OVAL Reference oval:org.opensuse.security:def:56467

Oval Definition:

oval:org.opensuse.security:def:56467

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox, mozilla-nss (Important)
Description:	This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues: This security issue was fixed for mozilla-nss: - CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes (bsc#1061005) These security issues were fixed for Firefox - CVE-2017-7825: Fixed some Tibetan and Arabic unicode characters rendering (bsc#1060445). - CVE-2017-7805: Prevent Use-after-free in TLS 1.2 generating handshake hashes (bsc#1060445). - CVE-2017-7819: Prevent Use-after-free while resizing images in design mode (bsc#1060445). - CVE-2017-7818: Prevent Use-after-free during ARIA array manipulation (bsc#1060445). - CVE-2017-7793: Prevent Use-after-free with Fetch API (bsc#1060445). - CVE-2017-7824: Prevent Buffer overflow when drawing and validating elements with ANGLE (bsc#1060445). - CVE-2017-7810: Fixed several memory safety bugs (bsc#1060445). - CVE-2017-7823: CSP sandbox directive did not create a unique origin (bsc#1060445). - CVE-2017-7814: Blob and data URLs bypassed phishing and malware protection warnings (bsc#1060445).
Family:	unix	Class:	patch
Status:		Reference(s):	1005070 1005072 1005076 1017420 1024051 1027519 1047666 1060445 1061005 1068386 1074562 1078677 1082480 1082481 1086039 1086909 1090192 1090343 1090849 1092631 1093697 1094448 1095603 1096985 1099310 1100973 1102379 1102400 1102410 1102920 1110850 1132728 1132729 1132732 1132734 1134718 1160467 1160468 953516 953519 953521 986566 989980 998677 CVE-2009-0945 CVE-2011-3193 CVE-2011-3922 CVE-2012-4425 CVE-2012-4929 CVE-2012-5643 CVE-2012-6093 CVE-2013-0254 CVE-2013-4549 CVE-2013-7459 CVE-2014-0128 CVE-2014-0190 CVE-2014-6270 CVE-2014-9756 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-2304 CVE-2015-7546 CVE-2015-7805 CVE-2015-8075 CVE-2016-5418 CVE-2016-5844 CVE-2016-6250 CVE-2016-6252 CVE-2016-8687 CVE-2016-8688 CVE-2016-8689 CVE-2017-12636 CVE-2017-15706 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-5838 CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 CVE-2018-11784 CVE-2018-12099 CVE-2018-1288 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-3639 CVE-2018-3817 CVE-2018-8007 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-10245 CVE-2019-14896 CVE-2019-14897 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 SUSE-SU-2015:2000-2 SUSE-SU-2016:2911-1 SUSE-SU-2017:0967-1 SUSE-SU-2017:2350-1 SUSE-SU-2017:2688-1 SUSE-SU-2018:1699-1 SUSE-SU-2018:1997-1 SUSE-SU-2018:2536-1 SUSE-SU-2018:2578-1 SUSE-SU-2018:3388-1 SUSE-SU-2019:1345-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information emacs-25.3-lp150.1 is installed OR emacs-info-25.3-lp150.1 is installed OR emacs-nox-25.3-lp150.1 is installed OR etags-25.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information gnutls-3.6.7-lp151.2.3 is installed OR gnutls-guile-3.6.7-lp151.2.3 is installed OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed OR libgnutls-dane0-3.6.7-lp151.2.3 is installed OR libgnutls-devel-3.6.7-lp151.2.3 is installed OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed OR libgnutls30-3.6.7-lp151.2.3 is installed OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.4.0esr-109.6 is installed OR MozillaFirefox-translations-52.4.0esr-109.6 is installed OR libfreebl3-3.29.5-58.3 is installed OR libfreebl3-32bit-3.29.5-58.3 is installed OR libsoftokn3-3.29.5-58.3 is installed OR libsoftokn3-32bit-3.29.5-58.3 is installed OR mozilla-nss-3.29.5-58.3 is installed OR mozilla-nss-32bit-3.29.5-58.3 is installed OR mozilla-nss-certs-3.29.5-58.3 is installed OR mozilla-nss-certs-32bit-3.29.5-58.3 is installed OR mozilla-nss-sysinit-3.29.5-58.3 is installed OR mozilla-nss-sysinit-32bit-3.29.5-58.3 is installed OR mozilla-nss-tools-3.29.5-58.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libqt4-4.8.6-4 is installed OR libqt4-32bit-4.8.6-4 is installed OR libqt4-qt3support-4.8.6-4 is installed OR libqt4-qt3support-32bit-4.8.6-4 is installed OR libqt4-sql-4.8.6-4 is installed OR libqt4-sql-32bit-4.8.6-4 is installed OR libqt4-sql-mysql-4.8.6-4 is installed OR libqt4-sql-sqlite-4.8.6-4 is installed OR libqt4-x11-4.8.6-4 is installed OR libqt4-x11-32bit-4.8.6-4 is installed OR qt4-x11-tools-4.8.6-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information tomcat-8.0.53-10.35 is installed OR tomcat-admin-webapps-8.0.53-10.35 is installed OR tomcat-docs-webapp-8.0.53-10.35 is installed OR tomcat-el-3_0-api-8.0.53-10.35 is installed OR tomcat-javadoc-8.0.53-10.35 is installed OR tomcat-jsp-2_3-api-8.0.53-10.35 is installed OR tomcat-lib-8.0.53-10.35 is installed OR tomcat-servlet-3_1-api-8.0.53-10.35 is installed OR tomcat-webapps-8.0.53-10.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libspice-client-glib-2_0-8-0.31-7 is installed OR libspice-client-glib-helper-0.31-7 is installed OR libspice-client-gtk-2_0-4-0.31-7 is installed OR libspice-client-gtk-3_0-4-0.31-7 is installed OR libspice-controller0-0.31-7 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.31-7 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.31-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20190514-13.44 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.29 is installed OR samba-4.2.4-28.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND binutils-2.26.1-9.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsqlite3-0-3.8.10.2-9.3 is installed OR libsqlite3-0-32bit-3.8.10.2-9.3 is installed OR sqlite3-3.8.10.2-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND chrony-2.3-3 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND crowbar-openstack-3.0+git.1456169766.1e60d19-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-2.53 is installed OR libwebkit2gtk-4_0-37-2.28.2-2.53 is installed OR libwebkit2gtk3-lang-2.28.2-2.53 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.2-2.53 is installed OR typelib-1_0-WebKit2-4_0-2.28.2-2.53 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-2.53 is installed OR webkit2gtk3-2.28.2-2.53 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grub2-2.02-4.53 is installed OR grub2-i386-pc-2.02-4.53 is installed OR grub2-snapper-plugin-2.02-4.53 is installed OR grub2-systemd-sleep-plugin-2.02-4.53 is installed OR grub2-x86_64-efi-2.02-4.53 is installed OR grub2-x86_64-xen-2.02-4.53 is installed

BACK