Oval Definition:	oval:org.opensuse.security:def:53784
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaThunderbird (Important) Description: This update for MozillaThunderbird version 60.8 fixes the following issues: Security issues fixed: - CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868). - CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868). - CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868). - CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868). - CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868). - CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868). - CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868). - CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868). - CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868). - CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868). Non-security issued fixed: - Calendar: Problems when editing event times, some related to AM/PM setting in non-English locales Family: unix Class: patch Status: Reference(s): 1000677 1001912 1004499 1005878 1011920 1012215 1012382 1012422 1012651 1014298 1014300 1016340 1019334 1020645 1021641 1022085 1022271 1025950 1025951 1031392 1035053 1042422 1043591 1048129 1050431 1050549 1053043 1054239 1055825 1056058 1057199 1065363 1065600 1065726 1066242 1067906 1070724 1073579 1076393 1078788 1079524 1082519 1083215 1083527 1084760 1089343 1091158 1093118 1094244 1094825 1095805 1096052 1098050 1098996 1099597 1101555 1103308 1103405 1104124 1105025 1105428 1105795 1105931 1106105 1106110 1106240 1106293 1106359 1106434 1106594 1106913 1106929 1107060 1107299 1107318 1107535 1107829 1107870 1108315 1108377 1108498 1109158 1109333 1109772 1109784 1109806 1109818 1109907 1109919 1109923 1110006 1110363 1110468 1110600 1110601 1110602 1110603 1110604 1110605 1110606 1110611 1110612 1110613 1110614 1110615 1110616 1110618 1110619 1110687 1111363 1111516 1111870 1112007 1112262 1112263 1112894 1112902 1112903 1112905 1113667 1113751 1113769 1114178 1114229 1114648 1140868 1171496 1171497 1171498 1171499 934088 974092 981083 991344 997172 999701 CVE-2004-2771 CVE-2006-7250 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-5298 CVE-2011-0014 CVE-2011-0465 CVE-2011-2709 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2686 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-7844 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3096 CVE-2015-3098 CVE-2015-3099 CVE-2015-3100 CVE-2015-3102 CVE-2015-3103 CVE-2015-3104 CVE-2015-3105 CVE-2015-3106 CVE-2015-3107 CVE-2015-3108 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-3216 CVE-2015-4000 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-10013 CVE-2016-10024 CVE-2016-10025 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-5250 CVE-2016-5257 CVE-2016-5261 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7052 CVE-2016-7055 CVE-2016-7056 CVE-2016-8610 CVE-2016-9811 CVE-2016-9932 CVE-2017-15108 CVE-2017-3731 CVE-2017-3731 CVE-2017-3732 CVE-2017-3735 CVE-2017-3735 CVE-2017-3736 CVE-2017-3736 CVE-2017-3737 CVE-2017-3738 CVE-2017-5837 CVE-2017-5844 CVE-2018-0732 CVE-2018-0737 CVE-2018-0739 CVE-2018-14633 CVE-2018-17828 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-9516 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-9811 CVE-2020-11863 CVE-2020-11864 CVE-2020-11865 CVE-2020-11866 SUSE-SU-2015:1043-1 SUSE-SU-2016:2434-1 SUSE-SU-2016:3208-1 SUSE-SU-2017:0461-1 SUSE-SU-2017:0695-1 SUSE-SU-2017:3169-1 SUSE-SU-2018:0372-1 SUSE-SU-2018:3379-1 SUSE-SU-2018:3689-1 SUSE-SU-2019:1960-1 SUSE-SU-2020:1621-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information NetworkManager-applet-1.8.10-lp150.3 is installed OR NetworkManager-applet-lang-1.8.10-lp150.3 is installed OR NetworkManager-connection-editor-1.8.10-lp150.3 is installed OR libnm-gtk0-1.8.10-lp150.3 is installed OR libnma0-1.8.10-lp150.3 is installed OR nma-data-1.8.10-lp150.3 is installed OR typelib-1_0-NMGtk-1_0-1.8.10-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.90-2 is installed OR chromium-75.0.3770.90-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information flash-player-11.2.202.336-0.3 is installed OR flash-player-gnome-11.2.202.336-0.3 is installed OR flash-player-kde4-11.2.202.336-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.535-0.20 is installed OR flash-player-gnome-11.2.202.535-0.20 is installed OR flash-player-kde4-11.2.202.535-0.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gtk2-2.18.9-0.35 is installed OR gtk2-32bit-2.18.9-0.35 is installed OR gtk2-lang-2.18.9-0.35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.466-86 is installed OR flash-player-gnome-11.2.202.466-86 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xen-4.7.1_04-28 is installed OR xen-libs-4.7.1_04-28 is installed OR xen-libs-32bit-4.7.1_04-28 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libopenssl-devel-1.0.2j-60.16 is installed OR libopenssl1_0_0-1.0.2j-60.16 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.16 is installed OR openssl-1.0.2j-60.16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gstreamer-0_10-plugins-base-0.10.36-17 is installed OR gstreamer-0_10-plugins-base-32bit-0.10.36-17 is installed OR gstreamer-0_10-plugins-base-lang-0.10.36-17 is installed OR libgstapp-0_10-0-0.10.36-17 is installed OR libgstapp-0_10-0-32bit-0.10.36-17 is installed OR libgstinterfaces-0_10-0-0.10.36-17 is installed OR libgstinterfaces-0_10-0-32bit-0.10.36-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed OR MozillaFirefox-translations-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXRes1-1.0.7-3 is installed OR libXRes1-32bit-1.0.7-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libsqlite3-0-3.8.10.2-9.9 is installed OR libsqlite3-0-32bit-3.8.10.2-9.9 is installed OR sqlite3-3.8.10.2-9.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND perl-Archive-Zip-1.34-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information g3utils-1.1.36-58.3 is installed OR mgetty-1.1.36-58.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information MozillaThunderbird-60.8.0-3.46 is installed OR MozillaThunderbird-translations-common-60.8.0-3.46 is installed OR MozillaThunderbird-translations-other-60.8.0-3.46 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information libEMF-1.0.7-3.3 is installed OR libEMF1-1.0.7-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information xen-4.5.5_20-22.36 is installed OR xen-doc-html-4.5.5_20-22.36 is installed OR xen-kmp-default-4.5.5_20_k3.12.74_60.64.63-22.36 is installed OR xen-libs-4.5.5_20-22.36 is installed OR xen-libs-32bit-4.5.5_20-22.36 is installed OR xen-tools-4.5.5_20-22.36 is installed OR xen-tools-domU-4.5.5_20-22.36 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND python-cryptography-2.1.4-3.15 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND nodejs6-6.14.3-11.15 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-SQLAlchemy-1.2.10-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-sprockets-2_12-2.12.5-1.4 is installed OR rubygem-sprockets-2_12-2.12.5-1.4 is installed
BACK