OVAL Reference oval:org.opensuse.security:def:57252

Oval Definition:

oval:org.opensuse.security:def:57252

Revision Date:	2020-12-01	Version:	1
Title:	Security update for mozilla-nspr, mozilla-nss
Description:	Mozilla NSPR and NSS were updated to fix various security bugs that could be used to crash the browser or potentially execute code. Mozilla NSPR 4.10.2 has the following bug fixes: * * Bug 770534: Possible pointer overflow in PL_ArenaAllocate(). Fixed by Pascal Cuoq and Kamil Dudka. * Bug 888546: ptio.c:PR_ImportUDPSocket doesn't work. Fixed by Miloslav Trmac. * Bug 915522: VS2013 support for NSPR. Fixed by Makoto Kato. * Bug 927687: Avoid unsigned integer wrapping in PL_ArenaAllocate. (CVE-2013-5607) Mozilla NSS 3.15.3 is a patch release for NSS 3.15 and includes the following bug fixes: * * Bug 925100: Ensure a size is <= half of the maximum PRUint32 value. (CVE-2013-1741) * Bug 934016: Handle invalid handshake packets. (CVE-2013-5605) * Bug 910438: Return the correct result in CERT_VerifyCert on failure, if a verifyLog isn't used. (CVE-2013-5606) Security Issue references: * CVE-2013-1741 * CVE-2013-5605 * CVE-2013-5606 * CVE-2013-5607
Family:	unix	Class:	patch
Status:		Reference(s):	1007829 1020983 1033466 1033467 1033468 1037811 1069708 1071471 1076017 1082828 1083488 1085114 1085447 1089039 1097560 1101246 1101470 1101644 1101645 1101651 1101656 1102682 1104789 1106197 1112142 1112143 1112144 1112146 1112147 1112152 1112153 1116574 1120932 1125815 1132174 1132323 1133191 792432 813026 819204 825935 850148 965748 977043 987866 989528 997043 CVE-2013-1667 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1697 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2013-5607 CVE-2014-0107 CVE-2016-10745 CVE-2016-2775 CVE-2016-6170 CVE-2016-8864 CVE-2017-13166 CVE-2017-15130 CVE-2017-15868 CVE-2017-16939 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 CVE-2018-0737 CVE-2018-1000004 CVE-2018-1068 CVE-2018-13785 CVE-2018-16435 CVE-2018-2938 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 CVE-2018-3639 CVE-2018-5390 CVE-2018-7566 CVE-2019-10906 CVE-2019-11487 CVE-2019-3498 CVE-2019-8341 SUSE-SU-2016:2697-1 SUSE-SU-2017:0998-1 SUSE-SU-2018:0252-1 SUSE-SU-2018:1015-1 SUSE-SU-2018:2632-1 SUSE-SU-2018:2902-1 SUSE-SU-2018:2928-1 SUSE-SU-2018:3933-1 SUSE-SU-2019:0049-1 SUSE-SU-2019:0483-1 SUSE-SU-2019:1554-1 SUSE-SU-2019:1767-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND enscript-1.6.6-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information curl-7.60.0-lp151.5.3 is installed OR curl-mini-7.60.0-lp151.5.3 is installed OR libcurl-devel-7.60.0-lp151.5.3 is installed OR libcurl-devel-32bit-7.60.0-lp151.5.3 is installed OR libcurl-mini-devel-7.60.0-lp151.5.3 is installed OR libcurl4-7.60.0-lp151.5.3 is installed OR libcurl4-32bit-7.60.0-lp151.5.3 is installed OR libcurl4-mini-7.60.0-lp151.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libfreebl3-3.15.3-0.3 is installed OR libfreebl3-32bit-3.15.3-0.3 is installed OR mozilla-nspr-4.10.2-0.3 is installed OR mozilla-nspr-32bit-4.10.2-0.3 is installed OR mozilla-nss-3.15.3-0.3 is installed OR mozilla-nss-32bit-3.15.3-0.3 is installed OR mozilla-nss-tools-3.15.3-0.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-17.0.7esr-0.8 is installed OR MozillaFirefox-branding-SLED-7-0.12 is installed OR MozillaFirefox-translations-17.0.7esr-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_40-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_40-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_15-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_perl-2.0.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_107-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_29-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libssh2-1-1.4.3-20.6 is installed OR libssh2-1-32bit-1.4.3-20.6 is installed OR libssh2_org-1.4.3-20.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information xen-4.11.1_02-2.3 is installed OR xen-doc-html-4.11.1_02-2.3 is installed OR xen-libs-4.11.1_02-2.3 is installed OR xen-libs-32bit-4.11.1_02-2.3 is installed OR xen-tools-4.11.1_02-2.3 is installed OR xen-tools-domU-4.11.1_02-2.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND python-Jinja2-2.8-22.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.4-11.18 is installed

BACK