OVAL Reference oval:org.opensuse.security:def:56179

Oval Definition:

oval:org.opensuse.security:def:56179

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback (bsc#1052829) - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts (bsc#1052829) - CVE-2017-7792 Buffer overflow viewing certificates with an extremely long OID (bsc#1052829) - CVE-2017-7782 WindowsDllDetourPatcher allocates memory without DEP protections (bsc#1052829) - CVE-2017-7787 Same-origin policy bypass with iframes through page reloads (bsc#1052829) - CVE-2017-7786 Buffer overflow while painting non-displayable SVG (bsc#1052829) - CVE-2017-7785 Buffer overflow manipulating ARIA attributes in DOM (bsc#1052829) - CVE-2017-7784 Use-after-free with image observers (bsc#1052829) - CVE-2017-7753 Out-of-bounds read with cached style data and pseudo-elements (bsc#1052829) - CVE-2017-7798 XUL injection in the style editor in devtools (bsc#1052829) - CVE-2017-7804 Memory protection bypass through WindowsDllDetourPatcher (bsc#1052829) - CVE-2017-7779 Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3 (bsc#1052829) - CVE-2017-7800 Use-after-free in WebSockets during disconnection (bsc#1052829) - CVE-2017-7801 Use-after-free with marquee during window resizing (bsc#1052829) - CVE-2017-7802 Use-after-free resizing image elements (bsc#1052829) - CVE-2017-7803 CSP containing 'sandbox' improperly applied (bsc#1052829)
Family:	unix	Class:	patch
Status:		Reference(s):	1000677 1001912 1004499 1005878 1019334 1021641 1028391 1052311 1052368 1052829 1107832 1108963 1110233 1127458 927220 939523 943967 943968 943969 950437 960382 960996 962743 984663 CVE-2008-4316 CVE-2009-5029 CVE-2010-2547 CVE-2012-3406 CVE-2012-3524 CVE-2012-4412 CVE-2012-4453 CVE-2013-0242 CVE-2013-1914 CVE-2013-2207 CVE-2013-4237 CVE-2013-4332 CVE-2013-4351 CVE-2013-4402 CVE-2013-4458 CVE-2013-7423 CVE-2013-7439 CVE-2014-0475 CVE-2014-3970 CVE-2014-4043 CVE-2014-4617 CVE-2014-5119 CVE-2014-6040 CVE-2014-7817 CVE-2014-8121 CVE-2014-9402 CVE-2014-9622 CVE-2014-9761 CVE-2015-1472 CVE-2015-1473 CVE-2015-1781 CVE-2015-4871 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-7547 CVE-2015-7575 CVE-2015-7830 CVE-2015-8126 CVE-2015-8472 CVE-2015-8711 CVE-2015-8712 CVE-2015-8713 CVE-2015-8714 CVE-2015-8715 CVE-2015-8716 CVE-2015-8717 CVE-2015-8718 CVE-2015-8719 CVE-2015-8720 CVE-2015-8721 CVE-2015-8722 CVE-2015-8723 CVE-2015-8724 CVE-2015-8725 CVE-2015-8726 CVE-2015-8727 CVE-2015-8728 CVE-2015-8729 CVE-2015-8730 CVE-2015-8731 CVE-2015-8732 CVE-2015-8733 CVE-2015-8776 CVE-2015-8777 CVE-2015-8778 CVE-2015-8779 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 CVE-2016-1234 CVE-2016-2108 CVE-2016-3075 CVE-2016-3706 CVE-2016-4429 CVE-2016-7056 CVE-2016-8610 CVE-2017-1000112 CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5409 CVE-2017-5410 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2018-14633 CVE-2018-14634 CVE-2018-17182 CVE-2019-3840 SUSE-SU-2015:1334-1 SUSE-SU-2015:1925-1 SUSE-SU-2016:0110-1 SUSE-SU-2016:0265-1 SUSE-SU-2017:0605-1 SUSE-SU-2017:0714-1 SUSE-SU-2017:2436-1 SUSE-SU-2017:2589-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gimp-2.8.22-lp150.3 is installed OR gimp-lang-2.8.22-lp150.3 is installed OR gimp-plugins-python-2.8.22-lp150.3 is installed OR libgimp-2_0-0-2.8.22-lp150.3 is installed OR libgimpui-2_0-0-2.8.22-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information docker-18.09.6_ce-lp151.2.6 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed OR docker-test-18.09.6_ce-lp151.2.6 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed
Definition Synopsis
openSUSE Leap 15.1 NonFree is installed AND opera-63.0.3368.66-lp151.2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information xorg-x11-libX11-7.4-5.11.15 is installed OR xorg-x11-libX11-32bit-7.4-5.11.15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libvdpau-0.4.1-16.20 is installed OR libvdpau1-0.4.1-16.20 is installed OR libvdpau1-32bit-0.4.1-16.20 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information MozillaFirefox-52.3.0esr-109.3 is installed OR MozillaFirefox-translations-52.3.0esr-109.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gpg2-2.0.24-1 is installed OR gpg2-lang-2.0.24-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_40-default-4-2 is installed OR kgraft-patch-3_12_74-60_64_40-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_15-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information dracut-044-87 is installed OR dracut-fips-044-87 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND libimobiledevice6-1.2.0-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libprocps3-3.3.9-11.14 is installed OR procps-3.3.9-11.14 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND ucode-intel-20180807-13.29 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.107 is installed OR kernel-default-base-4.4.180-94.107 is installed OR kernel-default-devel-4.4.180-94.107 is installed OR kernel-default-kgraft-4.4.180-94.107 is installed OR kernel-devel-4.4.180-94.107 is installed OR kernel-macros-4.4.180-94.107 is installed OR kernel-source-4.4.180-94.107 is installed OR kernel-syms-4.4.180-94.107 is installed OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed

BACK