Oval Definition:oval:org.opensuse.security:def:55759
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr, mozilla-nss (Important)
Description:

MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss and mozilla-nspr were updated to fix nine security issues.

MozillaFirefox was updated to version 45.2.0 ESR. mozilla-nss was updated to version 3.21.1.

These security issues were fixed: - CVE-2016-2834: Memory safety bugs in NSS (MFSA 2016-61) (bsc#983639). - CVE-2016-2824: Out-of-bounds write with WebGL shader (MFSA 2016-53) (bsc#983651). - CVE-2016-2822: Addressbar spoofing though the SELECT element (MFSA 2016-52) (bsc#983652). - CVE-2016-2821: Use-after-free deleting tables from a contenteditable document (MFSA 2016-51) (bsc#983653). - CVE-2016-2819: Buffer overflow parsing HTML5 fragments (MFSA 2016-50) (bsc#983655). - CVE-2016-2828: Use-after-free when textures are used in WebGL operations after recycle pool destruction (MFSA 2016-56) (bsc#983646). - CVE-2016-2831: Entering fullscreen and persistent pointerlock without user permission (MFSA 2016-58) (bsc#983643). - CVE-2016-2815, CVE-2016-2818: Miscellaneous memory safety hazards (MFSA 2016-49) (bsc#983638) These non-security issues were fixed: - bsc#982366: Unknown SSL protocol error in connections - Fix crashes on aarch64 * Determine page size at runtime (bsc#984006) * Allow aarch64 to work in safe mode (bsc#985659) - Fix crashes on mainframes

All extensions must now be signed by addons.mozilla.org. Please read README.SUSE for more details.
Family:unixClass:patch
Status:Reference(s):1001600
1008965
1009254
1012504
1012632
1019332
1020077
1020928
1023041
1071853
1081557
1092885
1093536
1094462
1096223
1098735
1102682
1103203
1105323
1107874
1109845
1133925
1140277
1150003
1150247
1150250
1158809
787520
910457
910458
914890
916927
918595
937787
944066
957174
958789
974655
980722
982366
983549
983638
983639
983643
983646
983651
983652
983653
983655
984006
984126
985659
994989
CVE-2012-4512
CVE-2012-4513
CVE-2012-4515
CVE-2013-6401
CVE-2014-5353
CVE-2014-5354
CVE-2014-5355
CVE-2014-7230
CVE-2014-7231
CVE-2014-8127
CVE-2014-8128
CVE-2014-8129
CVE-2014-8130
CVE-2014-9655
CVE-2015-4792
CVE-2015-4802
CVE-2015-4807
CVE-2015-4815
CVE-2015-4826
CVE-2015-4830
CVE-2015-4836
CVE-2015-4858
CVE-2015-4861
CVE-2015-4870
CVE-2015-4913
CVE-2015-5722
CVE-2015-5969
CVE-2016-2815
CVE-2016-2818
CVE-2016-2819
CVE-2016-2821
CVE-2016-2822
CVE-2016-2824
CVE-2016-2828
CVE-2016-2831
CVE-2016-2834
CVE-2016-4912
CVE-2016-7567
CVE-2017-18190
CVE-2017-2616
CVE-2018-10811
CVE-2018-10902
CVE-2018-11806
CVE-2018-12617
CVE-2018-16151
CVE-2018-16152
CVE-2018-17540
CVE-2018-3639
CVE-2018-5388
CVE-2018-5390
CVE-2019-1547
CVE-2019-1549
CVE-2019-1551
CVE-2019-1563
SUSE-SU-2015:1282-1
SUSE-SU-2015:1420-1
SUSE-SU-2015:1480-1
SUSE-SU-2016:0296-1
SUSE-SU-2016:1691-1
SUSE-SU-2016:2661-1
SUSE-SU-2017:0555-1
SUSE-SU-2018:0604-1
SUSE-SU-2018:2565-1
SUSE-SU-2019:3266-1
SUSE-SU-2020:0099-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND autofs-5.1.3-lp150.5 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libopenssl-1_0_0-devel-1.0.2p-lp151.5.3 is installed
  • OR libopenssl-1_0_0-devel-32bit-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-32bit-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-hmac-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2p-lp151.5.3 is installed
  • OR openssl-1_0_0-1.0.2p-lp151.5.3 is installed
  • OR openssl-1_0_0-cavs-1.0.2p-lp151.5.3 is installed
  • OR openssl-1_0_0-doc-1.0.2p-lp151.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • kdelibs4-4.3.5-0.12 is installed
  • OR kdelibs4-core-4.3.5-0.12 is installed
  • OR libkde4-4.3.5-0.12 is installed
  • OR libkde4-32bit-4.3.5-0.12 is installed
  • OR libkdecore4-4.3.5-0.12 is installed
  • OR libkdecore4-32bit-4.3.5-0.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bind-9.9.6P1-0.15 is installed
  • OR bind-libs-9.9.6P1-0.15 is installed
  • OR bind-libs-32bit-9.9.6P1-0.15 is installed
  • OR bind-utils-9.9.6P1-0.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-45.2.0esr-75 is installed
  • OR MozillaFirefox-branding-SLE-45.0-28 is installed
  • OR MozillaFirefox-translations-45.2.0esr-75 is installed
  • OR libfreebl3-3.21.1-46 is installed
  • OR libfreebl3-32bit-3.21.1-46 is installed
  • OR libsoftokn3-3.21.1-46 is installed
  • OR libsoftokn3-32bit-3.21.1-46 is installed
  • OR mozilla-nspr-4.12-15 is installed
  • OR mozilla-nspr-32bit-4.12-15 is installed
  • OR mozilla-nss-3.21.1-46 is installed
  • OR mozilla-nss-32bit-3.21.1-46 is installed
  • OR mozilla-nss-certs-3.21.1-46 is installed
  • OR mozilla-nss-certs-32bit-3.21.1-46 is installed
  • OR mozilla-nss-sysinit-3.21.1-46 is installed
  • OR mozilla-nss-sysinit-32bit-3.21.1-46 is installed
  • OR mozilla-nss-tools-3.21.1-46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND libjansson4-2.7-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • qemu-2.3.1-33.12 is installed
  • OR qemu-block-curl-2.3.1-33.12 is installed
  • OR qemu-block-rbd-2.3.1-33.12 is installed
  • OR qemu-guest-agent-2.3.1-33.12 is installed
  • OR qemu-ipxe-1.0.0-33.12 is installed
  • OR qemu-kvm-2.3.1-33.12 is installed
  • OR qemu-lang-2.3.1-33.12 is installed
  • OR qemu-ppc-2.3.1-33.12 is installed
  • OR qemu-s390-2.3.1-33.12 is installed
  • OR qemu-seabios-1.8.1-33.12 is installed
  • OR qemu-sgabios-8-33.12 is installed
  • OR qemu-tools-2.3.1-33.12 is installed
  • OR qemu-vgabios-1.8.1-33.12 is installed
  • OR qemu-x86-2.3.1-33.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND kbd-1.15.5-8.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed
  • OR openssl-1.0.2j-60.46 is installed
  • OR openssl-doc-1.0.2j-60.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-devel-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND xdg-utils-20140630-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.0-30.60 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_64-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_20-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libQt5Concurrent5-5.6.2-6.22 is installed
  • OR libQt5Core5-5.6.2-6.22 is installed
  • OR libQt5DBus5-5.6.2-6.22 is installed
  • OR libQt5Gui5-5.6.2-6.22 is installed
  • OR libQt5Network5-5.6.2-6.22 is installed
  • OR libQt5OpenGL5-5.6.2-6.22 is installed
  • OR libQt5PrintSupport5-5.6.2-6.22 is installed
  • OR libQt5Sql5-5.6.2-6.22 is installed
  • OR libQt5Sql5-mysql-5.6.2-6.22 is installed
  • OR libQt5Sql5-postgresql-5.6.2-6.22 is installed
  • OR libQt5Sql5-sqlite-5.6.2-6.22 is installed
  • OR libQt5Sql5-unixODBC-5.6.2-6.22 is installed
  • OR libQt5Test5-5.6.2-6.22 is installed
  • OR libQt5Widgets5-5.6.2-6.22 is installed
  • OR libQt5Xml5-5.6.2-6.22 is installed
  • OR libqt5-qtbase-5.6.2-6.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libcaca-0.99.beta18-14.3 is installed
  • OR libcaca0-0.99.beta18-14.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND chrony-2.3-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-trove-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-api-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-conductor-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-guestagent-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-taskmanager-4.0.1~a0~dev2-2 is installed
  • OR python-trove-4.0.1~a0~dev2-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • kernel-default-4.4.121-92.85 is installed
  • OR kernel-default-base-4.4.121-92.85 is installed
  • OR kernel-default-devel-4.4.121-92.85 is installed
  • OR kernel-default-man-4.4.121-92.85 is installed
  • OR kernel-devel-4.4.121-92.85 is installed
  • OR kernel-macros-4.4.121-92.85 is installed
  • OR kernel-source-4.4.121-92.85 is installed
  • OR kernel-syms-4.4.121-92.85 is installed
  • OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • git-2.26.2-27.36 is installed
  • OR git-core-2.26.2-27.36 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-requests-2.20.1-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • BACK