Oval Definition:oval:org.opensuse.security:def:56260
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:



This update for MozillaFirefox to ESR 45.8 fixes the following issues:

Security issues fixed (bsc#1028391): - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP - CVE-2017-5401: Memory Corruption when handling ErrorResult - CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters - CVE-2017-5404: Use-after-free working with ranges in selections - CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports - CVE-2017-5408: Cross-origin reading of video captions in violation of CORS - CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service - CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
Family:unixClass:patch
Status:Reference(s):1028391
1052916
1070162
1075992
1088268
1090036
1096745
1164692
943967
943968
943969
957531
CVE-2007-5970
CVE-2008-7247
CVE-2009-4019
CVE-2009-4028
CVE-2009-4030
CVE-2010-4341
CVE-2010-5298
CVE-2011-1758
CVE-2011-3630
CVE-2011-3631
CVE-2011-3632
CVE-2012-0804
CVE-2012-5615
CVE-2013-0157
CVE-2013-0219
CVE-2013-0220
CVE-2013-0287
CVE-2013-1976
CVE-2013-6401
CVE-2014-0195
CVE-2014-0198
CVE-2014-0221
CVE-2014-0224
CVE-2014-2494
CVE-2014-3470
CVE-2014-3566
CVE-2014-4207
CVE-2014-4258
CVE-2014-4260
CVE-2014-4274
CVE-2014-4287
CVE-2014-6463
CVE-2014-6464
CVE-2014-6469
CVE-2014-6474
CVE-2014-6478
CVE-2014-6484
CVE-2014-6489
CVE-2014-6491
CVE-2014-6494
CVE-2014-6495
CVE-2014-6496
CVE-2014-6500
CVE-2014-6505
CVE-2014-6507
CVE-2014-6520
CVE-2014-6530
CVE-2014-6551
CVE-2014-6555
CVE-2014-6559
CVE-2014-6564
CVE-2014-6568
CVE-2014-8964
CVE-2014-9114
CVE-2015-0374
CVE-2015-0381
CVE-2015-0382
CVE-2015-0391
CVE-2015-0411
CVE-2015-0432
CVE-2015-0433
CVE-2015-0441
CVE-2015-0499
CVE-2015-0501
CVE-2015-0505
CVE-2015-2325
CVE-2015-2326
CVE-2015-2568
CVE-2015-2571
CVE-2015-2573
CVE-2015-3152
CVE-2015-5198
CVE-2015-5199
CVE-2015-5200
CVE-2015-5218
CVE-2015-8327
CVE-2016-10165
CVE-2016-5011
CVE-2016-9841
CVE-2017-0861
CVE-2017-10281
CVE-2017-10285
CVE-2017-10293
CVE-2017-10295
CVE-2017-10309
CVE-2017-10345
CVE-2017-10346
CVE-2017-10347
CVE-2017-10348
CVE-2017-10349
CVE-2017-10350
CVE-2017-10355
CVE-2017-10356
CVE-2017-10357
CVE-2017-10388
CVE-2017-13194
CVE-2017-2885
CVE-2017-5398
CVE-2017-5400
CVE-2017-5401
CVE-2017-5402
CVE-2017-5404
CVE-2017-5405
CVE-2017-5407
CVE-2017-5408
CVE-2017-5409
CVE-2017-5410
CVE-2018-1000199
CVE-2018-12020
CVE-2020-1938
SUSE-SU-2015:1925-1
SUSE-SU-2016:0092-1
SUSE-SU-2017:0714-1
SUSE-SU-2017:2130-1
SUSE-SU-2017:3411-1
SUSE-SU-2018:0181-1
SUSE-SU-2018:1255-1
SUSE-SU-2018:1698-1
SUSE-SU-2020:0806-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gpg2-2.2.5-lp150.2 is installed
  • OR gpg2-lang-2.2.5-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-74.0.3729.157-lp151.2.3 is installed
  • OR chromium-74.0.3729.157-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libvdpau-0.4.1-16.20 is installed
  • OR libvdpau1-0.4.1-16.20 is installed
  • OR libvdpau1-32bit-0.4.1-16.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.8.0esr-102 is installed
  • OR MozillaFirefox-translations-45.8.0esr-102 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cvs-1.12.12-181 is installed
  • OR cvs-doc-1.12.12-181 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.5-30.13 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.5-30.13 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.5-30.13 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.5-30.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libblkid1-2.28-40 is installed
  • OR libblkid1-32bit-2.28-40 is installed
  • OR libfdisk1-2.28-40 is installed
  • OR libmount1-2.28-40 is installed
  • OR libmount1-32bit-2.28-40 is installed
  • OR libsmartcols1-2.28-40 is installed
  • OR libuuid1-2.28-40 is installed
  • OR libuuid1-32bit-2.28-40 is installed
  • OR python-libmount-2.28-40 is installed
  • OR util-linux-2.28-40 is installed
  • OR util-linux-lang-2.28-40 is installed
  • OR util-linux-systemd-2.28-40 is installed
  • OR uuidd-2.28-40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND shadow-4.2.1-27.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libz1-1.2.8-11 is installed
  • OR libz1-32bit-1.2.8-11 is installed
  • OR zlib-devel-1.2.8-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • freeradius-server-3.0.15-2.11 is installed
  • OR freeradius-server-doc-3.0.15-2.11 is installed
  • OR freeradius-server-krb5-3.0.15-2.11 is installed
  • OR freeradius-server-ldap-3.0.15-2.11 is installed
  • OR freeradius-server-libs-3.0.15-2.11 is installed
  • OR freeradius-server-mysql-3.0.15-2.11 is installed
  • OR freeradius-server-perl-3.0.15-2.11 is installed
  • OR freeradius-server-postgresql-3.0.15-2.11 is installed
  • OR freeradius-server-python-3.0.15-2.11 is installed
  • OR freeradius-server-sqlite-3.0.15-2.11 is installed
  • OR freeradius-server-utils-3.0.15-2.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • libsoup-2.44.2-2.3 is installed
  • OR libsoup-2_4-1-2.44.2-2.3 is installed
  • OR libsoup-2_4-1-32bit-2.44.2-2.3 is installed
  • OR libsoup-lang-2.44.2-2.3 is installed
  • OR typelib-1_0-Soup-2_4-2.44.2-2.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed
  • OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed
  • OR libwebkit2gtk3-lang-2.28.3-2.56 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed
  • OR webkit2gtk3-2.28.3-2.56 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Twisted-15.2.1-9.8 is installed
    • BACK