Oval Definition:oval:org.opensuse.security:def:55785
Revision Date:2020-12-21Version:1
Title:Security update for MozillaFirefox (Critical)
Description:

This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.6.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-55 (bsc#1180039) * CVE-2020-16042 (bmo#1679003) Operations on a BigInt could have caused uninitialized memory to be exposed * CVE-2020-26971 (bmo#1663466) Heap buffer overflow in WebGL * CVE-2020-26973 (bmo#1680084) CSS Sanitizer performed incorrect sanitization * CVE-2020-26974 (bmo#1681022) Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free * CVE-2020-26978 (bmo#1677047) Internal network hosts could have been probed by a malicious webpage * CVE-2020-35111 (bmo#1657916) The proxy.onRequest API did not catch view-source URLs * CVE-2020-35112 (bmo#1661365) Opening an extension-less download may have inadvertently launched an executable instead * CVE-2020-35113 (bmo#1664831, bmo#1673589) Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
Family:unixClass:patch
Status:Reference(s):1000345
1001151
1002116
1002550
1002557
1003878
1003893
1003894
1004702
1004707
1006536
1006538
1007391
1007450
1007454
1007493
1007494
1007495
1012422
1013721
1013732
1013877
1015173
1016168
1026652
1045205
1050231
1057342
1066569
1066693
1067678
1068032
1068671
1070771
1070781
1071074
1071470
1071693
1071694
1071695
1072561
1072876
1083424
1095218
1095219
1098531
1102682
1103203
1105323
1110279
1111853
1116998
1180039
578053
755505
802639
815451
821039
821664
826906
859055
861847
862288
949942
952051
954980
966435
966436
992966
996524
998516
999661
CVE-2007-4772
CVE-2010-5107
CVE-2012-4504
CVE-2013-1981
CVE-2013-1997
CVE-2013-2004
CVE-2014-0497
CVE-2014-1477
CVE-2014-1479
CVE-2014-1480
CVE-2014-1481
CVE-2014-1482
CVE-2014-1483
CVE-2014-1484
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1488
CVE-2014-1489
CVE-2014-1490
CVE-2014-1491
CVE-2014-9749
CVE-2015-7981
CVE-2015-8126
CVE-2016-0766
CVE-2016-0773
CVE-2016-10002
CVE-2016-6318
CVE-2016-7161
CVE-2016-7170
CVE-2016-7421
CVE-2016-7466
CVE-2016-7837
CVE-2016-7908
CVE-2016-7909
CVE-2016-8576
CVE-2016-8577
CVE-2016-8578
CVE-2016-8667
CVE-2016-8669
CVE-2016-8909
CVE-2016-8910
CVE-2016-9101
CVE-2016-9102
CVE-2016-9103
CVE-2016-9104
CVE-2016-9105
CVE-2016-9106
CVE-2016-9800
CVE-2016-9801
CVE-2016-9804
CVE-2016-9918
CVE-2017-1000250
CVE-2017-11600
CVE-2017-13167
CVE-2017-15115
CVE-2017-15868
CVE-2017-16534
CVE-2017-16538
CVE-2017-17448
CVE-2017-17449
CVE-2017-17450
CVE-2017-17558
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2017-8824
CVE-2018-10902
CVE-2018-11233
CVE-2018-11235
CVE-2018-12327
CVE-2018-4191
CVE-2018-4197
CVE-2018-4207
CVE-2018-4208
CVE-2018-4209
CVE-2018-4210
CVE-2018-4212
CVE-2018-4213
CVE-2018-4261
CVE-2018-4262
CVE-2018-4263
CVE-2018-4264
CVE-2018-4265
CVE-2018-4266
CVE-2018-4267
CVE-2018-4270
CVE-2018-4272
CVE-2018-4273
CVE-2018-4278
CVE-2018-4284
CVE-2018-4299
CVE-2018-4306
CVE-2018-4309
CVE-2018-4312
CVE-2018-4314
CVE-2018-4315
CVE-2018-4316
CVE-2018-4317
CVE-2018-4318
CVE-2018-4319
CVE-2018-4323
CVE-2018-4328
CVE-2018-4345
CVE-2018-4358
CVE-2018-4359
CVE-2018-4361
CVE-2018-4372
CVE-2018-4373
CVE-2018-4375
CVE-2018-4376
CVE-2018-4378
CVE-2018-4382
CVE-2018-4386
CVE-2018-4392
CVE-2018-4416
CVE-2018-5390
CVE-2018-7170
CVE-2020-16042
CVE-2020-26971
CVE-2020-26973
CVE-2020-26974
CVE-2020-26978
CVE-2020-35111
CVE-2020-35112
CVE-2020-35113
SUSE-SU-2015:2017-1
SUSE-SU-2016:0555-1
SUSE-SU-2016:2107-1
SUSE-SU-2016:2988-1
SUSE-SU-2017:0116-1
SUSE-SU-2018:0031-1
SUSE-SU-2018:3342-1
SUSE-SU-2019:0059-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • MozillaFirefox-60.0-lp150.2 is installed
  • OR MozillaFirefox-translations-common-60.0-lp150.2 is installed
  • OR MozillaFirefox-translations-other-60.0-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gnome-shell-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-browser-plugin-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-devel-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • flash-player-11.2.202.336-0.3 is installed
  • OR flash-player-gnome-11.2.202.336-0.3 is installed
  • OR flash-player-kde4-11.2.202.336-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-24.3.0esr-0.8 is installed
  • OR MozillaFirefox-branding-SLED-24-0.7 is installed
  • OR MozillaFirefox-translations-24.3.0esr-0.8 is installed
  • OR libfreebl3-3.15.4-0.7 is installed
  • OR libfreebl3-32bit-3.15.4-0.7 is installed
  • OR libsoftokn3-3.15.4-0.7 is installed
  • OR libsoftokn3-32bit-3.15.4-0.7 is installed
  • OR mozilla-nss-3.15.4-0.7 is installed
  • OR mozilla-nss-32bit-3.15.4-0.7 is installed
  • OR mozilla-nss-tools-3.15.4-0.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • cracklib-2.9.0-7 is installed
  • OR libcrack2-2.9.0-7 is installed
  • OR libcrack2-32bit-2.9.0-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.22.4-2.29 is installed
  • OR libwebkit2gtk-4_0-37-2.22.4-2.29 is installed
  • OR libwebkit2gtk3-lang-2.22.4-2.29 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.22.4-2.29 is installed
  • OR typelib-1_0-WebKit2-4_0-2.22.4-2.29 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.22.4-2.29 is installed
  • OR webkit2gtk3-2.22.4-2.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libproxy1-0.4.11-11 is installed
  • OR libproxy1-32bit-0.4.11-11 is installed
  • OR libproxy1-config-gnome3-0.4.11-11 is installed
  • OR libproxy1-config-gnome3-32bit-0.4.11-11 is installed
  • OR libproxy1-networkmanager-0.4.11-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_60-default-11-2 is installed
  • OR kgraft-patch-3_12_74-60_64_60-xen-11-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_21-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXvnc1-1.6.0-12 is installed
  • OR tigervnc-1.6.0-12 is installed
  • OR xorg-x11-Xvnc-1.6.0-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • krb5-1.12.5-40.31 is installed
  • OR krb5-32bit-1.12.5-40.31 is installed
  • OR krb5-client-1.12.5-40.31 is installed
  • OR krb5-doc-1.12.5-40.31 is installed
  • OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed
  • OR krb5-server-1.12.5-40.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-78.6.0-112.39.1 is installed
  • OR MozillaFirefox-devel-78.6.0-112.39.1 is installed
  • OR MozillaFirefox-translations-common-78.6.0-112.39.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_56-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_17-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND chrony-2.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • tomcat-8.0.53-29.22 is installed
  • OR tomcat-admin-webapps-8.0.53-29.22 is installed
  • OR tomcat-docs-webapp-8.0.53-29.22 is installed
  • OR tomcat-el-3_0-api-8.0.53-29.22 is installed
  • OR tomcat-javadoc-8.0.53-29.22 is installed
  • OR tomcat-jsp-2_3-api-8.0.53-29.22 is installed
  • OR tomcat-lib-8.0.53-29.22 is installed
  • OR tomcat-servlet-3_1-api-8.0.53-29.22 is installed
  • OR tomcat-webapps-8.0.53-29.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • cpio-2.11-36.6 is installed
  • OR cpio-lang-2.11-36.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • dracut-044.1-9 is installed
  • OR dracut-fips-044.1-9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-arch-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-credential-gnome-keyring-2.12.3-27.14 is installed
  • OR git-cvs-2.12.3-27.14 is installed
  • OR git-daemon-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
  • OR git-email-2.12.3-27.14 is installed
  • OR git-gui-2.12.3-27.14 is installed
  • OR git-svn-2.12.3-27.14 is installed
  • OR git-web-2.12.3-27.14 is installed
  • OR gitk-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND nodejs6-6.14.4-11.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ansible-2.4.6.0-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
  • OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
    • BACK