Oval Definition:oval:org.opensuse.security:def:59028
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

Security issues fixed:

- CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox - CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks - CVE-2019-7317: Use-after-free in png_image_free of libpng library - CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 - CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS - CVE-2019-9816: Type confusion with object groups and UnboxedObjects - CVE-2019-9817: Stealing of cross-domain images using canvas - CVE-2019-9818: Use-after-free in crash generation server - CVE-2019-9819: Compartment mismatch with fetch API - CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell

Non-security issues fixed:

- Font and date adjustments to accommodate the new Reiwa era in Japan - Update to Firefox ESR 60.7 (bsc#1135824)
Family:unixClass:patch
Status:Reference(s):1054413
1073879
1085449
1086825
1092098
1093311
1093414
1110279
1111622
1116998
1122668
1135824
1138872
1141780
1141782
1141783
1141785
1141789
1146358
1146359
1147021
1150734
1151021
1157198
1157471
1169659
1170313
1170423
1171186
1178666
1178667
1178668
761500
922448
929736
935252
945455
947357
961596
967128
CVE-2014-9645
CVE-2015-2296
CVE-2015-3451
CVE-2018-1000301
CVE-2018-1417
CVE-2018-18074
CVE-2018-2783
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-4191
CVE-2018-4197
CVE-2018-4207
CVE-2018-4208
CVE-2018-4209
CVE-2018-4210
CVE-2018-4212
CVE-2018-4213
CVE-2018-4261
CVE-2018-4262
CVE-2018-4263
CVE-2018-4264
CVE-2018-4265
CVE-2018-4266
CVE-2018-4267
CVE-2018-4270
CVE-2018-4272
CVE-2018-4273
CVE-2018-4278
CVE-2018-4284
CVE-2018-4299
CVE-2018-4306
CVE-2018-4309
CVE-2018-4312
CVE-2018-4314
CVE-2018-4315
CVE-2018-4316
CVE-2018-4317
CVE-2018-4318
CVE-2018-4319
CVE-2018-4323
CVE-2018-4328
CVE-2018-4345
CVE-2018-4358
CVE-2018-4359
CVE-2018-4361
CVE-2018-4372
CVE-2018-4373
CVE-2018-4375
CVE-2018-4376
CVE-2018-4378
CVE-2018-4382
CVE-2018-4386
CVE-2018-4392
CVE-2018-4416
CVE-2019-11691
CVE-2019-11692
CVE-2019-11693
CVE-2019-11694
CVE-2019-11698
CVE-2019-11708
CVE-2019-11771
CVE-2019-11775
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12524
CVE-2019-14835
CVE-2019-19191
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2816
CVE-2019-3688
CVE-2019-3690
CVE-2019-4473
CVE-2019-7317
CVE-2019-7317
CVE-2019-8675
CVE-2019-8696
CVE-2019-9800
CVE-2019-9815
CVE-2019-9816
CVE-2019-9817
CVE-2019-9818
CVE-2019-9819
CVE-2019-9820
CVE-2020-11945
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
CVE-2020-6831
SUSE-SU-2018:1327-2
SUSE-SU-2019:0059-1
SUSE-SU-2019:1388-1
SUSE-SU-2019:1684-1
SUSE-SU-2019:2613-1
SUSE-SU-2019:3057-1
SUSE-SU-2019:3180-1
SUSE-SU-2020:1218-1
SUSE-SU-2020:1227-1
SUSE-SU-2020:1792-1
SUSE-SU-2020:3464-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • containerd-1.1.2-lp150.4.3 is installed
  • OR containerd-ctr-1.1.2-lp150.4.3 is installed
  • OR containerd-kubic-1.1.2-lp150.4.3 is installed
  • OR containerd-kubic-ctr-1.1.2-lp150.4.3 is installed
  • OR containerd-kubic-test-1.1.2-lp150.4.3 is installed
  • OR containerd-test-1.1.2-lp150.4.3 is installed
  • OR docker-18.06.1_ce-lp150.5.6 is installed
  • OR docker-bash-completion-18.06.1_ce-lp150.5.6 is installed
  • OR docker-kubic-18.06.1_ce-lp150.5.6 is installed
  • OR docker-kubic-bash-completion-18.06.1_ce-lp150.5.6 is installed
  • OR docker-kubic-test-18.06.1_ce-lp150.5.6 is installed
  • OR docker-kubic-zsh-completion-18.06.1_ce-lp150.5.6 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3 is installed
  • OR docker-libnetwork-kubic-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3 is installed
  • OR docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3 is installed
  • OR docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3 is installed
  • OR docker-runc-kubic-test-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3 is installed
  • OR docker-runc-test-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3 is installed
  • OR docker-test-18.06.1_ce-lp150.5.6 is installed
  • OR docker-zsh-completion-18.06.1_ce-lp150.5.6 is installed
  • OR go-1.10.4-lp150.2.7 is installed
  • OR go-doc-1.10.4-lp150.2.7 is installed
  • OR go-race-1.10.4-lp150.2.7 is installed
  • OR go1.10-1.10.7-lp150.2 is installed
  • OR go1.10-doc-1.10.7-lp150.2 is installed
  • OR go1.10-race-1.10.7-lp150.2 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3 is installed
  • OR golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3 is installed
  • OR golang-packaging-15.0.11-lp150.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • tomcat-9.0.21-lp151.3.3 is installed
  • OR tomcat-admin-webapps-9.0.21-lp151.3.3 is installed
  • OR tomcat-docs-webapp-9.0.21-lp151.3.3 is installed
  • OR tomcat-el-3_0-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-embed-9.0.21-lp151.3.3 is installed
  • OR tomcat-javadoc-9.0.21-lp151.3.3 is installed
  • OR tomcat-jsp-2_3-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-jsvc-9.0.21-lp151.3.3 is installed
  • OR tomcat-lib-9.0.21-lp151.3.3 is installed
  • OR tomcat-servlet-4_0-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-webapps-9.0.21-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • curl-7.37.0-37.23 is installed
  • OR libcurl4-7.37.0-37.23 is installed
  • OR libcurl4-32bit-7.37.0-37.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • MozillaFirefox-60.7.0-109.72 is installed
  • OR MozillaFirefox-devel-60.7.0-109.72 is installed
  • OR MozillaFirefox-translations-common-60.7.0-109.72 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.4-2.59 is installed
  • OR libwebkit2gtk-4_0-37-2.28.4-2.59 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.4-2.59 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.4-2.59 is installed
  • OR webkit2gtk3-2.28.4-2.59 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND yast2-smt-3.0.14-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND autofs-5.0.9-28.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • tomcat-9.0.36-3.45 is installed
  • OR tomcat-admin-webapps-9.0.36-3.45 is installed
  • OR tomcat-docs-webapp-9.0.36-3.45 is installed
  • OR tomcat-el-3_0-api-9.0.36-3.45 is installed
  • OR tomcat-javadoc-9.0.36-3.45 is installed
  • OR tomcat-jsp-2_3-api-9.0.36-3.45 is installed
  • OR tomcat-lib-9.0.36-3.45 is installed
  • OR tomcat-servlet-4_0-api-9.0.36-3.45 is installed
  • OR tomcat-webapps-9.0.36-3.45 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND permissions-2015.09.28.1626-17.20 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • BACK