Oval Definition:oval:org.opensuse.security:def:55483
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

MozillaFirefox was updated to the 31.5.3ESR release to fix two security vulnerabilities:

MFSA 2015-29 / CVE-2015-0817: Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation (JIT) and its management of bounds checking for heap access. This flaw can be leveraged into the reading and writing of memory allowing for arbitary code execution on the local system.

MFSA 2015-28 / CVE-2015-0818: Security researcher Mariusz Mlynski reported, through HP Zero Day Initiative's Pwn2Own contest, a method to run arbitrary scripts in a privileged context. This bypassed the same-origin policy protections by using a flaw in the processing of SVG format content navigation.
Family:unixClass:patch
Status:Reference(s):1000394
1000399
1000434
1000436
1000686
1000688
1000689
1000690
1000691
1000692
1000693
1000694
1000695
1000696
1000697
1000698
1000699
1000700
1000701
1000702
1000703
1000704
1000706
1000707
1000708
1000709
1000711
1000712
1000713
1000714
1000715
1001066
1001221
1002206
1002209
1002421
1002422
1003629
1005123
1005125
1005127
1005328
1027575
1038564
1042892
1046191
1046856
1050751
1052916
1100078
1111331
1112209
1112758
1113029
1113534
1113652
1113660
1113742
1115375
1123371
1123377
1123378
1125721
1126455
1129622
1129962
1130675
1133375
1141780
1141782
1141783
1141784
1141785
1141786
1141787
1141789
794958
796306
847880
921999
923534
927806
927807
927808
929688
930077
930078
CVE-2012-1174
CVE-2012-5656
CVE-2012-6076
CVE-2013-4288
CVE-2014-0012
CVE-2014-9645
CVE-2014-9907
CVE-2015-0295
CVE-2015-0817
CVE-2015-0818
CVE-2015-1858
CVE-2015-1859
CVE-2015-1860
CVE-2015-4141
CVE-2015-4142
CVE-2015-8957
CVE-2015-8958
CVE-2015-8959
CVE-2016-6823
CVE-2016-7101
CVE-2016-7513
CVE-2016-7514
CVE-2016-7515
CVE-2016-7516
CVE-2016-7517
CVE-2016-7518
CVE-2016-7519
CVE-2016-7520
CVE-2016-7521
CVE-2016-7522
CVE-2016-7523
CVE-2016-7524
CVE-2016-7525
CVE-2016-7526
CVE-2016-7527
CVE-2016-7528
CVE-2016-7529
CVE-2016-7530
CVE-2016-7531
CVE-2016-7532
CVE-2016-7533
CVE-2016-7534
CVE-2016-7535
CVE-2016-7537
CVE-2016-7538
CVE-2016-7539
CVE-2016-7540
CVE-2016-7799
CVE-2016-7800
CVE-2016-7996
CVE-2016-7997
CVE-2016-8677
CVE-2016-8682
CVE-2016-8683
CVE-2016-8684
CVE-2017-1000083
CVE-2017-2636
CVE-2017-2885
CVE-2017-7533
CVE-2017-7645
CVE-2017-8890
CVE-2017-9242
CVE-2018-0734
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16839
CVE-2018-16840
CVE-2018-16842
CVE-2018-16890
CVE-2018-20815
CVE-2018-5407
CVE-2019-11091
CVE-2019-2745
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-2842
CVE-2019-3812
CVE-2019-3822
CVE-2019-3823
CVE-2019-7317
CVE-2019-8934
CVE-2019-9824
CVE-2019-9928
SUSE-SU-2015:0630-1
SUSE-SU-2015:1359-1
SUSE-SU-2015:2221-1
SUSE-SU-2016:2667-1
SUSE-SU-2017:1894-1
SUSE-SU-2017:2088-1
SUSE-SU-2017:2130-1
SUSE-SU-2018:3989-1
SUSE-SU-2019:0339-1
SUSE-SU-2019:1238-1
SUSE-SU-2019:1600-1
SUSE-SU-2019:2036-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • PackageKit-1.1.10-lp150.2 is installed
  • OR PackageKit-backend-zypp-1.1.10-lp150.2 is installed
  • OR PackageKit-gstreamer-plugin-1.1.10-lp150.2 is installed
  • OR PackageKit-gtk3-module-1.1.10-lp150.2 is installed
  • OR PackageKit-lang-1.1.10-lp150.2 is installed
  • OR libpackagekit-glib2-18-1.1.10-lp150.2 is installed
  • OR typelib-1_0-PackageKitGlib-1_0-1.1.10-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • update-test-32bit-pkg-5.1-lp151.12 is installed
  • OR update-test-affects-package-manager-5.1-lp151.12 is installed
  • OR update-test-broken-5.1-lp151.12 is installed
  • OR update-test-feature-5.1-lp151.12 is installed
  • OR update-test-interactive-5.1-lp151.12 is installed
  • OR update-test-optional-5.1-lp151.12 is installed
  • OR update-test-reboot-needed-5.1-lp151.12 is installed
  • OR update-test-relogin-suggested-5.1-lp151.12 is installed
  • OR update-test-security-5.1-lp151.12 is installed
  • OR update-test-trivial-5.1-lp151.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • inkscape-0.46-62.38 is installed
  • OR inkscape-extensions-dia-0.46-62.38 is installed
  • OR inkscape-extensions-extra-0.46-62.38 is installed
  • OR inkscape-extensions-fig-0.46-62.38 is installed
  • OR inkscape-extensions-gimp-0.46-62.38 is installed
  • OR inkscape-lang-0.46-62.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • wpa_supplicant-0.7.1-6.17 is installed
  • OR wpa_supplicant-gui-0.7.1-6.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • MozillaFirefox-31.5.3esr-27 is installed
  • OR MozillaFirefox-translations-31.5.3esr-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gstreamer-plugins-base-1.8.3-13.3 is installed
  • OR gstreamer-plugins-base-lang-1.8.3-13.3 is installed
  • OR libgstallocators-1_0-0-1.8.3-13.3 is installed
  • OR libgstapp-1_0-0-1.8.3-13.3 is installed
  • OR libgstapp-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstaudio-1_0-0-1.8.3-13.3 is installed
  • OR libgstaudio-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstfft-1_0-0-1.8.3-13.3 is installed
  • OR libgstfft-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstpbutils-1_0-0-1.8.3-13.3 is installed
  • OR libgstpbutils-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstriff-1_0-0-1.8.3-13.3 is installed
  • OR libgstrtp-1_0-0-1.8.3-13.3 is installed
  • OR libgstrtsp-1_0-0-1.8.3-13.3 is installed
  • OR libgstsdp-1_0-0-1.8.3-13.3 is installed
  • OR libgsttag-1_0-0-1.8.3-13.3 is installed
  • OR libgsttag-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstvideo-1_0-0-1.8.3-13.3 is installed
  • OR libgstvideo-1_0-0-32bit-1.8.3-13.3 is installed
  • OR typelib-1_0-GstAudio-1_0-1.8.3-13.3 is installed
  • OR typelib-1_0-GstPbutils-1_0-1.8.3-13.3 is installed
  • OR typelib-1_0-GstTag-1_0-1.8.3-13.3 is installed
  • OR typelib-1_0-GstVideo-1_0-1.8.3-13.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libopenssl-1_0_0-devel-1.0.2p-3.3 is installed
  • OR libopenssl1_0_0-1.0.2p-3.3 is installed
  • OR libopenssl1_0_0-32bit-1.0.2p-3.3 is installed
  • OR openssl-1_0_0-1.0.2p-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • evince-3.10.3-2.3 is installed
  • OR evince-lang-3.10.3-2.3 is installed
  • OR libevdocument3-4-3.10.3-2.3 is installed
  • OR libevview3-3-3.10.3-2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gdk-pixbuf-loader-rsvg-2.40.15-4 is installed
  • OR librsvg-2-2-2.40.15-4 is installed
  • OR librsvg-2-2-32bit-2.40.15-4 is installed
  • OR rsvg-view-2.40.15-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.191-27.29 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.191-27.29 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.191-27.29 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.191-27.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libvirt-2.0.0-27.54 is installed
  • OR libvirt-client-2.0.0-27.54 is installed
  • OR libvirt-daemon-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.54 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-xen-2.0.0-27.54 is installed
  • OR libvirt-doc-2.0.0-27.54 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.54 is installed
  • OR libvirt-nss-2.0.0-27.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • fetchmail-6.3.26-12 is installed
  • OR fetchmailconf-6.3.26-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libdcerpc-binding0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libdcerpc0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libdcerpc0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-krb5pac0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-krb5pac0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-nbt0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-nbt0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-standard0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-standard0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libnetapi0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libnetapi0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-credentials0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-credentials0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-errors0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-errors0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-hostconfig0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-hostconfig0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-passdb0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-passdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-util0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamdb0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbclient0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbconf0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbconf0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbldap0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbldap0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libtevent-util0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libtevent-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libwbclient0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libwbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-client-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-client-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-doc-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-libs-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-libs-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-winbind-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-winbind-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND python-Jinja2-2.7.3-15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND shadow-4.2.1-27.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
    • BACK