OVAL Reference oval:org.opensuse.security:def:52086

Oval Definition:

oval:org.opensuse.security:def:52086

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR (bsc#1171186): - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020-6831: Buffer overflow in SCTP chunk input validation - CVE-2020-12392: Arbitrary local file access with 'Copy as cURL' - CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection - CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
Family:	unix	Class:	patch
Status:		Reference(s):	1133375 1135855 1162117 1166844 1166916 1171186 1172442 1172443 1172810 1173274 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1176116 1176256 1176257 1176258 1176259 1176579 CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 CVE-2011-3602 CVE-2012-5112 CVE-2012-5133 CVE-2014-1344 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-1390 CVE-2014-1748 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 CVE-2014-3634 CVE-2014-5461 CVE-2015-1071 CVE-2015-1076 CVE-2015-1081 CVE-2015-1083 CVE-2015-1120 CVE-2015-1122 CVE-2015-1127 CVE-2015-1153 CVE-2015-1155 CVE-2015-2330 CVE-2015-2806 CVE-2015-3622 CVE-2015-3658 CVE-2015-3659 CVE-2015-3727 CVE-2015-3731 CVE-2015-3741 CVE-2015-3743 CVE-2015-3745 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-3752 CVE-2015-5788 CVE-2015-5794 CVE-2015-5801 CVE-2015-5809 CVE-2015-5822 CVE-2015-5928 CVE-2016-4008 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9810 CVE-2017-18922 CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5977 CVE-2017-5978 CVE-2017-5979 CVE-2017-5980 CVE-2017-5981 CVE-2018-21247 CVE-2019-12269 CVE-2019-20839 CVE-2019-20840 CVE-2019-9928 CVE-2020-10531 CVE-2020-11080 CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14422 CVE-2020-1472 CVE-2020-15166 CVE-2020-6831 CVE-2020-7598 CVE-2020-8174 SUSE-SU-2019:1576-1 SUSE-SU-2020:1209-1 SUSE-SU-2020:1300-1 SUSE-SU-2020:1568-1 SUSE-SU-2020:1920-1 SUSE-SU-2020:2719-1 SUSE-SU-2020:3264-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libical2-2.0.0-lp150.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information krb5-1.6.3-133.49.97 is installed OR krb5-32bit-1.6.3-133.49.97 is installed OR krb5-client-1.6.3-133.49.97 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information ntp-4.2.8p4-5 is installed OR ntp-doc-4.2.8p4-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND radvd-1.9.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information liblua5_2-5.2.2-4 is installed OR lua-5.2.2-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libjavascriptcoregtk-1_0-0-2.4.11-23 is installed OR libjavascriptcoregtk-1_0-0-32bit-2.4.11-23 is installed OR libjavascriptcoregtk-3_0-0-2.4.11-23 is installed OR libwebkitgtk-1_0-0-2.4.11-23 is installed OR libwebkitgtk-1_0-0-32bit-2.4.11-23 is installed OR libwebkitgtk-3_0-0-2.4.11-23 is installed OR libwebkitgtk2-lang-2.4.11-23 is installed OR libwebkitgtk3-lang-2.4.11-23 is installed OR typelib-1_0-JavaScriptCore-3_0-2.4.11-23 is installed OR typelib-1_0-WebKit-3_0-2.4.11-23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gstreamer-0_10-plugins-good-0.10.31-16 is installed OR gstreamer-0_10-plugins-good-lang-0.10.31-16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information g3utils-1.1.36-58.3 is installed OR mgetty-1.1.36-58.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information MozillaFirefox-68.8.0-3.87 is installed OR MozillaFirefox-branding-upstream-68.8.0-3.87 is installed OR MozillaFirefox-buildsymbols-68.8.0-3.87 is installed OR MozillaFirefox-devel-68.8.0-3.87 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.21.0-1.21 is installed OR nodejs10-devel-10.21.0-1.21 is installed OR nodejs10-docs-10.21.0-1.21 is installed OR npm10-10.21.0-1.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information giflib-5.0.5-7 is installed OR giflib-progs-5.0.5-7 is installed OR libgif6-5.0.5-7 is installed OR libgif6-32bit-5.0.5-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_61-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND python-ipaddress-1.0.18-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information gstreamer-plugins-base-1.12.5-3.3 is installed OR gstreamer-plugins-base-lang-1.12.5-3.3 is installed OR libgstallocators-1_0-0-1.12.5-3.3 is installed OR libgstapp-1_0-0-1.12.5-3.3 is installed OR libgstaudio-1_0-0-1.12.5-3.3 is installed OR libgstfft-1_0-0-1.12.5-3.3 is installed OR libgstpbutils-1_0-0-1.12.5-3.3 is installed OR libgstriff-1_0-0-1.12.5-3.3 is installed OR libgstrtp-1_0-0-1.12.5-3.3 is installed OR libgstrtsp-1_0-0-1.12.5-3.3 is installed OR libgstsdp-1_0-0-1.12.5-3.3 is installed OR libgsttag-1_0-0-1.12.5-3.3 is installed OR libgstvideo-1_0-0-1.12.5-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND enigmail-2.0.11-3.16 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND haproxy-1.5.14-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information kernel-default-4.4.121-92.120 is installed OR kernel-default-base-4.4.121-92.120 is installed OR kernel-default-devel-4.4.121-92.120 is installed OR kernel-default-man-4.4.121-92.120 is installed OR kernel-devel-4.4.121-92.120 is installed OR kernel-macros-4.4.121-92.120 is installed OR kernel-source-4.4.121-92.120 is installed OR kernel-syms-4.4.121-92.120 is installed OR kgraft-patch-4_4_121-92_120-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_32-1-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-Django-1.11.11-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information python-cffi-1.11.2-5.11 is installed OR python-cryptography-2.1.4-7.28 is installed OR python-xattr-0.7.5-6.3 is installed OR python3-cffi-1.11.2-5.11 is installed OR python3-cryptography-2.1.4-7.28 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.5 is installed

BACK