Oval Definition:	oval:org.opensuse.security:def:55525
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update fixes the following security issues in MozillaFirefox: - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 (bmo#1109889, bmo#1111737, bmo#1026774, bmo#1027300, bmo#1054538, bmo#1067473, bmo#1070962, bmo#1072130, bmo#1072871, bmo#1098583) Miscellaneous memory safety hazards (rv:35.0 / rv:31.4) - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC Also Mozilla NSS was updated to 3.17.3 to fix: * The QuickDER decoder now decodes lengths robustly (bmo#1064670/CVE-2014-1569) * Support for TLS_FALLBACK_SCSV has been added to the ssltap and tstclnt utilities * Changes in CA certificates Family: unix Class: patch Status: Reference(s): 1015187 1035283 1035829 1041830 1043484 1043607 1045060 1045062 1045065 1045327 1048576 1054429 1057950 1076958 1120498 1120499 1120500 1120515 1120516 1120517 1123361 1123522 1159105 855980 856382 856496 856498 859835 880984 886785 898159 907973 908950 909563 910647 910669 912183 914818 916543 919959 920016 922071 924722 926159 928390 929092 929871 930813 932285 932350 934430 934942 934962 936556 936773 936923 937609 937612 937613 937616 938550 938706 938891 938892 938893 939145 939266 939716 939834 939994 940398 940545 940679 940776 940912 940925 940965 941098 941305 941908 941951 942160 942204 942307 942367 947780 948536 961305 CVE-2012-4425 CVE-2013-7112 CVE-2013-7113 CVE-2013-7114 CVE-2014-1569 CVE-2014-1624 CVE-2014-7300 CVE-2014-8634 CVE-2014-8635 CVE-2014-8638 CVE-2014-8639 CVE-2014-8641 CVE-2015-5156 CVE-2015-5157 CVE-2015-5283 CVE-2015-5697 CVE-2015-6252 CVE-2015-6937 CVE-2015-7613 CVE-2015-8605 CVE-2016-9933 CVE-2017-1000251 CVE-2017-10971 CVE-2017-10972 CVE-2017-15107 CVE-2017-15274 CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2017-9788 CVE-2018-20363 CVE-2018-20364 CVE-2018-20365 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819 CVE-2019-6977 CVE-2019-6978 SUSE-SU-2015:1727-1 SUSE-SU-2016:0481-1 SUSE-SU-2016:3211-1 SUSE-SU-2017:1859-1 SUSE-SU-2017:2449-1 SUSE-SU-2017:2786-1 SUSE-SU-2017:2788-1 SUSE-SU-2019:0127-1 SUSE-SU-2019:0747-1 SUSE-SU-2019:1721-1 SUSE-SU-2019:2719-1 SUSE-SU-2020:0102-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information NetworkManager-1.10.6-lp150.3 is installed OR NetworkManager-lang-1.10.6-lp150.3 is installed OR libnm-glib-vpn1-1.10.6-lp150.3 is installed OR libnm-glib4-1.10.6-lp150.3 is installed OR libnm-util2-1.10.6-lp150.3 is installed OR libnm0-1.10.6-lp150.3 is installed OR typelib-1_0-NM-1_0-1.10.6-lp150.3 is installed OR typelib-1_0-NMClient-1_0-1.10.6-lp150.3 is installed OR typelib-1_0-NetworkManager-1_0-1.10.6-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gnome-shell-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-browser-plugin-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-devel-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp151.7.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND wireshark-1.8.12-0.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information dhcp-4.2.4.P2-0.24 is installed OR dhcp-client-4.2.4.P2-0.24 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-31.4.0esr-20 is installed OR MozillaFirefox-translations-31.4.0esr-20 is installed OR libfreebl3-3.17.3-16 is installed OR libfreebl3-32bit-3.17.3-16 is installed OR libsoftokn3-3.17.3-16 is installed OR libsoftokn3-32bit-3.17.3-16 is installed OR mozilla-nss-3.17.3-16 is installed OR mozilla-nss-32bit-3.17.3-16 is installed OR mozilla-nss-certs-3.17.3-16 is installed OR mozilla-nss-certs-32bit-3.17.3-16 is installed OR mozilla-nss-tools-3.17.3-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gd-2.1.0-24.12 is installed OR gd-32bit-2.1.0-24.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libraw-0.15.4-30 is installed OR libraw9-0.15.4-30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gnome-settings-daemon-3.10.2-20 is installed OR gnome-settings-daemon-lang-3.10.2-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information apache2-2.4.16-20.10 is installed OR apache2-doc-2.4.16-20.10 is installed OR apache2-example-pages-2.4.16-20.10 is installed OR apache2-prefork-2.4.16-20.10 is installed OR apache2-utils-2.4.16-20.10 is installed OR apache2-worker-2.4.16-20.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libX11-6-1.6.2-4 is installed OR libX11-6-32bit-1.6.2-4 is installed OR libX11-data-1.6.2-4 is installed OR libX11-xcb1-1.6.2-4 is installed OR libX11-xcb1-32bit-1.6.2-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-68.9.0-109.123 is installed OR MozillaFirefox-devel-68.9.0-109.123 is installed OR MozillaFirefox-translations-common-68.9.0-109.123 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.5-37 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.5-37 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.5-37 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.5-37 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libspice-server1-0.12.8-6 is installed OR spice-0.12.8-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information xorg-x11-server-7.6_1.15.2-53.3 is installed OR xorg-x11-server-extra-7.6_1.15.2-53.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND squid-3.5.21-26.23 is installed
BACK