OVAL Reference oval:org.opensuse.security:def:52145

Oval Definition:

oval:org.opensuse.security:def:52145

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues: Security issues fixed: - CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing (bsc#1173576). - CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster (bsc#1173576). - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 (bsc#1173576). - CVE-2020-12418: Information disclosure due to manipulated URL object (bsc#1173576). - CVE-2020-12419: Use-after-free in nsGlobalWindowInner (bsc#1173576). - CVE-2020-12420: Use-After-Free when trying to connect to a STUN server (bsc#1173576). - CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack (bsc#1173576). - CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates (bsc#1173576). - CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (bsc#1173576). - CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library (bsc#1173576). - CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process (bsc#1173576). - CVE-2020-12425: Out of bound read in Date.parse() (bsc#1173576). - CVE-2020-12426: Memory safety bugs fixed in Firefox 78 (bsc#1173576). - FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled (bsc#1167231). Non-security issues fixed: - Fixed interaction with freetype6 (bsc#1173613).
Family:	unix	Class:	patch
Status:		Reference(s):	1086263 1098447 1098649 1134157 1134853 1143463 1143777 1143817 1143818 1143819 1143820 1143821 1143823 1143824 1143825 1143827 1143828 1143830 1143831 1154063 1159819 1159973 1162198 1166238 1167209 1168404 1168407 1169066 1169746 1171978 1173576 1173613 1176179 CVE-2007-4772 CVE-2007-6600 CVE-2009-0159 CVE-2009-0163 CVE-2009-1252 CVE-2009-2820 CVE-2009-3553 CVE-2009-4034 CVE-2009-4136 CVE-2010-0393 CVE-2010-0540 CVE-2010-0542 CVE-2010-1169 CVE-2010-1170 CVE-2010-1748 CVE-2010-2941 CVE-2010-3433 CVE-2011-2483 CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 CVE-2012-2143 CVE-2012-2655 CVE-2012-3488 CVE-2012-3489 CVE-2012-4510 CVE-2012-5519 CVE-2012-6094 CVE-2013-0255 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-5211 CVE-2013-6418 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2014-2856 CVE-2014-3537 CVE-2014-3634 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2014-9297 CVE-2014-9298 CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 CVE-2015-1798 CVE-2015-1799 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-3405 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-5288 CVE-2015-5289 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-7871 CVE-2016-0766 CVE-2016-0773 CVE-2016-2193 CVE-2016-3065 CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 CVE-2018-1000135 CVE-2019-11059 CVE-2019-11690 CVE-2019-13103 CVE-2019-14192 CVE-2019-14193 CVE-2019-14194 CVE-2019-14195 CVE-2019-14196 CVE-2019-14197 CVE-2019-14198 CVE-2019-14199 CVE-2019-14200 CVE-2019-14201 CVE-2019-14202 CVE-2019-14203 CVE-2019-14204 CVE-2019-17006 CVE-2020-10648 CVE-2020-12399 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 CVE-2020-24977 CVE-2020-8432 SUSE-SU-2019:1369-1 SUSE-SU-2020:0413-1 SUSE-SU-2020:1126-1 SUSE-SU-2020:1677-1 SUSE-SU-2020:2583-1 SUSE-SU-2020:3283-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libreoffice-6.0.4.2-lp150.1 is installed OR libreoffice-base-6.0.4.2-lp150.1 is installed OR libreoffice-base-drivers-mysql-6.0.4.2-lp150.1 is installed OR libreoffice-branding-upstream-6.0.4.2-lp150.1 is installed OR libreoffice-calc-6.0.4.2-lp150.1 is installed OR libreoffice-draw-6.0.4.2-lp150.1 is installed OR libreoffice-filters-optional-6.0.4.2-lp150.1 is installed OR libreoffice-gnome-6.0.4.2-lp150.1 is installed OR libreoffice-gtk3-6.0.4.2-lp150.1 is installed OR libreoffice-icon-themes-6.0.4.2-lp150.1 is installed OR libreoffice-impress-6.0.4.2-lp150.1 is installed OR libreoffice-kde4-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ar-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-bg-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ca-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-cs-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-da-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-de-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-el-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-en-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-eo-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-es-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-et-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-fa-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-fi-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-fr-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-hu-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-it-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ja-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ko-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-lt-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-nb-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-nl-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-pl-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-pt_BR-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ru-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-sk-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-sl-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-sv-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-uk-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-zh_CN-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-zh_TW-6.0.4.2-lp150.1 is installed OR libreoffice-mailmerge-6.0.4.2-lp150.1 is installed OR libreoffice-math-6.0.4.2-lp150.1 is installed OR libreoffice-pyuno-6.0.4.2-lp150.1 is installed OR libreoffice-writer-6.0.4.2-lp150.1 is installed OR libreofficekit-6.0.4.2-lp150.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libfreebl3-3.19.2.2-22 is installed OR libfreebl3-32bit-3.19.2.2-22 is installed OR libsoftokn3-3.19.2.2-22 is installed OR libsoftokn3-32bit-3.19.2.2-22 is installed OR mozilla-nss-3.19.2.2-22 is installed OR mozilla-nss-32bit-3.19.2.2-22 is installed OR mozilla-nss-tools-3.19.2.2-22 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information grub2-2.02~beta2-56.9 is installed OR grub2-i386-pc-2.02~beta2-56.9 is installed OR grub2-snapper-plugin-2.02~beta2-56.9 is installed OR grub2-x86_64-efi-2.02~beta2-56.9 is installed OR grub2-x86_64-xen-2.02~beta2-56.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cups-1.7.5-9 is installed OR cups-client-1.7.5-9 is installed OR cups-libs-1.7.5-9 is installed OR cups-libs-32bit-1.7.5-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libecpg6-9.6.3-2 is installed OR libpq5-9.6.3-2 is installed OR libpq5-32bit-9.6.3-2 is installed OR postgresql96-9.6.3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libX11-6-1.6.2-12.5 is installed OR libX11-6-32bit-1.6.2-12.5 is installed OR libX11-data-1.6.2-12.5 is installed OR libX11-xcb1-1.6.2-12.5 is installed OR libX11-xcb1-32bit-1.6.2-12.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information MozillaFirefox-78.0.1-3.94 is installed OR MozillaFirefox-branding-upstream-78.0.1-3.94 is installed OR MozillaFirefox-buildsymbols-78.0.1-3.94 is installed OR MozillaFirefox-devel-78.0.1-3.94 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-6-3 is installed OR kgraft-patch-3_12_67-60_64_24-xen-6-3 is installed OR kgraft-patch-SLE12-SP1_Update_11-6-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information dbus-1-1.8.16-19 is installed OR dbus-1-x11-1.8.16-19 is installed OR libdbus-1-3-1.8.16-19 is installed OR libdbus-1-3-32bit-1.8.16-19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND cifs-utils-6.5-8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND clamav-0.100.3-33.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND squid-3.5.21-26.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libfreebl3-3.53-3.40 is installed OR libfreebl3-32bit-3.53-3.40 is installed OR libfreebl3-hmac-3.53-3.40 is installed OR libfreebl3-hmac-32bit-3.53-3.40 is installed OR libsoftokn3-3.53-3.40 is installed OR libsoftokn3-32bit-3.53-3.40 is installed OR libsoftokn3-hmac-3.53-3.40 is installed OR libsoftokn3-hmac-32bit-3.53-3.40 is installed OR mozilla-nspr-4.25-3.12 is installed OR mozilla-nspr-32bit-4.25-3.12 is installed OR mozilla-nspr-devel-4.25-3.12 is installed OR mozilla-nss-3.53-3.40 is installed OR mozilla-nss-32bit-3.53-3.40 is installed OR mozilla-nss-certs-3.53-3.40 is installed OR mozilla-nss-certs-32bit-3.53-3.40 is installed OR mozilla-nss-devel-3.53-3.40 is installed OR mozilla-nss-sysinit-3.53-3.40 is installed OR mozilla-nss-tools-3.53-3.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information NetworkManager-1.10.6-5.6 is installed OR NetworkManager-lang-1.10.6-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND enigmail-2.1.5-3.22 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information xorg-x11-server-7.6_1.15.2-53.3 is installed OR xorg-x11-server-extra-7.6_1.15.2-53.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libprocps3-3.3.9-11.18 is installed OR procps-3.3.9-11.18 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND ucode-intel-20190618-13.47 is installed

BACK