Oval Definition:oval:org.opensuse.security:def:58380
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 68.5.0 ESR * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 (bmo#1606596) Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543, bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785) Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 * Fixed: Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726)
Family:unixClass:patch
Status:Reference(s):1005091
1005258
1012677
1016715
1021669
1034273
1046607
1064990
1068032
1084878
1092497
1095735
1104826
1106913
1112209
1113534
1113652
1113742
1117665
1119947
1135966
1135967
1137865
1139550
1140671
1141054
1144338
1144903
1145477
1146285
1146361
1146378
1146391
1146413
1146425
1146512
1146514
1146516
1146519
1146584
1147122
1148394
1148938
1149376
1149496
1149522
1149527
1149555
1149612
1149849
1150025
1150112
1150223
1150452
1150457
1150465
1150466
1151347
1151350
1152685
1152782
1152788
1153158
1154372
1155671
1155898
1156187
1157763
1161799
1164692
1173455
985612
995964
CVE-2015-8936
CVE-2016-10906
CVE-2016-1245
CVE-2016-4975
CVE-2016-7098
CVE-2016-8743
CVE-2017-12618
CVE-2017-18509
CVE-2017-18595
CVE-2017-5495
CVE-2017-5715
CVE-2017-7526
CVE-2018-0734
CVE-2018-12207
CVE-2018-16884
CVE-2018-20976
CVE-2018-5407
CVE-2019-0154
CVE-2019-0155
CVE-2019-10220
CVE-2019-11135
CVE-2019-13272
CVE-2019-14814
CVE-2019-14815
CVE-2019-14816
CVE-2019-14821
CVE-2019-14835
CVE-2019-15098
CVE-2019-15211
CVE-2019-15212
CVE-2019-15214
CVE-2019-15215
CVE-2019-15216
CVE-2019-15217
CVE-2019-15218
CVE-2019-15219
CVE-2019-15220
CVE-2019-15221
CVE-2019-15290
CVE-2019-15291
CVE-2019-15505
CVE-2019-15666
CVE-2019-15807
CVE-2019-15902
CVE-2019-15924
CVE-2019-15926
CVE-2019-15927
CVE-2019-15961
CVE-2019-16231
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16413
CVE-2019-16995
CVE-2019-17055
CVE-2019-17056
CVE-2019-17133
CVE-2019-17666
CVE-2019-18680
CVE-2019-18805
CVE-2019-5482
CVE-2019-9456
CVE-2019-9506
CVE-2020-15049
CVE-2020-1938
CVE-2020-6796
CVE-2020-6797
CVE-2020-6798
CVE-2020-6799
CVE-2020-6800
SUSE-SU-2016:3268-1
SUSE-SU-2017:1411-1
SUSE-SU-2017:1794-1
SUSE-SU-2017:2294-1
SUSE-SU-2017:3278-1
SUSE-SU-2018:1571-2
SUSE-SU-2018:2815-1
SUSE-SU-2019:2339-2
SUSE-SU-2019:3177-1
SUSE-SU-2020:0384-1
SUSE-SU-2020:0725-1
SUSE-SU-2020:1946-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libaudit1-2.8.1-lp150.3 is installed
  • OR libaudit1-32bit-2.8.1-lp150.3 is installed
  • OR libauparse0-2.8.1-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exempi-2.4.5-lp151.3.3 is installed
  • OR exempi-tools-2.4.5-lp151.3.3 is installed
  • OR libexempi-devel-2.4.5-lp151.3.3 is installed
  • OR libexempi3-2.4.5-lp151.3.3 is installed
  • OR libexempi3-32bit-2.4.5-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND wget-1.14-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed
  • OR openssl-1.0.2j-60.46 is installed
  • OR openssl-doc-1.0.2j-60.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • apache2-2.4.23-29.24 is installed
  • OR apache2-doc-2.4.23-29.24 is installed
  • OR apache2-example-pages-2.4.23-29.24 is installed
  • OR apache2-prefork-2.4.23-29.24 is installed
  • OR apache2-utils-2.4.23-29.24 is installed
  • OR apache2-worker-2.4.23-29.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND binutils-2.26.1-9.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • python-PyYAML-5.1.2-26.9 is installed
  • OR python-asn1crypto-0.24.0-2.5 is installed
  • OR python-packaging-17.1-2.5 is installed
  • OR python3-PyYAML-5.1.2-26.9 is installed
  • OR python3-asn1crypto-0.24.0-2.5 is installed
  • OR python3-packaging-17.1-2.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.116 is installed
  • OR kernel-default-base-4.4.180-94.116 is installed
  • OR kernel-default-devel-4.4.180-94.116 is installed
  • OR kernel-default-kgraft-4.4.180-94.116 is installed
  • OR kernel-devel-4.4.180-94.116 is installed
  • OR kernel-macros-4.4.180-94.116 is installed
  • OR kernel-source-4.4.180-94.116 is installed
  • OR kernel-syms-4.4.180-94.116 is installed
  • OR kgraft-patch-4_4_180-94_116-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_31-1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND mutt-1.10.1-55.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libvte9-0.28.2-19 is installed
  • OR python-vte-0.28.2-19 is installed
  • OR vte2-lang-0.28.2-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND squid-3.5.21-26.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • MozillaFirefox-68.5.0-109.106 is installed
  • OR MozillaFirefox-devel-68.5.0-109.106 is installed
  • OR MozillaFirefox-translations-common-68.5.0-109.106 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND cobbler-2.6.6-49.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ansible-2.4.6.0-3.3 is installed
    • BACK