OVAL Reference oval:org.opensuse.security:def:52264

Oval Definition:

oval:org.opensuse.security:def:52264

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.5.0 ESR (bsc#1178824) * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls * CVE-2020-26953: Fullscreen could be enabled without displaying the security UI * CVE-2020-26956: XSS through paste (manual and clipboard API) * CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions * CVE-2020-26959: Use-after-free in WebRequestService * CVE-2020-26960: Potential use-after-free in uses of nsTArray * CVE-2020-15999: Heap buffer overflow in freetype * CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses * CVE-2020-26965: Software keyboards may have remembered typed passwords * CVE-2020-26966: Single-word search queries were also broadcast to local network * CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
Family:	unix	Class:	patch
Status:		Reference(s):	1040973 1068873 1088424 1097599 1097600 1109175 1109176 1109299 1115364 1117513 1129452 1142684 1158328 1160904 1160906 1169365 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1176343 1176344 1176345 1176346 1176347 1176348 1176349 1176350 1178824 CVE-2008-3825 CVE-2009-1384 CVE-2010-0405 CVE-2011-0020 CVE-2011-0064 CVE-2011-2721 CVE-2011-3146 CVE-2011-3627 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 CVE-2012-6706 CVE-2013-1881 CVE-2013-2002 CVE-2013-2005 CVE-2013-6497 CVE-2014-0172 CVE-2014-9050 CVE-2014-9087 CVE-2014-9328 CVE-2014-9447 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463 CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2305 CVE-2015-2668 CVE-2016-10198 CVE-2016-10199 CVE-2016-4574 CVE-2016-4579 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9810 CVE-2016-9811 CVE-2017-1000126 CVE-2017-11464 CVE-2017-18922 CVE-2017-5837 CVE-2017-5839 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5844 CVE-2017-5845 CVE-2017-9239 CVE-2018-1000041 CVE-2018-12264 CVE-2018-12265 CVE-2018-17229 CVE-2018-17230 CVE-2018-17282 CVE-2018-19108 CVE-2018-19607 CVE-2018-21247 CVE-2018-9305 CVE-2019-11745 CVE-2019-13114 CVE-2019-13722 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-18903 CVE-2019-20839 CVE-2019-20840 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-15999 CVE-2020-16012 CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25603 CVE-2020-25604 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26966 CVE-2020-26968 CVE-2020-7217 SUSE-SU-2019:3339-1 SUSE-SU-2020:0370-1 SUSE-SU-2020:0921-1 SUSE-SU-2020:1177-1 SUSE-SU-2020:1922-1 SUSE-SU-2020:2789-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information alsa-1.1.5-lp150.4 is installed OR libasound2-1.1.5-lp150.4 is installed OR libasound2-32bit-1.1.5-lp150.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information kdelibs4-4.3.5-0.12 is installed OR kdelibs4-core-4.3.5-0.12 is installed OR libkde4-4.3.5-0.12 is installed OR libkde4-32bit-4.3.5-0.12 is installed OR libkdecore4-4.3.5-0.12 is installed OR libkdecore4-32bit-4.3.5-0.12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.554-0.29 is installed OR flash-player-gnome-11.2.202.554-0.29 is installed OR flash-player-kde4-11.2.202.554-0.29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libXt6-1.1.4-3 is installed OR libXt6-32bit-1.1.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libpango-1_0-0-1.36.3-4 is installed OR libpango-1_0-0-32bit-1.36.3-4 is installed OR pango-modules-1.36.3-4 is installed OR pango-modules-32bit-1.36.3-4 is installed OR typelib-1_0-Pango-1_0-1.36.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libdw1-0.158-6 is installed OR libdw1-32bit-0.158-6 is installed OR libebl1-0.158-6 is installed OR libebl1-32bit-0.158-6 is installed OR libelf1-0.158-6 is installed OR libelf1-32bit-0.158-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND clamav-0.99.2-32 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.20-5.6 is installed OR librsvg-2-2-2.40.20-5.6 is installed OR librsvg-2-2-32bit-2.40.20-5.6 is installed OR rsvg-view-2.40.20-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information MozillaFirefox-78.5.0-3.119 is installed OR MozillaFirefox-branding-upstream-78.5.0-3.119 is installed OR MozillaFirefox-buildsymbols-78.5.0-3.119 is installed OR MozillaFirefox-devel-78.5.0-3.119 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libmysqlclient18-10.0.21-1 is installed OR libmysqlclient18-32bit-10.0.21-1 is installed OR mariadb-10.0.21-1 is installed OR mariadb-client-10.0.21-1 is installed OR mariadb-errormessages-10.0.21-1 is installed OR mariadb-tools-10.0.21-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-4-3 is installed OR kgraft-patch-3_12_69-60_64_32-xen-4-3 is installed OR kgraft-patch-SLE12-SP1_Update_13-4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libldap-2_4-2-2.4.41-18.25 is installed OR libldap-2_4-2-32bit-2.4.41-18.25 is installed OR openldap2-2.4.41-18.25 is installed OR openldap2-back-meta-2.4.41-18.25 is installed OR openldap2-client-2.4.41-18.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_24-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_9-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND shadow-4.2.1-27.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXdmcp6-1.1.1-12 is installed OR libXdmcp6-32bit-1.1.1-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information rpmlint-1.10-7.12 is installed OR rpmlint-mini-1.10-5.12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information MozillaThunderbird-68.3.0-3.61 is installed OR MozillaThunderbird-translations-common-68.3.0-3.61 is installed OR MozillaThunderbird-translations-other-68.3.0-3.61 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncclient0-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information openstack-aodh-5.1.1~dev5-3.5 is installed OR openstack-aodh-api-5.1.1~dev5-3.5 is installed OR openstack-aodh-doc-5.1.1~dev5-3.5 is installed OR openstack-aodh-evaluator-5.1.1~dev5-3.5 is installed OR openstack-aodh-expirer-5.1.1~dev5-3.5 is installed OR openstack-aodh-listener-5.1.1~dev5-3.5 is installed OR openstack-aodh-notifier-5.1.1~dev5-3.5 is installed OR openstack-barbican-5.0.1~dev11-3.8 is installed OR openstack-barbican-api-5.0.1~dev11-3.8 is installed OR openstack-barbican-doc-5.0.1~dev11-3.8 is installed OR openstack-barbican-keystone-listener-5.0.1~dev11-3.8 is installed OR openstack-barbican-retry-5.0.1~dev11-3.8 is installed OR openstack-barbican-worker-5.0.1~dev11-3.8 is installed OR openstack-cinder-11.1.2~dev14-3.6 is installed OR openstack-cinder-api-11.1.2~dev14-3.6 is installed OR openstack-cinder-backup-11.1.2~dev14-3.6 is installed OR openstack-cinder-doc-11.1.2~dev14-3.6 is installed OR openstack-cinder-scheduler-11.1.2~dev14-3.6 is installed OR openstack-cinder-volume-11.1.2~dev14-3.6 is installed OR openstack-dashboard-12.0.4~dev1-3.8 is installed OR openstack-designate-5.0.2~dev5-3.5 is installed OR openstack-designate-agent-5.0.2~dev5-3.5 is installed OR openstack-designate-api-5.0.2~dev5-3.5 is installed OR openstack-designate-central-5.0.2~dev5-3.5 is installed OR openstack-designate-doc-5.0.2~dev5-3.5 is installed OR openstack-designate-producer-5.0.2~dev5-3.5 is installed OR openstack-designate-sink-5.0.2~dev5-3.5 is installed OR openstack-designate-worker-5.0.2~dev5-3.5 is installed OR openstack-glance-15.0.2~dev4-3.3 is installed OR openstack-glance-api-15.0.2~dev4-3.3 is installed OR openstack-glance-doc-15.0.2~dev4-3.3 is installed OR openstack-glance-registry-15.0.2~dev4-3.3 is installed OR openstack-heat-9.0.5~dev11-3.6 is installed OR openstack-heat-api-9.0.5~dev11-3.6 is installed OR openstack-heat-api-cfn-9.0.5~dev11-3.6 is installed OR openstack-heat-api-cloudwatch-9.0.5~dev11-3.6 is installed OR openstack-heat-doc-9.0.5~dev11-3.6 is installed OR openstack-heat-engine-9.0.5~dev11-3.6 is installed OR openstack-heat-plugin-heat_docker-9.0.5~dev11-3.6 is installed OR openstack-heat-templates-0.0.0+git.1525957319.6b5a7cd-3.3 is installed OR openstack-heat-test-9.0.5~dev11-3.6 is installed OR openstack-horizon-plugin-designate-ui-5.0.2~dev5-3.3 is installed OR openstack-horizon-plugin-freezer-ui-5.0.1~dev6-3.3 is installed OR openstack-horizon-plugin-gbp-ui-5.0.1~dev21-4.3 is installed OR openstack-horizon-plugin-manila-ui-2.10.3~dev4-4.5 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-3.0.3~dev2-3.5 is installed OR openstack-horizon-plugin-trove-ui-9.0.1~dev7-3.3 is installed OR openstack-ironic-9.1.5~dev7-3.6 is installed OR openstack-ironic-api-9.1.5~dev7-3.6 is installed OR openstack-ironic-conductor-9.1.5~dev7-3.6 is installed OR openstack-ironic-doc-9.1.5~dev7-3.6 is installed OR openstack-keystone-12.0.1~dev19-5.8 is installed OR openstack-keystone-doc-12.0.1~dev19-5.8 is installed OR openstack-manila-5.0.2~dev55-3.6 is installed OR openstack-manila-api-5.0.2~dev55-3.6 is installed OR openstack-manila-data-5.0.2~dev55-3.6 is installed OR openstack-manila-doc-5.0.2~dev55-3.6 is installed OR openstack-manila-scheduler-5.0.2~dev55-3.6 is installed OR openstack-manila-share-5.0.2~dev55-3.6 is installed OR openstack-neutron-11.0.6~dev63-3.6 is installed OR openstack-neutron-dhcp-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-doc-11.0.6~dev63-3.6 is installed OR openstack-neutron-fwaas-11.0.2~dev7-3.5 is installed OR openstack-neutron-fwaas-doc-11.0.2~dev7-3.5 is installed OR openstack-neutron-ha-tool-11.0.6~dev63-3.6 is installed OR openstack-neutron-l3-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-lbaas-11.0.4~dev4-3.3 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev4-3.3 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev4-3.3 is installed OR openstack-neutron-linuxbridge-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-macvtap-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-metadata-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-metering-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-openvswitch-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-server-11.0.6~dev63-3.6 is installed OR openstack-neutron-vpn-agent-11.0.1~dev1-3.3 is installed OR openstack-neutron-vpnaas-11.0.1~dev1-3.3 is installed OR openstack-neutron-vpnaas-doc-11.0.1~dev1-3.3 is installed OR openstack-neutron-vyatta-agent-11.0.1~dev1-3.3 is installed OR openstack-neutron-zvm-agent-8.0.1~dev12-4.3 is installed OR openstack-nova-16.1.5~dev49-3.8 is installed OR openstack-nova-api-16.1.5~dev49-3.8 is installed OR openstack-nova-cells-16.1.5~dev49-3.8 is installed OR openstack-nova-compute-16.1.5~dev49-3.8 is installed OR openstack-nova-conductor-16.1.5~dev49-3.8 is installed OR openstack-nova-console-16.1.5~dev49-3.8 is installed OR openstack-nova-consoleauth-16.1.5~dev49-3.8 is installed OR openstack-nova-doc-16.1.5~dev49-3.8 is installed OR openstack-nova-novncproxy-16.1.5~dev49-3.8 is installed OR openstack-nova-placement-api-16.1.5~dev49-3.8 is installed OR openstack-nova-scheduler-16.1.5~dev49-3.8 is installed OR openstack-nova-serialproxy-16.1.5~dev49-3.8 is installed OR openstack-nova-virt-zvm-8.0.1~dev56-3.3 is installed OR openstack-nova-vncproxy-16.1.5~dev49-3.8 is installed OR openstack-octavia-1.0.3~dev21-4.6 is installed OR openstack-octavia-amphora-agent-1.0.3~dev21-4.6 is installed OR openstack-octavia-api-1.0.3~dev21-4.6 is installed OR openstack-octavia-health-manager-1.0.3~dev21-4.6 is installed OR openstack-octavia-housekeeping-1.0.3~dev21-4.6 is installed OR openstack-octavia-worker-1.0.3~dev21-4.6 is installed OR openstack-trove-8.0.1~dev11-3.3 is installed OR openstack-trove-api-8.0.1~dev11-3.3 is installed OR openstack-trove-conductor-8.0.1~dev11-3.3 is installed OR openstack-trove-doc-8.0.1~dev11-3.3 is installed OR openstack-trove-guestagent-8.0.1~dev11-3.3 is installed OR openstack-trove-taskmanager-8.0.1~dev11-3.3 is installed OR python-aodh-5.1.1~dev5-3.5 is installed OR python-barbican-5.0.1~dev11-3.8 is installed OR python-barbicanclient-4.5.2-4.3 is installed OR python-barbicanclient-doc-4.5.2-4.3 is installed OR python-cinder-11.1.2~dev14-3.6 is installed OR python-designate-5.0.2~dev5-3.5 is installed OR python-glance-15.0.2~dev4-3.3 is installed OR python-heat-9.0.5~dev11-3.6 is installed OR python-horizon-12.0.4~dev1-3.8 is installed OR python-horizon-plugin-designate-ui-5.0.2~dev5-3.3 is installed OR python-horizon-plugin-freezer-ui-5.0.1~dev6-3.3 is installed OR python-horizon-plugin-gbp-ui-5.0.1~dev21-4.3 is installed OR python-horizon-plugin-manila-ui-2.10.3~dev4-4.5 is installed OR python-horizon-plugin-neutron-lbaas-ui-3.0.3~dev2-3.5 is installed OR python-horizon-plugin-trove-ui-9.0.1~dev7-3.3 is installed OR python-ironic-9.1.5~dev7-3.6 is installed OR python-keystone-12.0.1~dev19-5.8 is installed OR python-keystone-json-assignment-0.0.2-3.3 is installed OR python-manila-5.0.2~dev55-3.6 is installed OR python-manilaclient-1.17.3-3.3 is installed OR python-manilaclient-doc-1.17.3-3.3 is installed OR python-neutron-11.0.6~dev63-3.6 is installed OR python-neutron-fwaas-11.0.2~dev7-3.5 is installed OR python-neutron-lbaas-11.0.4~dev4-3.3 is installed OR python-neutron-vpnaas-11.0.1~dev1-3.3 is installed OR python-nova-16.1.5~dev49-3.8 is installed OR python-octavia-1.0.3~dev21-4.6 is installed OR python-trove-8.0.1~dev11-3.3 is installed OR python-vmware-nsx-11.0.3~dev16-3.3 is installed OR python-vmware-nsxlib-11.0.4~dev7-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-haml-4.0.6-3.3 is installed OR rubygem-haml-4.0.6-3.3 is installed

BACK