Oval Definition:oval:org.opensuse.security:def:58330
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Moderate)
Description:

This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.2.0 ESR * Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 (bsc#1175686) * CVE-2020-15663 (bmo#1643199) Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege * CVE-2020-15664 (bmo#1658214) Attacker-induced prompt for extension installation * CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626, bmo#1656957) Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

- Fixed Firefox tab crash in FIPS mode (bsc#1174284).

- Fix broken translation-loading. (bsc#1173991) * allow addon sideloading * mark signatures for langpacks non-mandatory * do not autodisable user profile scopes - Google API key is not usable for geolocation service any more
Family:unixClass:patch
Status:Reference(s):1009280
1019416
1024416
1027147
1042419
1044084
1045340
1050707
1058565
1058622
1058624
1090338
1096740
1102682
1104668
1121826
1133375
1135902
1140402
1143794
1151021
1164692
1170643
1171352
1172524
1173991
1174157
1174284
1175686
1177943
993692
993707
CVE-2016-5542
CVE-2016-5554
CVE-2016-5556
CVE-2016-5568
CVE-2016-5573
CVE-2016-5597
CVE-2017-1000364
CVE-2017-12150
CVE-2017-12151
CVE-2017-12163
CVE-2017-2619
CVE-2017-6318
CVE-2018-12539
CVE-2018-1517
CVE-2018-1656
CVE-2018-2940
CVE-2018-2952
CVE-2018-2973
CVE-2018-3665
CVE-2018-5390
CVE-2019-12155
CVE-2019-13164
CVE-2019-14378
CVE-2019-14835
CVE-2019-6133
CVE-2019-9928
CVE-2020-12861
CVE-2020-12862
CVE-2020-12863
CVE-2020-12864
CVE-2020-12865
CVE-2020-12866
CVE-2020-12867
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2020-15663
CVE-2020-15664
CVE-2020-15670
CVE-2020-1938
CVE-2020-3899
SUSE-SU-2016:3043-1
SUSE-SU-2017:0859-1
SUSE-SU-2017:1707-1
SUSE-SU-2017:2650-1
SUSE-SU-2018:1940-1
SUSE-SU-2019:1600-1
SUSE-SU-2019:2035-1
SUSE-SU-2020:0725-1
SUSE-SU-2020:1211-1
SUSE-SU-2020:2544-1
SUSE-SU-2020:3125-1
SUSE-SU-2020:3191-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND iputils-s20161105-lp150.5 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND ucode-intel-20190618-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr3.60-31 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr3.60-31 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr3.60-31 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr3.60-31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_53-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_16-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • dhcp-4.3.3-9 is installed
  • OR dhcp-client-4.3.3-9 is installed
  • OR dhcp-relay-4.3.3-9 is installed
  • OR dhcp-server-4.3.3-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libldap-2_4-2-2.4.41-18.71 is installed
  • OR libldap-2_4-2-32bit-2.4.41-18.71 is installed
  • OR openldap2-2.4.41-18.71 is installed
  • OR openldap2-back-meta-2.4.41-18.71 is installed
  • OR openldap2-client-2.4.41-18.71 is installed
  • OR openldap2-doc-2.4.41-18.71 is installed
  • OR openldap2-ppolicy-check-password-1.2-18.71 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libzypp-16.17.20-2.33 is installed
  • OR zypper-1.13.45-21.21 is installed
  • OR zypper-log-1.13.45-21.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libotr5-4.0.0-9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • MozillaFirefox-78.2.0-112.19 is installed
  • OR MozillaFirefox-devel-78.2.0-112.19 is installed
  • OR MozillaFirefox-translations-common-78.2.0-112.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
  • OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
    • BACK