OVAL Reference oval:org.opensuse.security:def:53829

Oval Definition:

oval:org.opensuse.security:def:53829

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaThunderbird (Important)
Description:	This update for MozillaThunderbird version 60.8 fixes the following issues: Security issues fixed: - CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868). - CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868). - CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868). - CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868). - CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868). - CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868). - CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868). - CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868). - CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868). - CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868). Non-security issued fixed: - Calendar: Problems when editing event times, some related to AM/PM setting in non-English locales
Family:	unix	Class:	patch
Status:		Reference(s):	1008029 1010845 1014172 1030050 1035283 1035371 1040107 1040114 1042948 1049373 1051412 1052252 1052522 1052771 1058082 1062631 1072902 1074122 1074171 1074425 1074610 1075737 1075738 1075739 1075748 1115750 1140868 1146025 1157627 1165849 1172053 1172189 1172795 1172796 914660 928131 943380 946148 952539 956631 986247 CVE-2009-2285 CVE-2009-2347 CVE-2010-2065 CVE-2010-2067 CVE-2010-2233 CVE-2010-4665 CVE-2011-0020 CVE-2011-0064 CVE-2011-0192 CVE-2011-1167 CVE-2012-1173 CVE-2012-2113 CVE-2012-3355 CVE-2012-3401 CVE-2012-4564 CVE-2013-1960 CVE-2013-1961 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9645 CVE-2014-9655 CVE-2015-1547 CVE-2015-7554 CVE-2015-8370 CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2016-10095 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-10371 CVE-2016-3186 CVE-2016-3622 CVE-2016-3623 CVE-2016-3632 CVE-2016-3658 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5314 CVE-2016-5316 CVE-2016-5317 CVE-2016-5318 CVE-2016-5319 CVE-2016-5320 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5773 CVE-2016-5875 CVE-2016-7945 CVE-2016-7946 CVE-2016-8331 CVE-2016-9042 CVE-2016-9137 CVE-2016-9273 CVE-2016-9297 CVE-2016-9401 CVE-2016-9448 CVE-2016-9453 CVE-2016-9538 CVE-2017-1000445 CVE-2017-1000476 CVE-2017-10971 CVE-2017-10972 CVE-2017-11449 CVE-2017-11613 CVE-2017-11751 CVE-2017-12430 CVE-2017-12596 CVE-2017-12642 CVE-2017-14249 CVE-2017-16232 CVE-2017-17680 CVE-2017-17882 CVE-2017-17935 CVE-2017-17942 CVE-2017-17973 CVE-2017-18013 CVE-2017-5225 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 CVE-2017-9110 CVE-2017-9114 CVE-2017-9403 CVE-2017-9404 CVE-2017-9409 CVE-2017-9935 CVE-2017-9936 CVE-2018-10779 CVE-2018-10963 CVE-2018-16335 CVE-2018-17100 CVE-2018-17101 CVE-2018-17795 CVE-2018-4700 CVE-2018-5334 CVE-2018-5335 CVE-2018-5336 CVE-2018-5784 CVE-2018-7456 CVE-2018-8905 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-9811 CVE-2020-12802 CVE-2020-12803 SUSE-SU-2015:1445-1 SUSE-SU-2015:2399-1 SUSE-SU-2016:2975-1 SUSE-SU-2017:1048-1 SUSE-SU-2017:1317-1 SUSE-SU-2017:1860-1 SUSE-SU-2018:0055-1 SUSE-SU-2018:0191-1 SUSE-SU-2018:0585-1 SUSE-SU-2018:4089-1 SUSE-SU-2019:1960-1 SUSE-SU-2020:2235-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information MozillaFirefox-60.0-lp150.2 is installed OR MozillaFirefox-translations-common-60.0-lp150.2 is installed OR MozillaFirefox-translations-other-60.0-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND osc-0.165.4-lp151.2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information Mesa-7.11.2-0.9 is installed OR Mesa-32bit-7.11.2-0.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information krb5-1.6.3-133.49.66 is installed OR krb5-32bit-1.6.3-133.49.66 is installed OR krb5-client-1.6.3-133.49.66 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.41 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.41 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information grub2-2.02~beta2-56.9 is installed OR grub2-i386-pc-2.02~beta2-56.9 is installed OR grub2-snapper-plugin-2.02~beta2-56.9 is installed OR grub2-x86_64-efi-2.02~beta2-56.9 is installed OR grub2-x86_64-xen-2.02~beta2-56.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information imap-2007e_suse-22 is installed OR libc-client2007e_suse-2007e_suse-22 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xorg-x11-server-7.6_1.18.3-74 is installed OR xorg-x11-server-extra-7.6_1.18.3-74 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libwireshark8-2.2.12-48.18 is installed OR libwiretap6-2.2.12-48.18 is installed OR libwscodecs1-2.2.12-48.18 is installed OR libwsutil7-2.2.12-48.18 is installed OR wireshark-2.2.12-48.18 is installed OR wireshark-gtk-2.2.12-48.18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libXi6-1.7.4-17 is installed OR libXi6-32bit-1.7.4-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bind-9.9.6P1-30 is installed OR bind-chrootenv-9.9.6P1-30 is installed OR bind-doc-9.9.6P1-30 is installed OR bind-libs-9.9.6P1-30 is installed OR bind-libs-32bit-9.9.6P1-30 is installed OR bind-utils-9.9.6P1-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libspice-server1-0.12.5-10 is installed OR spice-0.12.5-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libjasper1-1.900.1-170 is installed OR libjasper1-32bit-1.900.1-170 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND sudo-1.8.10p3-10.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_05-43.42 is installed OR xen-doc-html-4.7.6_05-43.42 is installed OR xen-libs-4.7.6_05-43.42 is installed OR xen-libs-32bit-4.7.6_05-43.42 is installed OR xen-tools-4.7.6_05-43.42 is installed OR xen-tools-domU-4.7.6_05-43.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ctags-5.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libmysqlclient18-10.0.40.2-29.35 is installed OR libmysqlclient18-32bit-10.0.40.2-29.35 is installed OR mariadb-10.0.40.2-29.35 is installed OR mariadb-client-10.0.40.2-29.35 is installed OR mariadb-errormessages-10.0.40.2-29.35 is installed OR mariadb-tools-10.0.40.2-29.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython3_4m1_0-3.4.6-25.16 is installed OR python3-3.4.6-25.16 is installed OR python3-base-3.4.6-25.16 is installed OR python3-curses-3.4.6-25.16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.8.0-3.46 is installed OR MozillaThunderbird-translations-common-60.8.0-3.46 is installed OR MozillaThunderbird-translations-other-60.8.0-3.46 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libreoffice-6.4.5.2-13.3 is installed OR libreoffice-base-6.4.5.2-13.3 is installed OR libreoffice-base-drivers-postgresql-6.4.5.2-13.3 is installed OR libreoffice-branding-upstream-6.4.5.2-13.3 is installed OR libreoffice-calc-6.4.5.2-13.3 is installed OR libreoffice-calc-extensions-6.4.5.2-13.3 is installed OR libreoffice-draw-6.4.5.2-13.3 is installed OR libreoffice-filters-optional-6.4.5.2-13.3 is installed OR libreoffice-gnome-6.4.5.2-13.3 is installed OR libreoffice-gtk3-6.4.5.2-13.3 is installed OR libreoffice-icon-themes-6.4.5.2-13.3 is installed OR libreoffice-impress-6.4.5.2-13.3 is installed OR libreoffice-l10n-af-6.4.5.2-13.3 is installed OR libreoffice-l10n-ar-6.4.5.2-13.3 is installed OR libreoffice-l10n-as-6.4.5.2-13.3 is installed OR libreoffice-l10n-bg-6.4.5.2-13.3 is installed OR libreoffice-l10n-bn-6.4.5.2-13.3 is installed OR libreoffice-l10n-br-6.4.5.2-13.3 is installed OR libreoffice-l10n-ca-6.4.5.2-13.3 is installed OR libreoffice-l10n-cs-6.4.5.2-13.3 is installed OR libreoffice-l10n-cy-6.4.5.2-13.3 is installed OR libreoffice-l10n-da-6.4.5.2-13.3 is installed OR libreoffice-l10n-de-6.4.5.2-13.3 is installed OR libreoffice-l10n-dz-6.4.5.2-13.3 is installed OR libreoffice-l10n-el-6.4.5.2-13.3 is installed OR libreoffice-l10n-en-6.4.5.2-13.3 is installed OR libreoffice-l10n-eo-6.4.5.2-13.3 is installed OR libreoffice-l10n-es-6.4.5.2-13.3 is installed OR libreoffice-l10n-et-6.4.5.2-13.3 is installed OR libreoffice-l10n-eu-6.4.5.2-13.3 is installed OR libreoffice-l10n-fa-6.4.5.2-13.3 is installed OR libreoffice-l10n-fi-6.4.5.2-13.3 is installed OR libreoffice-l10n-fr-6.4.5.2-13.3 is installed OR libreoffice-l10n-ga-6.4.5.2-13.3 is installed OR libreoffice-l10n-gl-6.4.5.2-13.3 is installed OR libreoffice-l10n-gu-6.4.5.2-13.3 is installed OR libreoffice-l10n-he-6.4.5.2-13.3 is installed OR libreoffice-l10n-hi-6.4.5.2-13.3 is installed OR libreoffice-l10n-hr-6.4.5.2-13.3 is installed OR libreoffice-l10n-hu-6.4.5.2-13.3 is installed OR libreoffice-l10n-it-6.4.5.2-13.3 is installed OR libreoffice-l10n-ja-6.4.5.2-13.3 is installed OR libreoffice-l10n-kk-6.4.5.2-13.3 is installed OR libreoffice-l10n-kn-6.4.5.2-13.3 is installed OR libreoffice-l10n-ko-6.4.5.2-13.3 is installed OR libreoffice-l10n-lt-6.4.5.2-13.3 is installed OR libreoffice-l10n-lv-6.4.5.2-13.3 is installed OR libreoffice-l10n-mai-6.4.5.2-13.3 is installed OR libreoffice-l10n-ml-6.4.5.2-13.3 is installed OR libreoffice-l10n-mr-6.4.5.2-13.3 is installed OR libreoffice-l10n-nb-6.4.5.2-13.3 is installed OR libreoffice-l10n-nl-6.4.5.2-13.3 is installed OR libreoffice-l10n-nn-6.4.5.2-13.3 is installed OR libreoffice-l10n-nr-6.4.5.2-13.3 is installed OR libreoffice-l10n-nso-6.4.5.2-13.3 is installed OR libreoffice-l10n-or-6.4.5.2-13.3 is installed OR libreoffice-l10n-pa-6.4.5.2-13.3 is installed OR libreoffice-l10n-pl-6.4.5.2-13.3 is installed OR libreoffice-l10n-pt_BR-6.4.5.2-13.3 is installed OR libreoffice-l10n-pt_PT-6.4.5.2-13.3 is installed OR libreoffice-l10n-ro-6.4.5.2-13.3 is installed OR libreoffice-l10n-ru-6.4.5.2-13.3 is installed OR libreoffice-l10n-si-6.4.5.2-13.3 is installed OR libreoffice-l10n-sk-6.4.5.2-13.3 is installed OR libreoffice-l10n-sl-6.4.5.2-13.3 is installed OR libreoffice-l10n-sr-6.4.5.2-13.3 is installed OR libreoffice-l10n-ss-6.4.5.2-13.3 is installed OR libreoffice-l10n-st-6.4.5.2-13.3 is installed OR libreoffice-l10n-sv-6.4.5.2-13.3 is installed OR libreoffice-l10n-ta-6.4.5.2-13.3 is installed OR libreoffice-l10n-te-6.4.5.2-13.3 is installed OR libreoffice-l10n-th-6.4.5.2-13.3 is installed OR libreoffice-l10n-tn-6.4.5.2-13.3 is installed OR libreoffice-l10n-tr-6.4.5.2-13.3 is installed OR libreoffice-l10n-ts-6.4.5.2-13.3 is installed OR libreoffice-l10n-uk-6.4.5.2-13.3 is installed OR libreoffice-l10n-ve-6.4.5.2-13.3 is installed OR libreoffice-l10n-xh-6.4.5.2-13.3 is installed OR libreoffice-l10n-zh_CN-6.4.5.2-13.3 is installed OR libreoffice-l10n-zh_TW-6.4.5.2-13.3 is installed OR libreoffice-l10n-zu-6.4.5.2-13.3 is installed OR libreoffice-mailmerge-6.4.5.2-13.3 is installed OR libreoffice-math-6.4.5.2-13.3 is installed OR libreoffice-officebean-6.4.5.2-13.3 is installed OR libreoffice-pyuno-6.4.5.2-13.3 is installed OR libreoffice-writer-6.4.5.2-13.3 is installed OR libreoffice-writer-extensions-6.4.5.2-13.3 is installed OR libreofficekit-6.4.5.2-13.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information ruby2.1-rubygem-chef-10.32.2-3 is installed OR ruby2.1-rubygem-chef-expander-10.32.2-1 is installed OR ruby2.1-rubygem-chef-server-10.32.2-1 is installed OR ruby2.1-rubygem-chef-server-api-10.32.2-4 is installed OR ruby2.1-rubygem-chef-solr-10.32.2-1 is installed OR rubygem-chef-10.32.2-3 is installed OR rubygem-chef-expander-10.32.2-1 is installed OR rubygem-chef-server-api-10.32.2-4 is installed OR rubygem-chef-solr-10.32.2-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed

BACK