OVAL Reference oval:org.opensuse.security:def:53266

Oval Definition:

oval:org.opensuse.security:def:53266

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868). - CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868). - CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868). - CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868). - CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868). - CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868). - CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868). - CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868). - CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868). - CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868). mozilla-nss to version 3.44.1: Added IPSEC IKE support to softoken * Many new FIPS test cases
Family:	unix	Class:	patch
Status:		Reference(s):	1016503 1016504 1017081 1017084 1019611 1020427 1021741 1022103 1025109 1025311 1028184 1028656 1030624 1031142 1032075 1034866 1034908 1035406 1035950 1036211 1037242 1037334 1037336 1039495 1042159 1042800 1042801 1043073 1043296 1048715 1049255 1049621 1140868 1175070 1175071 1178074 937212 937492 958861 963041 982014 CVE-2006-7250 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-3245 CVE-2009-3555 CVE-2009-4355 CVE-2009-5146 CVE-2010-0405 CVE-2010-0740 CVE-2010-2939 CVE-2010-3864 CVE-2010-4180 CVE-2010-4252 CVE-2011-0014 CVE-2011-3210 CVE-2011-4108 CVE-2011-4109 CVE-2011-4354 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2011-5095 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-1174 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333 CVE-2012-3386 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-4288 CVE-2014-0004 CVE-2014-0076 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2014-9654 CVE-2015-0204 CVE-2015-0205 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3195 CVE-2015-3197 CVE-2015-3216 CVE-2015-4000 CVE-2015-8000 CVE-2016-0702 CVE-2016-0797 CVE-2016-0799 CVE-2016-0800 CVE-2016-10028 CVE-2016-10029 CVE-2016-10156 CVE-2016-2105 CVE-2016-2106 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-5104 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7056 CVE-2016-7795 CVE-2016-8610 CVE-2016-9602 CVE-2016-9603 CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11410 CVE-2017-11411 CVE-2017-15908 CVE-2017-18078 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-5225 CVE-2017-5579 CVE-2017-5973 CVE-2017-5987 CVE-2017-6318 CVE-2017-6505 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493 CVE-2017-7718 CVE-2017-7980 CVE-2017-8086 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9217 CVE-2017-9330 CVE-2017-9373 CVE-2017-9374 CVE-2017-9375 CVE-2017-9445 CVE-2017-9503 CVE-2018-1049 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-9811 CVE-2020-11993 CVE-2020-9490 SUSE-SU-2015:1410-1 SUSE-SU-2015:2341-1 SUSE-SU-2016:1639-1 SUSE-SU-2017:0453-1 SUSE-SU-2017:1774-1 SUSE-SU-2017:2033-1 SUSE-SU-2017:2035-1 SUSE-SU-2019:1869-1 SUSE-SU-2020:3067-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information bzip2-1.0.6-lp150.3 is installed OR libbz2-1-1.0.6-lp150.3 is installed OR libbz2-1-32bit-1.0.6-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information SDL2-2.0.8-lp151.4.3 is installed OR libSDL2-2_0-0-2.0.8-lp151.4.3 is installed OR libSDL2-2_0-0-32bit-2.0.8-lp151.4.3 is installed OR libSDL2-devel-2.0.8-lp151.4.3 is installed OR libSDL2-devel-32bit-2.0.8-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information inkscape-0.46-62.38 is installed OR inkscape-extensions-dia-0.46-62.38 is installed OR inkscape-extensions-extra-0.46-62.38 is installed OR inkscape-extensions-fig-0.46-62.38 is installed OR inkscape-extensions-gimp-0.46-62.38 is installed OR inkscape-lang-0.46-62.38 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.481-0.8 is installed OR flash-player-gnome-11.2.202.481-0.8 is installed OR flash-player-kde4-11.2.202.481-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gnutls-2.4.1-24.39.57 is installed OR libgnutls26-2.4.1-24.39.57 is installed OR libgnutls26-32bit-2.4.1-24.39.57 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information bind-9.9.6P1-28.6 is installed OR bind-libs-9.9.6P1-28.6 is installed OR bind-libs-32bit-9.9.6P1-28.6 is installed OR bind-utils-9.9.6P1-28.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libtiff5-4.0.7-40 is installed OR libtiff5-32bit-4.0.7-40 is installed OR tiff-4.0.7-40 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libudisks2-0-2.1.3-1 is installed OR udisks2-2.1.3-1 is installed OR udisks2-lang-2.1.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information bzip2-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libsystemd0-228-150.49 is installed OR libsystemd0-32bit-228-150.49 is installed OR libudev1-228-150.49 is installed OR libudev1-32bit-228-150.49 is installed OR systemd-228-150.49 is installed OR systemd-32bit-228-150.49 is installed OR systemd-bash-completion-228-150.49 is installed OR systemd-sysvinit-228-150.49 is installed OR udev-228-150.49 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information libfreebl3-hmac-3.44.1-3.16 is installed OR libsoftokn3-hmac-3.44.1-3.16 is installed OR mozilla-nss-3.44.1-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libvirt-1.2.18.4-22.3 is installed OR libvirt-client-1.2.18.4-22.3 is installed OR libvirt-daemon-1.2.18.4-22.3 is installed OR libvirt-daemon-config-network-1.2.18.4-22.3 is installed OR libvirt-daemon-config-nwfilter-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-interface-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-libxl-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-lxc-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-network-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-nodedev-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-nwfilter-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-qemu-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-secret-1.2.18.4-22.3 is installed OR libvirt-daemon-driver-storage-1.2.18.4-22.3 is installed OR libvirt-daemon-lxc-1.2.18.4-22.3 is installed OR libvirt-daemon-qemu-1.2.18.4-22.3 is installed OR libvirt-daemon-xen-1.2.18.4-22.3 is installed OR libvirt-doc-1.2.18.4-22.3 is installed OR libvirt-lock-sanlock-1.2.18.4-22.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libgnomesu-2.0.0-353.6 is installed OR libgnomesu-lang-2.0.0-353.6 is installed OR libgnomesu0-2.0.0-353.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_92-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_24-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-12-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information emacs-24.3-19 is installed OR emacs-el-24.3-19 is installed OR emacs-info-24.3-19 is installed OR emacs-nox-24.3-19 is installed OR emacs-x11-24.3-19 is installed OR etags-24.3-19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libblkid1-2.29.2-3.12 is installed OR libblkid1-32bit-2.29.2-3.12 is installed OR libfdisk1-2.29.2-3.12 is installed OR libmount1-2.29.2-3.12 is installed OR libmount1-32bit-2.29.2-3.12 is installed OR libsmartcols1-2.29.2-3.12 is installed OR libuuid1-2.29.2-3.12 is installed OR libuuid1-32bit-2.29.2-3.12 is installed OR python-libmount-2.29.2-3.12 is installed OR util-linux-2.29.2-3.12 is installed OR util-linux-lang-2.29.2-3.12 is installed OR util-linux-systemd-2.29.2-3.12 is installed OR uuidd-2.29.2-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-1.7.5-20.17 is installed OR cups-client-1.7.5-20.17 is installed OR cups-libs-1.7.5-20.17 is installed OR cups-libs-32bit-1.7.5-20.17 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information openstack-neutron-7.0.4~a0~dev18-1 is installed OR openstack-neutron-dhcp-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-ha-tool-7.0.4~a0~dev18-1 is installed OR openstack-neutron-l3-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-linuxbridge-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-metadata-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-metering-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-mlnx-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-nvsd-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-openvswitch-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-plugin-cisco-7.0.2~a0~dev63-1 is installed OR openstack-neutron-restproxy-agent-7.0.4~a0~dev18-1 is installed OR openstack-neutron-server-7.0.4~a0~dev18-1 is installed OR python-neutron-7.0.4~a0~dev18-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openstack-dashboard-10.0.6~dev4-4.15 is installed OR openstack-heat-7.0.7~dev10-5.12 is installed OR openstack-heat-api-7.0.7~dev10-5.12 is installed OR openstack-heat-api-cfn-7.0.7~dev10-5.12 is installed OR openstack-heat-api-cloudwatch-7.0.7~dev10-5.12 is installed OR openstack-heat-doc-7.0.7~dev10-5.12 is installed OR openstack-heat-engine-7.0.7~dev10-5.12 is installed OR openstack-heat-plugin-heat_docker-7.0.7~dev10-5.12 is installed OR openstack-heat-test-7.0.7~dev10-5.12 is installed OR openstack-horizon-plugin-designate-ui-3.0.2~dev1-3.6 is installed OR openstack-keystone-10.0.3~dev9-7.12 is installed OR openstack-keystone-doc-10.0.3~dev9-7.12 is installed OR openstack-nova-14.0.11~dev13-4.25 is installed OR openstack-nova-api-14.0.11~dev13-4.25 is installed OR openstack-nova-cells-14.0.11~dev13-4.25 is installed OR openstack-nova-cert-14.0.11~dev13-4.25 is installed OR openstack-nova-compute-14.0.11~dev13-4.25 is installed OR openstack-nova-conductor-14.0.11~dev13-4.25 is installed OR openstack-nova-console-14.0.11~dev13-4.25 is installed OR openstack-nova-consoleauth-14.0.11~dev13-4.25 is installed OR openstack-nova-doc-14.0.11~dev13-4.25 is installed OR openstack-nova-novncproxy-14.0.11~dev13-4.25 is installed OR openstack-nova-placement-api-14.0.11~dev13-4.25 is installed OR openstack-nova-scheduler-14.0.11~dev13-4.25 is installed OR openstack-nova-serialproxy-14.0.11~dev13-4.25 is installed OR openstack-nova-vncproxy-14.0.11~dev13-4.25 is installed OR python-heat-7.0.7~dev10-5.12 is installed OR python-horizon-10.0.6~dev4-4.15 is installed OR python-horizon-plugin-designate-ui-3.0.2~dev1-3.6 is installed OR python-keystone-10.0.3~dev9-7.12 is installed OR python-nova-14.0.11~dev13-4.25 is installed OR python-os-vif-1.2.1-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.14 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed

BACK