Oval Definition:	oval:org.opensuse.security:def:58548
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback (bsc#1052829) - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts (bsc#1052829) - CVE-2017-7792 Buffer overflow viewing certificates with an extremely long OID (bsc#1052829) - CVE-2017-7782 WindowsDllDetourPatcher allocates memory without DEP protections (bsc#1052829) - CVE-2017-7787 Same-origin policy bypass with iframes through page reloads (bsc#1052829) - CVE-2017-7786 Buffer overflow while painting non-displayable SVG (bsc#1052829) - CVE-2017-7785 Buffer overflow manipulating ARIA attributes in DOM (bsc#1052829) - CVE-2017-7784 Use-after-free with image observers (bsc#1052829) - CVE-2017-7753 Out-of-bounds read with cached style data and pseudo-elements (bsc#1052829) - CVE-2017-7798 XUL injection in the style editor in devtools (bsc#1052829) - CVE-2017-7804 Memory protection bypass through WindowsDllDetourPatcher (bsc#1052829) - CVE-2017-7779 Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3 (bsc#1052829) - CVE-2017-7800 Use-after-free in WebSockets during disconnection (bsc#1052829) - CVE-2017-7801 Use-after-free with marquee during window resizing (bsc#1052829) - CVE-2017-7802 Use-after-free resizing image elements (bsc#1052829) - CVE-2017-7803 CSP containing 'sandbox' improperly applied (bsc#1052829) Family: unix Class: patch Status: Reference(s): 1001600 1010977 1010979 1011830 1012530 1015993 1018128 1020983 1030263 1032114 1032120 1033466 1033467 1033468 1036453 1052829 1065274 1077291 1082023 1090338 1091396 1095735 1096740 1105010 1154212 1156275 1158442 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1160467 1160468 1160968 1162972 1172515 1176315 964336 974655 980722 987866 989528 994989 CVE-2016-10220 CVE-2016-2775 CVE-2016-4912 CVE-2016-6170 CVE-2016-7567 CVE-2016-8654 CVE-2016-9395 CVE-2016-9398 CVE-2016-9560 CVE-2016-9591 CVE-2016-9601 CVE-2017-15088 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 CVE-2017-5715 CVE-2017-5951 CVE-2017-7207 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-8291 CVE-2018-15473 CVE-2018-3665 CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-14869 CVE-2019-14896 CVE-2019-14897 CVE-2019-19604 CVE-2019-2933 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-4732 CVE-2020-17507 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 SUSE-SU-2017:0084-1 SUSE-SU-2017:0998-1 SUSE-SU-2017:1404-1 SUSE-SU-2017:2589-1 SUSE-SU-2017:2948-1 SUSE-SU-2018:0100-1 SUSE-SU-2018:0374-1 SUSE-SU-2018:2099-1 SUSE-SU-2018:3910-1 SUSE-SU-2019:2983-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cups-2.2.7-lp150.1 is installed OR cups-client-2.2.7-lp150.1 is installed OR cups-config-2.2.7-lp150.1 is installed OR libcups2-2.2.7-lp150.1 is installed OR libcupscgi1-2.2.7-lp150.1 is installed OR libcupsimage2-2.2.7-lp150.1 is installed OR libcupsmime1-2.2.7-lp150.1 is installed OR libcupsppdc1-2.2.7-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information fence-agents-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed OR fence-agents-amt_ws-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed OR fence-agents-devel-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information MozillaFirefox-52.3.0esr-109.3 is installed OR MozillaFirefox-translations-52.3.0esr-109.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.30 is installed OR openssh-askpass-gnome-7.2p2-74.30 is installed OR openssh-fips-7.2p2-74.30 is installed OR openssh-helpers-7.2p2-74.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXv1-1.0.10-7 is installed OR libXv1-32bit-1.0.10-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libruby2_1-2_1-2.1.9-19.3 is installed OR ruby2.1-2.1.9-19.3 is installed OR ruby2.1-stdlib-2.1.9-19.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_107-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_29-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND gd-2.1.0-24.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXtst6-1.2.2-7 is installed OR libXtst6-32bit-1.2.2-7 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information git-2.12.3-27.22 is installed OR git-core-2.12.3-27.22 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.31-3.25 is installed OR mariadb-galera-10.2.31-3.25 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information apache2-2.4.23-29.54 is installed OR apache2-doc-2.4.23-29.54 is installed OR apache2-example-pages-2.4.23-29.54 is installed OR apache2-prefork-2.4.23-29.54 is installed OR apache2-utils-2.4.23-29.54 is installed OR apache2-worker-2.4.23-29.54 is installed
BACK