Oval Definition:	oval:org.opensuse.security:def:56930
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox, mozilla-nspr and mozilla-nss (Important) Description: This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 (bsc#1119105) - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with select element - CVE-2018-18493: Fixed a buffer overflow in accelerated 2D canvas with Skia - CVE-2018-18494: Fixed a Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs - CVE-2018-18498: Fixed a integer overflow when calculating buffer sizes for images - CVE-2018-12405: Fixed a few memory safety bugs Issues fixed in mozilla-nss: - Update to NSS 3.40.1 (bsc#1119105) - CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069) - CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873) - CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410) - Fixed a decryption failure during FFDHE key exchange - Various security fixes in the ASN.1 code Issues fixed in mozilla-nspr: - Update mozilla-nspr to 4.20 (bsc#1119105) Family: unix Class: patch Status: Reference(s): 1013669 1014524 1015567 1018870 1022805 1023616 1024130 1024724 1027053 1027057 1029912 1043055 1045327 1048576 1057950 1060644 1069591 1088681 1090174 1090518 1092548 1097410 1100453 1101506 1106873 1112039 1119069 1119105 1154162 1174662 972468 CVE-2013-0240 CVE-2013-1430 CVE-2013-1799 CVE-2015-1191 CVE-2016-0636 CVE-2016-2399 CVE-2016-9811 CVE-2017-1000251 CVE-2017-15274 CVE-2017-16927 CVE-2017-3135 CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 CVE-2017-6967 CVE-2017-9788 CVE-2018-0495 CVE-2018-12384 CVE-2018-12404 CVE-2018-12405 CVE-2018-17466 CVE-2018-18386 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 CVE-2018-2755 CVE-2018-2761 CVE-2018-2766 CVE-2018-2767 CVE-2018-2771 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817 CVE-2018-2819 CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5174 CVE-2018-5178 CVE-2018-5183 CVE-2019-2974 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2016:0959-1 SUSE-SU-2017:0263-1 SUSE-SU-2017:0596-1 SUSE-SU-2017:1712-1 SUSE-SU-2017:1961-1 SUSE-SU-2017:1986-1 SUSE-SU-2017:2788-1 SUSE-SU-2018:1334-1 SUSE-SU-2018:1781-1 SUSE-SU-2018:4236-1 SUSE-SU-2019:1847-1 SUSE-SU-2020:0050-1 SUSE-SU-2020:2232-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libapr-util1-1.6.1-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information ImageMagick-7.0.7.34-lp151.7.6 is installed OR ImageMagick-config-7-SUSE-7.0.7.34-lp151.7.6 is installed OR ImageMagick-config-7-upstream-7.0.7.34-lp151.7.6 is installed OR ImageMagick-devel-7.0.7.34-lp151.7.6 is installed OR ImageMagick-devel-32bit-7.0.7.34-lp151.7.6 is installed OR ImageMagick-doc-7.0.7.34-lp151.7.6 is installed OR ImageMagick-extra-7.0.7.34-lp151.7.6 is installed OR libMagick++-7_Q16HDRI4-7.0.7.34-lp151.7.6 is installed OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp151.7.6 is installed OR libMagick++-devel-7.0.7.34-lp151.7.6 is installed OR libMagick++-devel-32bit-7.0.7.34-lp151.7.6 is installed OR libMagickCore-7_Q16HDRI6-7.0.7.34-lp151.7.6 is installed OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.6 is installed OR libMagickWand-7_Q16HDRI6-7.0.7.34-lp151.7.6 is installed OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.6 is installed OR perl-PerlMagick-7.0.7.34-lp151.7.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-60.4.0esr-109.55 is installed OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed OR libfreebl3-3.40.1-58.18 is installed OR libfreebl3-32bit-3.40.1-58.18 is installed OR libsoftokn3-3.40.1-58.18 is installed OR libsoftokn3-32bit-3.40.1-58.18 is installed OR mozilla-nspr-4.20-19.6 is installed OR mozilla-nspr-32bit-4.20-19.6 is installed OR mozilla-nss-3.40.1-58.18 is installed OR mozilla-nss-32bit-3.40.1-58.18 is installed OR mozilla-nss-certs-3.40.1-58.18 is installed OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed OR mozilla-nss-tools-3.40.1-58.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_0-openjdk-1.7.0.99-27 is installed OR java-1_7_0-openjdk-demo-1.7.0.99-27 is installed OR java-1_7_0-openjdk-devel-1.7.0.99-27 is installed OR java-1_7_0-openjdk-headless-1.7.0.99-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-5-4 is installed OR kgraft-patch-3_12_74-60_64_45-xen-5-4 is installed OR kgraft-patch-SLE12-SP1_Update_16-5-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libgoa-1_0-0-3.20.4-7 is installed OR libgoa-backend-1_0-1-3.20.4-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information cups-filters-1.0.58-15.2 is installed OR cups-filters-cups-browsed-1.0.58-15.2 is installed OR cups-filters-foomatic-rip-1.0.58-15.2 is installed OR cups-filters-ghostscript-1.0.58-15.2 is installed OR libqpdf18-7.1.1-3.3 is installed OR qpdf-7.1.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND unzip-6.00-33.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND rtkit-0.11_git201205151338-8 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information MozillaFirefox-52.8.0esr-109.31 is installed OR MozillaFirefox-devel-52.8.0esr-109.31 is installed OR MozillaFirefox-translations-52.8.0esr-109.31 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
BACK