Oval Definition:oval:org.opensuse.security:def:58436
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox, mozilla-nss (Important)
Description:

This update for MozillaFirefox, mozilla-nss fixes security issues and bugs.

The following vulnerabilities were fixed in Firefox ESR 45.5 (bsc#1009026):

- CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401) - CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404) - CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395) - CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402) - CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427) - CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410)

The following vulnerabilities were fixed in mozilla-nss 3.21.3:

- CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bsc#1010422) - CVE-2016-5285: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash (bsc#1010517)

The following bugs were fixed:

- Firefox would fail to go into fullscreen mode with some window managers (bsc#992549)

The Mozilla Firefox changelog was amended to document patched dropped in a previous update.
Family:unixClass:patch
Status:Reference(s):1009026
1009966
1010395
1010401
1010402
1010404
1010410
1010422
1010427
1010517
1010829
1012382
1013659
1013678
1013680
1024014
1024017
1024030
1024034
1024062
1037216
1049607
1058058
1062937
1063269
1075091
1075697
1075994
1082943
1087082
1087813
1091041
1097158
1097624
1098592
1098599
1099279
1102959
1105402
1107829
1108145
1109137
1109330
1110286
1117645
1119019
1120386
1120691
1121698
1121805
1122821
1124728
1124732
1124735
1125315
1127155
1127758
1127961
1128166
1129080
1129179
1129346
1130847
1131107
1133147
1136449
1137325
1146519
1146544
1146612
1149591
1153108
1153811
1154844
1155311
1155897
1156060
1156321
1156331
1157038
1157042
1157070
1157143
1157155
1157157
1157158
1157303
1157324
1157333
1157464
1157770
1157804
1157923
1158021
1158132
1158381
1158394
1158398
1158410
1158413
1158417
1158427
1158445
1158819
1158823
1158824
1158827
1158834
1158900
1158903
1158904
1159199
1159285
1159297
1159841
1159908
1159910
1159911
1159912
1160195
1162227
1162298
1162928
1162929
1162931
1163971
1164069
1164078
1164846
1165111
1165311
1165787
1165873
1165881
1165984
1165985
1167629
1168075
1168295
1168424
1168829
1168854
1169659
1170056
1170313
1170345
1170423
1170778
1174955
1177155
910252
910253
913650
913651
917152
943457
992549
996511
CVE-2014-8116
CVE-2014-8117
CVE-2014-9620
CVE-2014-9621
CVE-2014-9653
CVE-2016-10198
CVE-2016-10199
CVE-2016-5285
CVE-2016-5290
CVE-2016-5291
CVE-2016-5296
CVE-2016-5297
CVE-2016-9064
CVE-2016-9066
CVE-2016-9074
CVE-2016-9445
CVE-2016-9446
CVE-2016-9809
CVE-2016-9812
CVE-2016-9813
CVE-2017-11464
CVE-2017-15232
CVE-2017-18255
CVE-2017-5840
CVE-2017-5841
CVE-2017-5845
CVE-2017-7500
CVE-2017-7501
CVE-2017-9798
CVE-2018-0732
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-14633
CVE-2018-20856
CVE-2018-21008
CVE-2019-10220
CVE-2019-11091
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12524
CVE-2019-13272
CVE-2019-14615
CVE-2019-14895
CVE-2019-14896
CVE-2019-14897
CVE-2019-14901
CVE-2019-15213
CVE-2019-18660
CVE-2019-18675
CVE-2019-18683
CVE-2019-19052
CVE-2019-19062
CVE-2019-19066
CVE-2019-19073
CVE-2019-19074
CVE-2019-19319
CVE-2019-19332
CVE-2019-19447
CVE-2019-19523
CVE-2019-19524
CVE-2019-19525
CVE-2019-19527
CVE-2019-19530
CVE-2019-19531
CVE-2019-19532
CVE-2019-19533
CVE-2019-19534
CVE-2019-19535
CVE-2019-19536
CVE-2019-19537
CVE-2019-19767
CVE-2019-19768
CVE-2019-19965
CVE-2019-19966
CVE-2019-20054
CVE-2019-20096
CVE-2019-2024
CVE-2019-3701
CVE-2019-5108
CVE-2019-6974
CVE-2019-7221
CVE-2019-7222
CVE-2019-9213
CVE-2019-9455
CVE-2019-9458
CVE-2019-9636
CVE-2019-9948
CVE-2020-10188
CVE-2020-10690
CVE-2020-10720
CVE-2020-10942
CVE-2020-11494
CVE-2020-11608
CVE-2020-11609
CVE-2020-11945
CVE-2020-15708
CVE-2020-25637
CVE-2020-2732
CVE-2020-8647
CVE-2020-8648
CVE-2020-8649
CVE-2020-8992
CVE-2020-9383
SUSE-SU-2016:3014-1
SUSE-SU-2016:3297-1
SUSE-SU-2017:1010-1
SUSE-SU-2017:2117-1
SUSE-SU-2017:2542-1
SUSE-SU-2017:3048-1
SUSE-SU-2018:0373-1
SUSE-SU-2018:1887-1
SUSE-SU-2018:3884-1
SUSE-SU-2020:1533-1
SUSE-SU-2020:3143-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • expat-2.2.5-lp150.1 is installed
  • OR libexpat1-2.2.5-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • evince-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-devel-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-lang-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-plugin-comicsdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-plugin-djvudocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-plugin-dvidocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-plugin-psdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR libevdocument3-4-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR libevview3-3-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR nautilus-evince-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-lp151.4.6 is installed
  • OR typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-lp151.4.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.5.0esr-88 is installed
  • OR MozillaFirefox-translations-45.5.0esr-88 is installed
  • OR libfreebl3-3.21.3-50 is installed
  • OR libfreebl3-32bit-3.21.3-50 is installed
  • OR libfreebl3-hmac-3.21.3-50 is installed
  • OR libfreebl3-hmac-32bit-3.21.3-50 is installed
  • OR libsoftokn3-3.21.3-50 is installed
  • OR libsoftokn3-32bit-3.21.3-50 is installed
  • OR libsoftokn3-hmac-3.21.3-50 is installed
  • OR libsoftokn3-hmac-32bit-3.21.3-50 is installed
  • OR mozilla-nss-3.21.3-50 is installed
  • OR mozilla-nss-32bit-3.21.3-50 is installed
  • OR mozilla-nss-certs-3.21.3-50 is installed
  • OR mozilla-nss-certs-32bit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-32bit-3.21.3-50 is installed
  • OR mozilla-nss-tools-3.21.3-50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • python3-rpm-4.11.2-16.21 is installed
  • OR rpm-4.11.2-16.21 is installed
  • OR rpm-32bit-4.11.2-16.21 is installed
  • OR rpm-build-4.11.2-16.21 is installed
  • OR rpm-python-4.11.2-16.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.26 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.26 is installed
  • OR python-2.7.13-28.26 is installed
  • OR python-32bit-2.7.13-28.26 is installed
  • OR python-base-2.7.13-28.26 is installed
  • OR python-base-32bit-2.7.13-28.26 is installed
  • OR python-curses-2.7.13-28.26 is installed
  • OR python-demo-2.7.13-28.26 is installed
  • OR python-devel-2.7.13-28.26 is installed
  • OR python-doc-2.7.13-28.26 is installed
  • OR python-doc-pdf-2.7.13-28.26 is installed
  • OR python-gdbm-2.7.13-28.26 is installed
  • OR python-idle-2.7.13-28.26 is installed
  • OR python-tk-2.7.13-28.26 is installed
  • OR python-xml-2.7.13-28.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • automake-1.13.4-6 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_178-94_91-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.20.3-2.23 is installed
  • OR libwebkit2gtk-4_0-37-2.20.3-2.23 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.20.3-2.23 is installed
  • OR typelib-1_0-WebKit2-4_0-2.20.3-2.23 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.20.3-2.23 is installed
  • OR webkit2gtk3-2.20.3-2.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND cifs-utils-6.5-9.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-sprockets-2_12-2.12.5-1.4 is installed
  • OR rubygem-sprockets-2_12-2.12.5-1.4 is installed
    • BACK