Oval Definition:	oval:org.opensuse.security:def:58135
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868). - CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868). - CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868). - CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868). - CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868). - CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868). - CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868). - CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868). - CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868). - CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868). mozilla-nss to version 3.44.1: Added IPSEC IKE support to softoken * Many new FIPS test cases Family: unix Class: patch Status: Reference(s): 1012651 1014298 1014300 1016340 1029907 1029908 1029909 1030296 1030297 1030298 1030584 1030585 1030588 1030589 1031590 1031593 1031595 1031638 1031644 1031656 1037052 1037057 1037061 1037066 1037273 1044891 1044897 1044901 1044909 1044925 1044927 1060653 1061876 1063824 1065643 1065689 1065693 1068640 1068643 1068887 1068888 1068950 1069176 1069202 1074741 1077745 1079103 1079741 1080556 1081527 1083528 1083532 1085449 1085784 1086598 1086608 1086784 1086786 1086788 1090997 1091015 1091365 1091368 1093311 1093414 1125401 1128525 1128829 1128963 1140868 1144902 1150734 1156323 1156324 1156326 1156328 1156329 1157198 1157763 1162687 1162689 1162691 1168994 1172402 1173902 1173994 1175626 1175656 CVE-2014-9939 CVE-2016-1000031 CVE-2016-10013 CVE-2016-10024 CVE-2016-10025 CVE-2016-9932 CVE-2017-1000254 CVE-2017-1000257 CVE-2017-15938 CVE-2017-15939 CVE-2017-15996 CVE-2017-16826 CVE-2017-16827 CVE-2017-16828 CVE-2017-16829 CVE-2017-16830 CVE-2017-16831 CVE-2017-16832 CVE-2017-6965 CVE-2017-6966 CVE-2017-6969 CVE-2017-7209 CVE-2017-7210 CVE-2017-7223 CVE-2017-7224 CVE-2017-7225 CVE-2017-7226 CVE-2017-7299 CVE-2017-7300 CVE-2017-7301 CVE-2017-7302 CVE-2017-7303 CVE-2017-7304 CVE-2017-8392 CVE-2017-8393 CVE-2017-8394 CVE-2017-8396 CVE-2017-8421 CVE-2017-9746 CVE-2017-9747 CVE-2017-9748 CVE-2017-9750 CVE-2017-9755 CVE-2017-9756 CVE-2018-10372 CVE-2018-10373 CVE-2018-10534 CVE-2018-10535 CVE-2018-1417 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2825 CVE-2018-2826 CVE-2018-6323 CVE-2018-6543 CVE-2018-6759 CVE-2018-6872 CVE-2018-7208 CVE-2018-7568 CVE-2018-7569 CVE-2018-7570 CVE-2018-7642 CVE-2018-7643 CVE-2018-8048 CVE-2018-8945 CVE-2019-10218 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-12523 CVE-2019-12526 CVE-2019-12528 CVE-2019-15961 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-3688 CVE-2019-3690 CVE-2019-8936 CVE-2019-9811 CVE-2020-10713 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14318 CVE-2020-14323 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 SUSE-SU-2016:3208-1 SUSE-SU-2017:2831-1 SUSE-SU-2018:3207-1 SUSE-SU-2019:0789-1 SUSE-SU-2019:1214-1 SUSE-SU-2019:1861-1 SUSE-SU-2019:2209-1 SUSE-SU-2019:2875-1 SUSE-SU-2019:3177-1 SUSE-SU-2019:3180-1 SUSE-SU-2020:0661-1 SUSE-SU-2020:1563-1 SUSE-SU-2020:2628-1 SUSE-SU-2020:3083-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libspice-client-glib-2_0-8-0.34-lp150.1 is installed OR libspice-client-glib-helper-0.34-lp150.1 is installed OR libspice-client-gtk-3_0-5-0.34-lp150.1 is installed OR libspice-controller0-0.34-lp150.1 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.34-lp150.1 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.34-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libucl1-1.03-lp151.3.3 is installed OR ucl-1.03-lp151.3.3 is installed OR ucl-devel-1.03-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information xen-4.7.1_04-28 is installed OR xen-doc-html-4.7.1_04-28 is installed OR xen-libs-4.7.1_04-28 is installed OR xen-libs-32bit-4.7.1_04-28 is installed OR xen-tools-4.7.1_04-28 is installed OR xen-tools-domU-4.7.1_04-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND clamav-0.100.3-33.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND binutils-2.26.1-9.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND axis-1.4-290.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-devel-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND ucode-intel-20191112a-13.56 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
BACK