Oval Definition:oval:org.opensuse.security:def:58634
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:



This update for MozillaFirefox to ESR 45.8 fixes the following issues:

Security issues fixed (bsc#1028391): - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP - CVE-2017-5401: Memory Corruption when handling ErrorResult - CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters - CVE-2017-5404: Use-after-free working with ranges in selections - CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports - CVE-2017-5408: Cross-origin reading of video captions in violation of CORS - CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service - CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
Family:unixClass:patch
Status:Reference(s):1014524
1015567
1022098
1023988
1024041
1024047
1024076
1024079
1024287
1024292
1024294
1028391
1029912
1057662
1060644
1068664
1069591
1076503
1081725
1083926
1083927
1087082
1087083
1089343
1090174
1097356
1100453
1101506
1104076
1104134
1111056
1149496
1159208
1159623
1159819
1168669
1169746
1170908
1171978
1172265
1173022
CVE-2009-0163
CVE-2009-2666
CVE-2009-2820
CVE-2009-3553
CVE-2010-0393
CVE-2010-0540
CVE-2010-0542
CVE-2010-1167
CVE-2010-1748
CVE-2010-2941
CVE-2011-1947
CVE-2011-3389
CVE-2012-0876
CVE-2012-1571
CVE-2012-3482
CVE-2012-5519
CVE-2012-6094
CVE-2013-1430
CVE-2014-2856
CVE-2014-3537
CVE-2014-3710
CVE-2014-5029
CVE-2014-5030
CVE-2014-5031
CVE-2014-8116
CVE-2014-8117
CVE-2014-9679
CVE-2015-1158
CVE-2015-1159
CVE-2016-0718
CVE-2016-4472
CVE-2016-9063
CVE-2017-1000158
CVE-2017-16927
CVE-2017-2581
CVE-2017-2586
CVE-2017-2587
CVE-2017-5398
CVE-2017-5400
CVE-2017-5401
CVE-2017-5402
CVE-2017-5404
CVE-2017-5405
CVE-2017-5407
CVE-2017-5408
CVE-2017-5409
CVE-2017-5410
CVE-2017-5837
CVE-2017-5839
CVE-2017-5842
CVE-2017-5844
CVE-2017-6967
CVE-2017-9103
CVE-2017-9104
CVE-2017-9105
CVE-2017-9106
CVE-2017-9107
CVE-2017-9108
CVE-2017-9109
CVE-2017-9233
CVE-2018-12472
CVE-2018-3639
CVE-2018-3640
CVE-2018-3646
CVE-2018-5729
CVE-2018-5730
CVE-2018-5764
CVE-2018-5848
CVE-2019-17006
CVE-2019-5482
CVE-2020-12399
CVE-2020-12402
SUSE-SU-2017:0714-1
SUSE-SU-2017:1039-1
SUSE-SU-2017:1603-1
SUSE-SU-2018:0174-1
SUSE-SU-2018:0846-1
SUSE-SU-2018:2331-1
SUSE-SU-2018:3467-1
SUSE-SU-2019:1860-1
SUSE-SU-2019:2339-2
SUSE-SU-2020:0497-1
SUSE-SU-2020:1839-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libXdmcp6-1.1.2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • go1.12-1.12.9-lp151.2.17 is installed
  • OR go1.12-doc-1.12.9-lp151.2.17 is installed
  • OR go1.12-race-1.12.9-lp151.2.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.8.0esr-102 is installed
  • OR MozillaFirefox-translations-45.8.0esr-102 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cups-1.7.5-19 is installed
  • OR cups-client-1.7.5-19 is installed
  • OR cups-libs-1.7.5-19 is installed
  • OR cups-libs-32bit-1.7.5-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • kernel-default-4.4.180-94.113 is installed
  • OR kernel-default-base-4.4.180-94.113 is installed
  • OR kernel-default-devel-4.4.180-94.113 is installed
  • OR kernel-devel-4.4.180-94.113 is installed
  • OR kernel-macros-4.4.180-94.113 is installed
  • OR kernel-source-4.4.180-94.113 is installed
  • OR kernel-syms-4.4.180-94.113 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_61-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libtirpc-1.0.1-17.6 is installed
  • OR libtirpc-netconfig-1.0.1-17.6 is installed
  • OR libtirpc3-1.0.1-17.6 is installed
  • OR libtirpc3-32bit-1.0.1-17.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libpulse-mainloop-glib0-5.0-4 is installed
  • OR libpulse-mainloop-glib0-32bit-5.0-4 is installed
  • OR libpulse0-5.0-4 is installed
  • OR libpulse0-32bit-5.0-4 is installed
  • OR pulseaudio-5.0-4 is installed
  • OR pulseaudio-esound-compat-5.0-4 is installed
  • OR pulseaudio-gdm-hooks-5.0-4 is installed
  • OR pulseaudio-lang-5.0-4 is installed
  • OR pulseaudio-module-x11-5.0-4 is installed
  • OR pulseaudio-module-zeroconf-5.0-4 is installed
  • OR pulseaudio-utils-5.0-4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • pdns-4.1.2-3.3 is installed
  • OR pdns-backend-mysql-4.1.2-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • BACK