Oval Definition:oval:org.opensuse.security:def:55668
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss (Important)
Description:



This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: (bsc#963520)

Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2.

The following vulnerabilities were fixed:

- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635) - CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)

The following improvements were added:

- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites - Tracking protection is now enabled by default - bsc#964332: Fixed leaking file descriptors inside FIPS selfcheck code
Family:unixClass:patch
Status:Reference(s):1005591
1035905
1038564
1042892
1052311
1052368
1083125
1085447
1090368
1090646
1103367
1120946
1128935
1128937
1130746
1133100
1155199
808243
923281
926826
934119
947337
950998
951844
952099
952474
953048
954447
954847
956491
957812
957990
958861
962742
963520
963632
963635
963655
963731
963762
964332
965087
966245
968667
970114
970506
971770
972933
973378
973499
974165
974308
974620
975531
975533
975772
975788
977417
978401
978469
978822
979074
979213
979419
979485
979489
979521
979548
979681
979867
979879
979922
980348
980363
980371
980856
980883
981038
981143
981344
981597
982282
982354
982544
982698
983143
983213
983318
983721
983904
983977
984148
984456
984755
984764
985232
985978
986362
986365
986569
986572
986573
986811
988215
988498
988552
990058
CVE-2009-1892
CVE-2010-2156
CVE-2010-3611
CVE-2010-3616
CVE-2010-4651
CVE-2011-0413
CVE-2011-0997
CVE-2011-2748
CVE-2011-2749
CVE-2011-4539
CVE-2011-4868
CVE-2012-3570
CVE-2012-3571
CVE-2012-3954
CVE-2012-3955
CVE-2013-0787
CVE-2013-2266
CVE-2014-9904
CVE-2015-1196
CVE-2015-1395
CVE-2015-1396
CVE-2015-3195
CVE-2015-7577
CVE-2015-7833
CVE-2015-7995
CVE-2015-8000
CVE-2015-8551
CVE-2015-8552
CVE-2015-8845
CVE-2015-9019
CVE-2016-0753
CVE-2016-0758
CVE-2016-1583
CVE-2016-1930
CVE-2016-1935
CVE-2016-1938
CVE-2016-2053
CVE-2016-3672
CVE-2016-4470
CVE-2016-4482
CVE-2016-4486
CVE-2016-4565
CVE-2016-4569
CVE-2016-4578
CVE-2016-4738
CVE-2016-4805
CVE-2016-4997
CVE-2016-5244
CVE-2016-5828
CVE-2016-5829
CVE-2017-1000112
CVE-2017-13166
CVE-2017-5029
CVE-2017-8890
CVE-2017-9242
CVE-2018-10916
CVE-2018-8781
CVE-2018-8897
CVE-2019-14866
CVE-2019-9704
CVE-2019-9705
SUSE-SU-2015:2340-1
SUSE-SU-2015:2342-1
SUSE-SU-2016:0008-1
SUSE-SU-2016:0338-1
SUSE-SU-2016:2105-1
SUSE-SU-2017:1313-1
SUSE-SU-2017:2447-1
SUSE-SU-2018:1513-1
SUSE-SU-2018:1528-1
SUSE-SU-2019:0642-1
SUSE-SU-2019:1990-1
SUSE-SU-2019:3064-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND icoutils-0.31.3-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libwireshark9-2.4.15-lp151.2.3 is installed
  • OR libwiretap7-2.4.15-lp151.2.3 is installed
  • OR libwscodecs1-2.4.15-lp151.2.3 is installed
  • OR libwsutil8-2.4.15-lp151.2.3 is installed
  • OR wireshark-2.4.15-lp151.2.3 is installed
  • OR wireshark-devel-2.4.15-lp151.2.3 is installed
  • OR wireshark-ui-qt-2.4.15-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-17.0.4esr-0.5 is installed
  • OR MozillaFirefox-branding-SLED-7-0.6.9 is installed
  • OR MozillaFirefox-translations-17.0.4esr-0.5 is installed
  • OR beagle-0.3.8-56.51 is installed
  • OR beagle-evolution-0.3.8-56.51 is installed
  • OR beagle-firefox-0.3.8-56.51 is installed
  • OR beagle-gui-0.3.8-56.51 is installed
  • OR beagle-lang-0.3.8-56.51 is installed
  • OR libfreebl3-3.14.2-0.4.3 is installed
  • OR libfreebl3-32bit-3.14.2-0.4.3 is installed
  • OR mhtml-firefox-0.5-1.47.51 is installed
  • OR mozilla-nspr-4.9.5-0.3 is installed
  • OR mozilla-nspr-32bit-4.9.5-0.3 is installed
  • OR mozilla-nss-3.14.2-0.4.3 is installed
  • OR mozilla-nss-32bit-3.14.2-0.4.3 is installed
  • OR mozilla-nss-tools-3.14.2-0.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bind-9.9.6P1-0.19 is installed
  • OR bind-libs-9.9.6P1-0.19 is installed
  • OR bind-libs-32bit-9.9.6P1-0.19 is installed
  • OR bind-utils-9.9.6P1-0.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • MozillaFirefox-38.6.0esr-57 is installed
  • OR MozillaFirefox-branding-SLE-31.0-20 is installed
  • OR MozillaFirefox-translations-38.6.0esr-57 is installed
  • OR libfreebl3-3.20.2-37 is installed
  • OR libfreebl3-32bit-3.20.2-37 is installed
  • OR libsoftokn3-3.20.2-37 is installed
  • OR libsoftokn3-32bit-3.20.2-37 is installed
  • OR mozilla-nss-3.20.2-37 is installed
  • OR mozilla-nss-32bit-3.20.2-37 is installed
  • OR mozilla-nss-certs-3.20.2-37 is installed
  • OR mozilla-nss-certs-32bit-3.20.2-37 is installed
  • OR mozilla-nss-sysinit-3.20.2-37 is installed
  • OR mozilla-nss-sysinit-32bit-3.20.2-37 is installed
  • OR mozilla-nss-tools-3.20.2-37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-87 is installed
  • OR libopenssl0_9_8-0.9.8j-87 is installed
  • OR libopenssl0_9_8-32bit-0.9.8j-87 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • cron-4.2-59.10 is installed
  • OR cronie-1.4.11-59.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • dhcp-4.3.3-2 is installed
  • OR dhcp-client-4.3.3-2 is installed
  • OR dhcp-relay-4.3.3-2 is installed
  • OR dhcp-server-4.3.3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_51-default-2-2 is installed
  • OR kgraft-patch-3_12_74-60_64_51-xen-2-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_18-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • alsa-1.0.27.2-11 is installed
  • OR alsa-docs-1.0.27.2-11 is installed
  • OR libasound2-1.0.27.2-11 is installed
  • OR libasound2-32bit-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • dovecot22-2.2.31-19.11 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.11 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libsystemd0-228-150.53 is installed
  • OR libsystemd0-32bit-228-150.53 is installed
  • OR libudev1-228-150.53 is installed
  • OR libudev1-32bit-228-150.53 is installed
  • OR systemd-228-150.53 is installed
  • OR systemd-32bit-228-150.53 is installed
  • OR systemd-bash-completion-228-150.53 is installed
  • OR systemd-sysvinit-228-150.53 is installed
  • OR udev-228-150.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libz1-1.2.8-11 is installed
  • OR libz1-32bit-1.2.8-11 is installed
  • OR zlib-devel-1.2.8-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND squid-3.5.21-26.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libecpg6-10.8-1.9 is installed
  • OR libpq5-10.8-1.9 is installed
  • OR libpq5-32bit-10.8-1.9 is installed
  • OR postgresql10-10.8-1.9 is installed
  • OR postgresql10-contrib-10.8-1.9 is installed
  • OR postgresql10-docs-10.8-1.9 is installed
  • OR postgresql10-libs-10.8-1.9 is installed
  • OR postgresql10-server-10.8-1.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • giflib-progs-5.0.5-12 is installed
  • OR libgif6-5.0.5-12 is installed
  • OR libgif6-32bit-5.0.5-12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-activerecord-4_2-4.2.2-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-aodh-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-api-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-doc-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-evaluator-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-expirer-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-listener-3.0.4~a0~dev1-2.3 is installed
  • OR openstack-aodh-notifier-3.0.4~a0~dev1-2.3 is installed
  • OR python-aodh-3.0.4~a0~dev1-2.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • dnsmasq-2.78-18.12 is installed
  • OR dnsmasq-utils-2.78-18.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • MozillaFirefox-68.1.0-109.89 is installed
  • OR MozillaFirefox-branding-SLE-68-32.8 is installed
  • OR MozillaFirefox-translations-common-68.1.0-109.89 is installed
    • BACK