Oval Definition:oval:org.opensuse.security:def:58378
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.5.0 ESR (bsc#1178824) * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls * CVE-2020-26953: Fullscreen could be enabled without displaying the security UI * CVE-2020-26956: XSS through paste (manual and clipboard API) * CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions * CVE-2020-26959: Use-after-free in WebRequestService * CVE-2020-26960: Potential use-after-free in uses of nsTArray * CVE-2020-15999: Heap buffer overflow in freetype * CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses * CVE-2020-26965: Software keyboards may have remembered typed passwords * CVE-2020-26966: Single-word search queries were also broadcast to local network * CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
Family:unixClass:patch
Status:Reference(s):1006166
1015565
1015941
1036304
1037824
1045735
1045986
1048367
1049825
1053431
1065000
1068310
1069509
1070851
1076192
1079334
1086690
1088705
1091624
1092413
1094150
1094154
1094161
1096803
1099847
1100028
1101349
1102429
1103098
1112039
1119947
1122706
1152856
1154212
1156402
1160467
1160468
1163985
1178824
934920
CVE-2008-1483
CVE-2015-3238
CVE-2016-9957
CVE-2016-9958
CVE-2016-9959
CVE-2016-9960
CVE-2016-9961
CVE-2017-1000368
CVE-2017-10053
CVE-2017-10067
CVE-2017-10074
CVE-2017-10078
CVE-2017-10081
CVE-2017-10087
CVE-2017-10089
CVE-2017-10090
CVE-2017-10096
CVE-2017-10101
CVE-2017-10102
CVE-2017-10105
CVE-2017-10107
CVE-2017-10108
CVE-2017-10109
CVE-2017-10110
CVE-2017-10111
CVE-2017-10115
CVE-2017-10116
CVE-2017-10125
CVE-2017-10243
CVE-2017-15906
CVE-2017-18269
CVE-2017-9269
CVE-2018-11236
CVE-2018-11237
CVE-2018-16884
CVE-2018-18386
CVE-2018-5391
CVE-2018-7685
CVE-2019-14896
CVE-2019-14897
CVE-2019-2201
CVE-2019-2894
CVE-2019-2933
CVE-2019-2945
CVE-2019-2949
CVE-2019-2958
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2987
CVE-2019-2988
CVE-2019-2989
CVE-2019-2992
CVE-2019-2999
CVE-2019-3813
CVE-2020-15999
CVE-2020-16012
CVE-2020-1720
CVE-2020-26951
CVE-2020-26953
CVE-2020-26956
CVE-2020-26958
CVE-2020-26959
CVE-2020-26960
CVE-2020-26961
CVE-2020-26965
CVE-2020-26966
CVE-2020-26968
SUSE-SU-2016:3250-1
SUSE-SU-2017:1398-1
SUSE-SU-2017:1771-1
SUSE-SU-2017:2263-1
SUSE-SU-2017:3230-1
SUSE-SU-2018:1562-2
SUSE-SU-2018:2716-1
SUSE-SU-2019:0230-1
SUSE-SU-2019:3084-1
SUSE-SU-2020:0715-1
SUSE-SU-2020:3548-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libarchive13-3.3.2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • SDL2-2.0.8-lp151.4.3 is installed
  • OR libSDL2-2_0-0-2.0.8-lp151.4.3 is installed
  • OR libSDL2-2_0-0-32bit-2.0.8-lp151.4.3 is installed
  • OR libSDL2-devel-2.0.8-lp151.4.3 is installed
  • OR libSDL2-devel-32bit-2.0.8-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libgme-0.6.0-5 is installed
  • OR libgme0-0.6.0-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • glibc-2.22-62.13 is installed
  • OR glibc-32bit-2.22-62.13 is installed
  • OR glibc-devel-2.22-62.13 is installed
  • OR glibc-devel-32bit-2.22-62.13 is installed
  • OR glibc-html-2.22-62.13 is installed
  • OR glibc-i18ndata-2.22-62.13 is installed
  • OR glibc-info-2.22-62.13 is installed
  • OR glibc-locale-2.22-62.13 is installed
  • OR glibc-locale-32bit-2.22-62.13 is installed
  • OR glibc-profile-2.22-62.13 is installed
  • OR glibc-profile-32bit-2.22-62.13 is installed
  • OR nscd-2.22-62.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_50-default-12-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_15-12-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libzypp-16.17.20-27.52 is installed
  • OR zypper-1.13.45-18.33 is installed
  • OR zypper-log-1.13.45-18.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • bash-4.3-82 is installed
  • OR bash-doc-4.3-82 is installed
  • OR libreadline6-6.3-82 is installed
  • OR libreadline6-32bit-6.3-82 is installed
  • OR readline-doc-6.3-82 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND log4j-1.2.15-126.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND squid-3.5.21-26.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-60.9.0-109.86 is installed
  • OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpolkit0-0.113-5.12 is installed
  • OR polkit-0.113-5.12 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libvorbis-doc-1.3.3-10.14 is installed
  • OR libvorbis0-1.3.3-10.14 is installed
  • OR libvorbis0-32bit-1.3.3-10.14 is installed
  • OR libvorbisenc2-1.3.3-10.14 is installed
  • OR libvorbisenc2-32bit-1.3.3-10.14 is installed
  • OR libvorbisfile3-1.3.3-10.14 is installed
  • OR libvorbisfile3-32bit-1.3.3-10.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • xen-4.11.4_04-2.30 is installed
  • OR xen-doc-html-4.11.4_04-2.30 is installed
  • OR xen-libs-4.11.4_04-2.30 is installed
  • OR xen-libs-32bit-4.11.4_04-2.30 is installed
  • OR xen-tools-4.11.4_04-2.30 is installed
  • OR xen-tools-domU-4.11.4_04-2.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • MozillaFirefox-78.5.0-112.36 is installed
  • OR MozillaFirefox-devel-78.5.0-112.36 is installed
  • OR MozillaFirefox-translations-common-78.5.0-112.36 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libmariadb3-3.0.3-3.3 is installed
  • OR mariadb-10.2.15-4.3 is installed
  • OR mariadb-client-10.2.15-4.3 is installed
  • OR mariadb-connector-c-3.0.3-3.3 is installed
  • OR mariadb-errormessages-10.2.15-4.3 is installed
  • OR mariadb-galera-10.2.15-4.3 is installed
  • OR mariadb-tools-10.2.15-4.3 is installed
  • OR xtrabackup-2.4.10-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Django-1.11.11-3.3 is installed
    • BACK