Oval Definition:	oval:org.opensuse.security:def:57292
Revision Date: 2020-12-01 Version: 1 Title: Security update for Mozilla Firefox Description: This Mozilla Firefox and Mozilla NSS update to 24.5.0esr fixes the following several security and non-security issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to 3.16: * required for Firefox 29 * CVE-2014-1492: In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates. Security Issue references: * CVE-2014-1532 * CVE-2014-1531 * CVE-2014-1530 * CVE-2014-1529 * CVE-2014-1524 * CVE-2014-1523 * CVE-2014-1520 * CVE-2014-1518 Family: unix Class: patch Status: Reference(s): 1000118 1000189 1000287 1000304 1000433 1000776 1001169 1001171 1001310 1001462 1001486 1001888 1002322 1002414 1002770 1002786 1003068 1003566 1003581 1003606 1003813 1003866 1003964 1004048 1004052 1004252 1004365 1004517 1005169 1005327 1005545 1005666 1005745 1005895 1005917 1005921 1005923 1005925 1005929 1006103 1006175 1006267 1006528 1006576 1006804 1006809 1006827 1006915 1006918 1007197 1007615 1007653 1007739 1007740 1007741 1007742 1007743 1007744 1007747 1007955 1008557 1008979 1009062 1009969 1010040 1010158 1010444 1010478 1010507 1010665 1010690 1010970 1011176 1011250 1011913 1012060 1012094 1012215 1012452 1012767 1012829 1012992 1013001 1013479 1013531 1013700 1014120 1014392 1014543 1014701 1014710 1014975 1015212 1015359 1015367 1015416 1070724 1076017 1077291 1083488 1085114 1085447 1085449 1093311 1101644 1101645 1101651 1101656 1106812 1107832 1110233 1114674 1122293 1122299 1132728 1132729 1132732 1133135 1149792 1151021 1168930 1169605 1169659 1169786 1169936 1170302 1170313 1170423 1170741 1170939 799133 865539 869827 875378 875803 914939 918089 918090 922634 963609 963655 963904 964462 966170 966172 966186 966191 966316 966318 966325 966471 969474 969475 969476 969477 969756 971975 971989 972993 974313 974842 974843 978907 979378 979681 981825 983087 983152 983318 985850 986255 986987 987641 987703 987805 988524 988715 990384 992555 993739 993841 993891 994881 995278 997059 997639 997807 998054 998689 999817 999907 999932 CVE-2012-0035 CVE-2014-1518 CVE-2014-1520 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2015-1350 CVE-2015-1606 CVE-2015-1607 CVE-2015-8964 CVE-2016-7039 CVE-2016-7042 CVE-2016-7425 CVE-2016-7445 CVE-2016-7913 CVE-2016-7917 CVE-2016-8332 CVE-2016-8645 CVE-2016-8666 CVE-2016-9083 CVE-2016-9084 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 CVE-2016-9572 CVE-2016-9573 CVE-2016-9580 CVE-2016-9581 CVE-2016-9793 CVE-2016-9919 CVE-2017-13166 CVE-2017-15108 CVE-2018-1000004 CVE-2018-1068 CVE-2018-11212 CVE-2018-1417 CVE-2018-14633 CVE-2018-17182 CVE-2018-18311 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2938 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3639 CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117 CVE-2018-7566 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12524 CVE-2019-14835 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2020-11008 CVE-2020-11945 CVE-2020-5260 SUSE-SU-2015:2170-1 SUSE-SU-2016:3270-1 SUSE-SU-2017:0181-1 SUSE-SU-2018:0372-1 SUSE-SU-2018:0374-1 SUSE-SU-2018:1005-1 SUSE-SU-2018:1764-1 SUSE-SU-2018:3064-1 SUSE-SU-2019:1219-1 SUSE-SU-2019:2264-1 SUSE-SU-2020:1227-1 SUSE-SU-2020:1295-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND hyper-v-7-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.10 is installed OR kernel-debug-base-4.12.14-lp151.28.10 is installed OR kernel-debug-devel-4.12.14-lp151.28.10 is installed OR kernel-default-4.12.14-lp151.28.10 is installed OR kernel-default-base-4.12.14-lp151.28.10 is installed OR kernel-default-devel-4.12.14-lp151.28.10 is installed OR kernel-devel-4.12.14-lp151.28.10 is installed OR kernel-docs-4.12.14-lp151.28.10 is installed OR kernel-docs-html-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.10 is installed OR kernel-macros-4.12.14-lp151.28.10 is installed OR kernel-obs-build-4.12.14-lp151.28.10 is installed OR kernel-obs-qa-4.12.14-lp151.28.10 is installed OR kernel-source-4.12.14-lp151.28.10 is installed OR kernel-source-vanilla-4.12.14-lp151.28.10 is installed OR kernel-syms-4.12.14-lp151.28.10 is installed OR kernel-vanilla-4.12.14-lp151.28.10 is installed OR kernel-vanilla-base-4.12.14-lp151.28.10 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.5.0esr-0.8 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.5.0esr-0.8 is installed OR libfreebl3-3.16-0.8 is installed OR libfreebl3-32bit-3.16-0.8 is installed OR libsoftokn3-3.16-0.8 is installed OR libsoftokn3-32bit-3.16-0.8 is installed OR mozilla-nspr-4.10.4-0.3 is installed OR mozilla-nspr-32bit-4.10.4-0.3 is installed OR mozilla-nss-3.16-0.8 is installed OR mozilla-nss-32bit-3.16-0.8 is installed OR mozilla-nss-tools-3.16-0.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information emacs-24.3-16 is installed OR emacs-el-24.3-16 is installed OR emacs-info-24.3-16 is installed OR emacs-nox-24.3-16 is installed OR emacs-x11-24.3-16 is installed OR etags-24.3-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-devel-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_50-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_15-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cvs-1.12.12-181 is installed OR cvs-doc-1.12.12-181 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information java-1_8_0-openjdk-1.8.0.191-27.29 is installed OR java-1_8_0-openjdk-demo-1.8.0.191-27.29 is installed OR java-1_8_0-openjdk-devel-1.8.0.191-27.29 is installed OR java-1_8_0-openjdk-headless-1.8.0.191-27.29 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed
BACK