Oval Definition:	oval:org.opensuse.security:def:56462
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback (bsc#1052829) - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts (bsc#1052829) - CVE-2017-7792 Buffer overflow viewing certificates with an extremely long OID (bsc#1052829) - CVE-2017-7782 WindowsDllDetourPatcher allocates memory without DEP protections (bsc#1052829) - CVE-2017-7787 Same-origin policy bypass with iframes through page reloads (bsc#1052829) - CVE-2017-7786 Buffer overflow while painting non-displayable SVG (bsc#1052829) - CVE-2017-7785 Buffer overflow manipulating ARIA attributes in DOM (bsc#1052829) - CVE-2017-7784 Use-after-free with image observers (bsc#1052829) - CVE-2017-7753 Out-of-bounds read with cached style data and pseudo-elements (bsc#1052829) - CVE-2017-7798 XUL injection in the style editor in devtools (bsc#1052829) - CVE-2017-7804 Memory protection bypass through WindowsDllDetourPatcher (bsc#1052829) - CVE-2017-7779 Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3 (bsc#1052829) - CVE-2017-7800 Use-after-free in WebSockets during disconnection (bsc#1052829) - CVE-2017-7801 Use-after-free with marquee during window resizing (bsc#1052829) - CVE-2017-7802 Use-after-free resizing image elements (bsc#1052829) - CVE-2017-7803 CSP containing 'sandbox' improperly applied (bsc#1052829) Family: unix Class: patch Status: Reference(s): 1000396 1001299 1001759 1027565 1028372 1029907 1029908 1029909 1030296 1030297 1030298 1030573 1030584 1030585 1030588 1030589 1031590 1031593 1031595 1031638 1031644 1031656 1037052 1037057 1037061 1037066 1037273 1039291 1042657 1044891 1044897 1044901 1044909 1044925 1044927 1049302 1049305 1049306 1049307 1049308 1049309 1049310 1049311 1049312 1049313 1049314 1049315 1049316 1049317 1049318 1049319 1049320 1049321 1049322 1049323 1049324 1049325 1049326 1049327 1049328 1049329 1049330 1049331 1049332 1052829 1055478 1065643 1065689 1065693 1068640 1068643 1068887 1068888 1068950 1069176 1069202 1070737 1074741 1077745 1079103 1079741 1080556 1081527 1081741 1083528 1083532 1085784 1086608 1086784 1086786 1086788 1087082 1087083 1089343 1090997 1091015 1091365 1091368 1092885 1101820 1103411 1104134 1111331 1111657 1123156 1138748 1146873 1149792 1149811 1161066 1163018 1166240 1170940 898812 898884 956357 964458 981848 982826 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-3607 CVE-2009-3608 CVE-2011-2483 CVE-2011-3177 CVE-2013-1788 CVE-2013-1789 CVE-2013-1790 CVE-2013-4473 CVE-2013-4474 CVE-2014-6277 CVE-2014-6278 CVE-2014-8080 CVE-2014-8090 CVE-2014-9939 CVE-2015-5185 CVE-2016-0634 CVE-2016-10040 CVE-2016-7543 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10078 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-15938 CVE-2017-15939 CVE-2017-15996 CVE-2017-16826 CVE-2017-16827 CVE-2017-16828 CVE-2017-16829 CVE-2017-16830 CVE-2017-16831 CVE-2017-16832 CVE-2017-2636 CVE-2017-6965 CVE-2017-6966 CVE-2017-6969 CVE-2017-7184 CVE-2017-7209 CVE-2017-7210 CVE-2017-7223 CVE-2017-7224 CVE-2017-7225 CVE-2017-7226 CVE-2017-7299 CVE-2017-7300 CVE-2017-7301 CVE-2017-7302 CVE-2017-7303 CVE-2017-7304 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-8392 CVE-2017-8393 CVE-2017-8394 CVE-2017-8396 CVE-2017-8421 CVE-2017-9746 CVE-2017-9747 CVE-2017-9748 CVE-2017-9750 CVE-2017-9755 CVE-2017-9756 CVE-2018-10372 CVE-2018-10373 CVE-2018-1050 CVE-2018-10534 CVE-2018-10535 CVE-2018-10858 CVE-2018-10903 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-3639 CVE-2018-3640 CVE-2018-3646 CVE-2018-6323 CVE-2018-6543 CVE-2018-6759 CVE-2018-6872 CVE-2018-7208 CVE-2018-7568 CVE-2018-7569 CVE-2018-7570 CVE-2018-7642 CVE-2018-7643 CVE-2018-8945 CVE-2019-11091 CVE-2019-12068 CVE-2019-15890 CVE-2019-6778 CVE-2020-1711 CVE-2020-1983 CVE-2020-7039 CVE-2020-8608 SUSE-SU-2016:2872-1 SUSE-SU-2017:0865-1 SUSE-SU-2017:2175-1 SUSE-SU-2017:2589-1 SUSE-SU-2018:1614-1 SUSE-SU-2018:1902-1 SUSE-SU-2018:2331-1 SUSE-SU-2018:2339-1 SUSE-SU-2018:3207-1 SUSE-SU-2019:1235-1 SUSE-SU-2020:0790-1 SUSE-SU-2020:1514-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information dbus-1-glib-0.108-lp150.1 is installed OR dbus-1-glib-tool-0.108-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND transfig-3.2.6a-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.3.0esr-109.3 is installed OR MozillaFirefox-translations-52.3.0esr-109.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpoppler-glib8-0.24.4-3 is installed OR libpoppler-qt4-4-0.24.4-3 is installed OR libpoppler44-0.24.4-3 is installed OR poppler-tools-0.24.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libruby2_1-2_1-2.1.2-12 is installed OR ruby2.1-2.1.2-12 is installed OR ruby2.1-stdlib-2.1.2-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-27.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND autofs-5.0.9-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information krb5-appl-1.0.3-3.3 is installed OR krb5-appl-clients-1.0.3-3.3 is installed OR krb5-appl-servers-1.0.3-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information java-1_8_0-openjdk-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-demo-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-devel-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-headless-1.8.0.144-27.5 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND python-cryptography-2.1.4-3.15 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed
BACK