Oval Definition:oval:org.opensuse.security:def:57289
Revision Date:2020-12-01Version:1
Title:Security update for Mozilla Firefox
Description:



This update to Firefox 17.0.9esr (bnc#840485) addresses:

* * MFSA 2013-91 User-defined properties on DOM proxies get the wrong 'this' object o (CVE-2013-1737) * MFSA 2013-90 Memory corruption involving scrolling o use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) o Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) * MFSA 2013-89 Buffer overflow with multi-column, lists, and floats o buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) * MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes o compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) * MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification o MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) * MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption o ABORT: bad scope for new JSObjects: ReparentWrapper / document.open (CVE-2013-1725) * MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning o Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) * MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * MFSA 2013-65 Buffer underflow when generating CRMF requests o ASAN heap-buffer-overflow (read 1) in cryptojs_interpret_key_gen_type (CVE-2013-1705)

Security Issue references:

* CVE-2013-1737 * CVE-2013-1735 * CVE-2013-1736 * CVE-2013-1732 * CVE-2013-1730 * CVE-2013-1726 * CVE-2013-1725 * CVE-2013-1722 * CVE-2013-1718 * CVE-2013-1705

Family:unixClass:patch
Status:Reference(s):1009318
1011130
1011136
1012260
1013376
1014159
1015565
1021577
1026191
1037824
1041469
1041894
1049703
1061204
1064786
1065464
1066489
1073210
1076017
1078436
1083488
1085114
1085447
1091551
1092697
1094767
1096515
1096745
1106171
1106172
1106173
1106195
1107343
1107410
1107411
1107412
1107413
1107420
1107421
1107422
1107423
1107426
1107581
1107832
1108027
1108771
1108986
1109105
1109363
1109465
1110233
1110506
1110507
1111647
1120489
1140290
1143194
1143273
1148987
1170643
1170771
703591
839074
840485
857131
893359
925499
932026
934920
CVE-2013-1705
CVE-2013-1718
CVE-2013-1722
CVE-2013-1725
CVE-2013-1726
CVE-2013-1730
CVE-2013-1732
CVE-2013-1735
CVE-2013-1736
CVE-2013-1737
CVE-2014-9848
CVE-2015-0247
CVE-2015-1572
CVE-2015-3238
CVE-2015-4000
CVE-2016-8707
CVE-2016-8866
CVE-2016-9556
CVE-2016-9559
CVE-2016-9773
CVE-2017-13166
CVE-2017-16541
CVE-2018-1000004
CVE-2018-1068
CVE-2018-12020
CVE-2018-12086
CVE-2018-12376
CVE-2018-12377
CVE-2018-12378
CVE-2018-12379
CVE-2018-12381
CVE-2018-12383
CVE-2018-12385
CVE-2018-12386
CVE-2018-12387
CVE-2018-14633
CVE-2018-15908
CVE-2018-15909
CVE-2018-15910
CVE-2018-15911
CVE-2018-16509
CVE-2018-16510
CVE-2018-16511
CVE-2018-16513
CVE-2018-16539
CVE-2018-16540
CVE-2018-16541
CVE-2018-16542
CVE-2018-16543
CVE-2018-16585
CVE-2018-16802
CVE-2018-17182
CVE-2018-17183
CVE-2018-18227
CVE-2018-20217
CVE-2018-7566
CVE-2019-13057
CVE-2019-13173
CVE-2019-13565
CVE-2019-13627
CVE-2020-12243
CVE-2020-3899
SUSE-SU-2015:0446-1
SUSE-SU-2015:1526-1
SUSE-SU-2016:3258-1
SUSE-SU-2017:1398-1
SUSE-SU-2018:1025-1
SUSE-SU-2018:1698-1
SUSE-SU-2018:2975-1
SUSE-SU-2018:3590-1
SUSE-SU-2018:3591-1
SUSE-SU-2019:0113-1
SUSE-SU-2019:2181-1
SUSE-SU-2019:2510-1
SUSE-SU-2020:1210-1
SUSE-SU-2020:1211-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND gzip-1.9-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libvirt-5.1.0-lp151.7.3 is installed
  • OR libvirt-admin-5.1.0-lp151.7.3 is installed
  • OR libvirt-bash-completion-5.1.0-lp151.7.3 is installed
  • OR libvirt-client-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-config-network-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-config-nwfilter-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-interface-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-libxl-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-lxc-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-network-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-nodedev-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-nwfilter-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-qemu-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-secret-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-core-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-disk-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-gluster-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-iscsi-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-logical-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-mpath-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-rbd-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-driver-storage-scsi-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-hooks-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-lxc-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-qemu-5.1.0-lp151.7.3 is installed
  • OR libvirt-daemon-xen-5.1.0-lp151.7.3 is installed
  • OR libvirt-devel-5.1.0-lp151.7.3 is installed
  • OR libvirt-devel-32bit-5.1.0-lp151.7.3 is installed
  • OR libvirt-doc-5.1.0-lp151.7.3 is installed
  • OR libvirt-libs-5.1.0-lp151.7.3 is installed
  • OR libvirt-lock-sanlock-5.1.0-lp151.7.3 is installed
  • OR libvirt-nss-5.1.0-lp151.7.3 is installed
  • OR wireshark-plugin-libvirt-5.1.0-lp151.7.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-68.0.3618.63-lp151.2.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-17.0.9esr-0.7 is installed
  • OR MozillaFirefox-translations-17.0.9esr-0.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • e2fsprogs-1.42.11-7 is installed
  • OR libcom_err2-1.42.11-7 is installed
  • OR libcom_err2-32bit-1.42.11-7 is installed
  • OR libext2fs2-1.42.11-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND shadow-4.2.1-27.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cups-filters-1.0.58-17 is installed
  • OR cups-filters-cups-browsed-1.0.58-17 is installed
  • OR cups-filters-foomatic-rip-1.0.58-17 is installed
  • OR cups-filters-ghostscript-1.0.58-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • dovecot22-2.2.31-19.17 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.17 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.17 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • gdm-3.10.0.1-54.6 is installed
  • OR gdm-lang-3.10.0.1-54.6 is installed
  • OR gdmflexiserver-3.10.0.1-54.6 is installed
  • OR libgdm1-3.10.0.1-54.6 is installed
  • OR typelib-1_0-Gdm-1_0-3.10.0.1-54.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libopenssl1_1-1.1.1-2.6 is installed
  • OR libopenssl1_1-32bit-1.1.1-2.6 is installed
  • OR openssl-1_1-1.1.1-2.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-urllib3-1.22-5.6 is installed
    • BACK