Oval Definition:oval:org.opensuse.security:def:57335
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox
Description:



This update to Firefox 31.7.0 ESR fixes the following issues:

*

MFSA 2015-46 (CVE-2015-2708, CVE-2015-2709): Miscellaneous memory safety hazards (rv:38.0 / rv:31.7). Upstream references: bmo#1120655, bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977, bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526, bmo#1153688, bmo#1155474.

*

MFSA 2015-47 (CVE-2015-0797): Buffer overflow parsing H.264 video with Linux Gstreamer. Upstream references: bmo#1080995.

*

MFSA 2015-48 (CVE-2015-2710): Buffer overflow with SVG content and CSS. Upstream references: bmo#1149542.

*

MFSA 2015-51 (CVE-2015-2713): Use-after-free during text processing with vertical text enabled. Upstream references: bmo#1153478.

*

MFSA 2015-54 (CVE-2015-2716): Buffer overflow when parsing compressed XML. Upstream references: bmo#1140537.

Security Issues:

* CVE-2015-0797 * CVE-2015-2708 * CVE-2015-2709 * CVE-2015-2710 * CVE-2015-2713 * CVE-2015-2716

Family:unixClass:patch
Status:Reference(s):1021578
1023616
1043055
1048576
1055478
1065641
1070737
1077724
1077725
1077978
1079798
1079799
1079800
1079801
1090023
1090024
1090025
1090026
1090027
1090028
1090029
1090030
1090032
1090033
1101820
1104199
1108308
1111331
1111634
1111635
1111657
1119947
1137597
1138748
1140747
1146358
1146359
1149792
1162002
1170383
1171189
1171191
1171220
1171732
1171988
1172049
1172453
1172458
1172775
1172781
1172782
1172783
1172999
1174115
1174462
1174543
906364
930622
981848
984650
CVE-2011-0460
CVE-2014-9029
CVE-2015-0797
CVE-2015-2708
CVE-2015-2709
CVE-2015-2710
CVE-2015-2713
CVE-2015-2716
CVE-2016-1372
CVE-2017-16227
CVE-2017-17969
CVE-2017-9788
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-10903
CVE-2018-10915
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16884
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-2815
CVE-2018-5378
CVE-2018-5379
CVE-2018-5380
CVE-2018-5381
CVE-2018-5996
CVE-2019-11091
CVE-2019-11477
CVE-2019-11478
CVE-2019-20810
CVE-2019-20812
CVE-2019-8675
CVE-2019-8696
CVE-2020-0305
CVE-2020-10135
CVE-2020-10711
CVE-2020-10732
CVE-2020-10751
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10773
CVE-2020-12771
CVE-2020-13974
CVE-2020-14416
SUSE-SU-2015:0978-1
SUSE-SU-2017:1961-1
SUSE-SU-2018:0456-1
SUSE-SU-2018:0464-1
SUSE-SU-2018:1692-1
SUSE-SU-2018:3074-1
SUSE-SU-2018:3909-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:1296-1
SUSE-SU-2019:3057-1
SUSE-SU-2020:0790-1
SUSE-SU-2020:2134-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • elfutils-0.168-lp150.2 is installed
  • OR elfutils-lang-0.168-lp150.2 is installed
  • OR libasm1-0.168-lp150.2 is installed
  • OR libdw1-0.168-lp150.2 is installed
  • OR libdw1-32bit-0.168-lp150.2 is installed
  • OR libebl-plugins-0.168-lp150.2 is installed
  • OR libebl-plugins-32bit-0.168-lp150.2 is installed
  • OR libelf1-0.168-lp150.2 is installed
  • OR libelf1-32bit-0.168-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-lp151.2.3 is installed
  • OR java-1_8_0-openjdk-accessibility-1.8.0.222-lp151.2.3 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-lp151.2.3 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-lp151.2.3 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-lp151.2.3 is installed
  • OR java-1_8_0-openjdk-javadoc-1.8.0.222-lp151.2.3 is installed
  • OR java-1_8_0-openjdk-src-1.8.0.222-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-31.7.0esr-0.8 is installed
  • OR MozillaFirefox-translations-31.7.0esr-0.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • python-setuptools-18.0.1-4.8 is installed
  • OR python3-setuptools-18.0.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND kbd-1.15.5-8.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_95-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_25-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache2-mod_jk-1.2.40-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • python-PyYAML-5.1.2-26.12 is installed
  • OR python3-PyYAML-5.1.2-26.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • ghostscript-9.27-23.31 is installed
  • OR ghostscript-x11-9.27-23.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • tomcat-8.0.53-29.16 is installed
  • OR tomcat-admin-webapps-8.0.53-29.16 is installed
  • OR tomcat-docs-webapp-8.0.53-29.16 is installed
  • OR tomcat-el-3_0-api-8.0.53-29.16 is installed
  • OR tomcat-javadoc-8.0.53-29.16 is installed
  • OR tomcat-jsp-2_3-api-8.0.53-29.16 is installed
  • OR tomcat-lib-8.0.53-29.16 is installed
  • OR tomcat-servlet-3_1-api-8.0.53-29.16 is installed
  • OR tomcat-webapps-8.0.53-29.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • kernel-azure-4.12.14-6.40 is installed
  • OR kernel-azure-base-4.12.14-6.40 is installed
  • OR kernel-azure-devel-4.12.14-6.40 is installed
  • OR kernel-devel-azure-4.12.14-6.40 is installed
  • OR kernel-source-azure-4.12.14-6.40 is installed
  • OR kernel-syms-azure-4.12.14-6.40 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libecpg6-10.5-1.3 is installed
  • OR libpq5-10.5-1.3 is installed
  • OR libpq5-32bit-10.5-1.3 is installed
  • OR postgresql-init-10-17.20 is installed
  • OR postgresql10-10.5-1.3 is installed
  • OR postgresql10-contrib-10.5-1.3 is installed
  • OR postgresql10-docs-10.5-1.3 is installed
  • OR postgresql10-libs-10.5-1.3 is installed
  • OR postgresql10-server-10.5-1.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • cups-1.7.5-20.26 is installed
  • OR cups-client-1.7.5-20.26 is installed
  • OR cups-libs-1.7.5-20.26 is installed
  • OR cups-libs-32bit-1.7.5-20.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-loofah-2.0.2-3.5 is installed
  • OR rubygem-loofah-2.0.2-3.5 is installed
    • BACK