138019
1138291
1138293
1138374
1138375
1138589
1138719
1139751
1139771
1139782
1139865
1140133
1140328
1140405
1140424
1140428
1140575
1140577
1140637
1140658
1140715
1140719
1140726
1140727
1140728
1140814
1160467
1160468
1167976
1171252
1171254
1171477
1173274
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1173986
1173991
1174284
1174420
1175193
1175194
1175686
1175992
1176012
1176072
1176382
1176756
1176896
1177513
1177729
CVE-2009-0316
CVE-2009-2624
CVE-2010-0001
CVE-2012-1571
CVE-2014-3710
CVE-2014-3970
CVE-2014-8116
CVE-2014-8117
CVE-2017-18922
CVE-2018-16871
CVE-2018-18335
CVE-2018-18356
CVE-2018-18509
CVE-2018-20836
CVE-2018-21247
CVE-2019-10126
CVE-2019-10638
CVE-2019-10639
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-11599
CVE-2019-12380
CVE-2019-12456
CVE-2019-12614
CVE-2019-12818
CVE-2019-12819
CVE-2019-14896
CVE-2019-14897
CVE-2019-20839
CVE-2019-20840
CVE-2019-3846
CVE-2019-5785
CVE-2020-0431
CVE-2020-10722
CVE-2020-10723
CVE-2020-10724
CVE-2020-10725
CVE-2020-10726
CVE-2020-12351
CVE-2020-12653
CVE-2020-12654
CVE-2020-14349
CVE-2020-14350
CVE-2020-14381
CVE-2020-14386
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-14422
CVE-2020-15663
CVE-2020-15664
CVE-2020-15670
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-24394
CVE-2020-25212
CVE-2020-25645
SUSE-SU-2019:0469-1
SUSE-SU-2019:1581-1
SUSE-SU-2019:1855-1
SUSE-SU-2020:1334-1
SUSE-SU-2020:1822-1
SUSE-SU-2020:1922-1
SUSE-SU-2020:2355-1
SUSE-SU-2020:2749-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Live Patching 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gdk-pixbuf-lang-2.36.11-lp150.3 is installed
  • OR gdk-pixbuf-query-loaders-2.36.11-lp150.3 is installed
  • OR gdk-pixbuf-thumbnailer-2.36.11-lp150.3 is installed
  • OR libgdk_pixbuf-2_0-0-2.36.11-lp150.3 is installed
  • OR typelib-1_0-GdkPixbuf-2_0-2.36.11-lp150.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND bogofilter-1.1.1-174.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND cabextract-1.2-2.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libpulse-mainloop-glib0-5.0-2 is installed
  • OR libpulse-mainloop-glib0-32bit-5.0-2 is installed
  • OR libpulse0-5.0-2 is installed
  • OR libpulse0-32bit-5.0-2 is installed
  • OR pulseaudio-5.0-2 is installed
  • OR pulseaudio-esound-compat-5.0-2 is installed
  • OR pulseaudio-gdm-hooks-5.0-2 is installed
  • OR pulseaudio-lang-5.0-2 is installed
  • OR pulseaudio-module-bluetooth-5.0-2 is installed
  • OR pulseaudio-module-gconf-5.0-2 is installed
  • OR pulseaudio-module-jack-5.0-2 is installed
  • OR pulseaudio-module-lirc-5.0-2 is installed
  • OR pulseaudio-module-x11-5.0-2 is installed
  • OR pulseaudio-module-zeroconf-5.0-2 is installed
  • OR pulseaudio-utils-5.0-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • file-5.19-9 is installed
  • OR file-magic-5.19-9 is installed
  • OR libmagic1-5.19-9 is installed
  • OR libmagic1-32bit-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND binutils-2.26.1-9.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • cpio-2.11-35 is installed
  • OR cpio-lang-2.11-35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • bash-4.3-83.15 is installed
  • OR bash-doc-4.3-83.15 is installed
  • OR bash-lang-4.3-83.15 is installed
  • OR libreadline6-6.3-83.15 is installed
  • OR libreadline6-32bit-6.3-83.15 is installed
  • OR readline-doc-6.3-83.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.22 is installed
  • OR libvncserver0-0.9.10-4.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • MozillaFirefox-78.3.0-8.6 is installed
  • OR MozillaFirefox-devel-78.3.0-8.6 is installed
  • OR MozillaFirefox-translations-common-78.3.0-8.6 is installed
  • OR MozillaFirefox-translations-other-78.3.0-8.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • kernel-docs-4.12.14-150.27 is installed
  • OR kernel-obs-build-4.12.14-150.27 is installed
  • OR kernel-source-4.12.14-150.27 is installed
  • OR kernel-syms-4.12.14-150.27 is installed
  • OR kernel-vanilla-4.12.14-150.27 is installed
  • OR kernel-vanilla-base-4.12.14-150.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_28-default-3-2 is installed
  • OR kernel-livepatch-SLE15_Update_8-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_26-default-2-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_7-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed
  • AND Package Information
  • kernel-livepatch-5_3_18-24_12-default-3-2 is installed
  • OR kernel-livepatch-SLE15-SP2_Update_2-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • postgresql10-10.14-8.19 is installed
  • OR postgresql10-contrib-10.14-8.19 is installed
  • OR postgresql10-devel-10.14-8.19 is installed
  • OR postgresql10-docs-10.14-8.19 is installed
  • OR postgresql10-plperl-10.14-8.19 is installed
  • OR postgresql10-plpython-10.14-8.19 is installed
  • OR postgresql10-pltcl-10.14-8.19 is installed
  • OR postgresql10-server-10.14-8.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.1-12 is installed
  • OR python3-base-3.4.1-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libspice-server1-0.12.5-10 is installed
  • OR spice-0.12.5-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • freeradius-server-3.0.3-10 is installed
  • OR freeradius-server-doc-3.0.3-10 is installed
  • OR freeradius-server-krb5-3.0.3-10 is installed
  • OR freeradius-server-ldap-3.0.3-10 is installed
  • OR freeradius-server-libs-3.0.3-10 is installed
  • OR freeradius-server-mysql-3.0.3-10 is installed
  • OR freeradius-server-perl-3.0.3-10 is installed
  • OR freeradius-server-postgresql-3.0.3-10 is installed
  • OR freeradius-server-python-3.0.3-10 is installed
  • OR freeradius-server-sqlite-3.0.3-10 is installed
  • OR freeradius-server-utils-3.0.3-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • automake-1.13.4-6 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_155-94_50-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_17-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • cups-1.7.5-20.17 is installed
  • OR cups-client-1.7.5-20.17 is installed
  • OR cups-libs-1.7.5-20.17 is installed
  • OR cups-libs-32bit-1.7.5-20.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libcdio14-0.90-6.3 is installed
  • OR libcdio14-32bit-0.90-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libpython3_6m1_0-3.6.10-3.56 is installed
  • OR python3-3.6.10-3.56 is installed
  • OR python3-base-3.6.10-3.56 is installed
  • OR python3-curses-3.6.10-3.56 is installed
  • OR python3-dbm-3.6.10-3.56 is installed
  • OR python3-devel-3.6.10-3.56 is installed
  • OR python3-idle-3.6.10-3.56 is installed
  • OR python3-tk-3.6.10-3.56 is installed
  • OR python3-tools-3.6.10-3.56 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • dpdk-18.11.3-3.19 is installed
  • OR dpdk-devel-18.11.3-3.19 is installed
  • OR dpdk-kmp-default-18.11.3_k4.12.14_150.47-3.19 is installed
  • OR dpdk-tools-18.11.3-3.19 is installed
  • OR libdpdk-18_11-18.11.3-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • MozillaThunderbird-60.5.1-3.24 is installed
  • OR MozillaThunderbird-translations-common-60.5.1-3.24 is installed
  • OR MozillaThunderbird-translations-other-60.5.1-3.24 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libmysqlclient18-10.0.38-29.27 is installed
  • OR mariadb-10.0.38-29.27 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
  • OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
    • BACK