OVAL Reference oval:org.opensuse.security:def:56090

Oval Definition:

oval:org.opensuse.security:def:56090

Revision Date:	2021-11-17	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-49 (bsc#1192250) * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-after-free in file picker dialog * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0008: Use-after-free in HTTP2 Session object * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
Family:	unix	Class:	patch
Status:		Reference(s):	1042419 1051684 1051685 1053259 1058565 1058622 1058624 1085449 1093311 1111622 1122668 1124211 1137597 1140747 1141493 1160467 1160468 1192250 662458 676471 798770 833483 842006 858178 862608 864801 865682 867910 878841 880751 881900 882092 889207 891539 895798 895799 895802 897657 897662 899908 901882 903279 908151 908275 924519 928547 931448 936862 937086 940413 942262 943989 944309 945345 949669 949670 951844 952810 953233 957805 958390 959514 960857 962336 962846 962872 963572 964461 964727 965319 966054 966573 967640 968497 968687 968812 968813 968973 969016 970604 970609 970892 970911 970948 970955 970956 970958 970970 971049 971124 971126 971159 971170 971600 971628 971793 971947 971965 972003 972068 972174 972197 972780 972844 972891 972951 973031 973032 973033 973034 973036 973378 973556 973832 973855 974418 974629 974646 974692 975371 975488 975772 975945 976739 976821 976868 977582 977685 978401 978527 978822 979213 979347 983143 983273 CVE-2013-2124 CVE-2013-4344 CVE-2013-4419 CVE-2013-4540 CVE-2014-2599 CVE-2014-3566 CVE-2014-3967 CVE-2014-3968 CVE-2014-4021 CVE-2014-7154 CVE-2014-7155 CVE-2014-7156 CVE-2014-7188 CVE-2014-9717 CVE-2015-4513 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-5288 CVE-2015-5289 CVE-2015-5370 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 CVE-2015-8899 CVE-2016-1583 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2847 CVE-2016-3134 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3689 CVE-2016-3951 CVE-2016-4482 CVE-2016-4486 CVE-2016-4569 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-12652 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2018-1417 CVE-2018-18074 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2019-11477 CVE-2019-11478 CVE-2019-14896 CVE-2019-14897 CVE-2019-7317 CVE-2021-38503 CVE-2021-38504 CVE-2021-38505 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-38510 SUSE-SU-2015:1981-1 SUSE-SU-2016:0482-1 SUSE-SU-2016:1024-1 SUSE-SU-2016:1696-1 SUSE-SU-2016:3269-1 SUSE-SU-2017:2356-1 SUSE-SU-2017:2726-1 SUSE-SU-2018:1764-1 SUSE-SU-2019:1924-1 SUSE-SU-2019:3060-2 SUSE-SU-2020:0555-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP2-LTSS-SAP SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information accountsservice-0.6.45-lp150.2 is installed OR accountsservice-lang-0.6.45-lp150.2 is installed OR libaccountsservice0-0.6.45-lp150.2 is installed OR typelib-1_0-AccountsService-1_0-0.6.45-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information cron-4.2-lp151.4.3 is installed OR cronie-1.5.1-lp151.4.3 is installed OR cronie-anacron-1.5.1-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libwsman1-2.2.3-0.8 is installed OR openwsman-client-2.2.3-0.8 is installed OR openwsman-server-2.2.3-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.4.0esr-25 is installed OR MozillaFirefox-branding-SLED-38-15 is installed OR MozillaFirefox-translations-38.4.0esr-25 is installed OR libfreebl3-3.19.2.1-19 is installed OR libfreebl3-32bit-3.19.2.1-19 is installed OR libsoftokn3-3.19.2.1-19 is installed OR libsoftokn3-32bit-3.19.2.1-19 is installed OR mozilla-nspr-4.10.10-16 is installed OR mozilla-nspr-32bit-4.10.10-16 is installed OR mozilla-nss-3.19.2.1-19 is installed OR mozilla-nss-32bit-3.19.2.1-19 is installed OR mozilla-nss-tools-3.19.2.1-19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND dnsmasq-2.71-13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information guestfs-data-1.26.10-4 is installed OR guestfs-tools-1.26.10-4 is installed OR guestfsd-1.26.10-4 is installed OR libguestfs0-1.26.10-4 is installed OR perl-Sys-Guestfs-1.26.10-4 is installed OR python-libguestfs-1.26.10-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libdcerpc-binding0-4.2.4-28.19 is installed OR libdcerpc-binding0-32bit-4.2.4-28.19 is installed OR libdcerpc0-4.2.4-28.19 is installed OR libdcerpc0-32bit-4.2.4-28.19 is installed OR libgensec0-4.2.4-28.19 is installed OR libgensec0-32bit-4.2.4-28.19 is installed OR libndr-krb5pac0-4.2.4-28.19 is installed OR libndr-krb5pac0-32bit-4.2.4-28.19 is installed OR libndr-nbt0-4.2.4-28.19 is installed OR libndr-nbt0-32bit-4.2.4-28.19 is installed OR libndr-standard0-4.2.4-28.19 is installed OR libndr-standard0-32bit-4.2.4-28.19 is installed OR libndr0-4.2.4-28.19 is installed OR libndr0-32bit-4.2.4-28.19 is installed OR libnetapi0-4.2.4-28.19 is installed OR libnetapi0-32bit-4.2.4-28.19 is installed OR libregistry0-4.2.4-28.19 is installed OR libsamba-credentials0-4.2.4-28.19 is installed OR libsamba-credentials0-32bit-4.2.4-28.19 is installed OR libsamba-hostconfig0-4.2.4-28.19 is installed OR libsamba-hostconfig0-32bit-4.2.4-28.19 is installed OR libsamba-passdb0-4.2.4-28.19 is installed OR libsamba-passdb0-32bit-4.2.4-28.19 is installed OR libsamba-util0-4.2.4-28.19 is installed OR libsamba-util0-32bit-4.2.4-28.19 is installed OR libsamdb0-4.2.4-28.19 is installed OR libsamdb0-32bit-4.2.4-28.19 is installed OR libsmbclient-raw0-4.2.4-28.19 is installed OR libsmbclient-raw0-32bit-4.2.4-28.19 is installed OR libsmbclient0-4.2.4-28.19 is installed OR libsmbclient0-32bit-4.2.4-28.19 is installed OR libsmbconf0-4.2.4-28.19 is installed OR libsmbconf0-32bit-4.2.4-28.19 is installed OR libsmbldap0-4.2.4-28.19 is installed OR libsmbldap0-32bit-4.2.4-28.19 is installed OR libtevent-util0-4.2.4-28.19 is installed OR libtevent-util0-32bit-4.2.4-28.19 is installed OR libwbclient0-4.2.4-28.19 is installed OR libwbclient0-32bit-4.2.4-28.19 is installed OR samba-4.2.4-28.19 is installed OR samba-32bit-4.2.4-28.19 is installed OR samba-client-4.2.4-28.19 is installed OR samba-client-32bit-4.2.4-28.19 is installed OR samba-doc-4.2.4-28.19 is installed OR samba-libs-4.2.4-28.19 is installed OR samba-libs-32bit-4.2.4-28.19 is installed OR samba-winbind-4.2.4-28.19 is installed OR samba-winbind-32bit-4.2.4-28.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libecpg6-9.4.9-14 is installed OR libpq5-9.4.9-14 is installed OR libpq5-32bit-9.4.9-14 is installed OR postgresql94-9.4.9-14 is installed OR postgresql94-contrib-9.4.9-14 is installed OR postgresql94-docs-9.4.9-14 is installed OR postgresql94-server-9.4.9-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_06-43.54 is installed OR xen-doc-html-4.7.6_06-43.54 is installed OR xen-libs-4.7.6_06-43.54 is installed OR xen-libs-32bit-4.7.6_06-43.54 is installed OR xen-tools-4.7.6_06-43.54 is installed OR xen-tools-domU-4.7.6_06-43.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gnome-keyring-3.20.0-27 is installed OR gnome-keyring-32bit-3.20.0-27 is installed OR gnome-keyring-lang-3.20.0-27 is installed OR gnome-keyring-pam-3.20.0-27 is installed OR gnome-keyring-pam-32bit-3.20.0-27 is installed OR libgck-modules-gnome-keyring-3.20.0-27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libopenssl-devel-1.0.2j-60.60 is installed OR libopenssl1_0_0-1.0.2j-60.60 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.60 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.60 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.60 is installed OR openssl-1.0.2j-60.60 is installed OR openssl-doc-1.0.2j-60.60 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-1.7.5-20.17 is installed OR cups-client-1.7.5-20.17 is installed OR cups-libs-1.7.5-20.17 is installed OR cups-libs-32bit-1.7.5-20.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXp6-1.0.2-3 is installed OR libXp6-32bit-1.0.2-3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information ImageMagick-6.8.8.1-71.108 is installed OR ImageMagick-config-6-SUSE-6.8.8.1-71.108 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.108 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.108 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.108 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-68.9.0-109.123 is installed OR MozillaFirefox-translations-common-68.9.0-109.123 is installed

BACK