Oval Definition:	oval:org.opensuse.security:def:59097
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. (bsc#1149303) - CVE-2019-11746: Fixed a use-after-free while manipulating video. (bsc#1149297) - CVE-2019-11744: Fixed an XSS caused by breaking out of title and textarea elements using innerHTML. (bsc#1149304) - CVE-2019-11753: Fixed a privilege escalation with Mozilla Maintenance Service in custom Firefox installation location. (bsc#1149295) - CVE-2019-11752: Fixed a use-after-free while extracting a key value in IndexedDB. (bsc#1149296) - CVE-2019-11743: Fixed a timing side-channel attack on cross-origin information, utilizing unload event attributes. (bsc#1149298) - CVE-2019-11740: Fixed several memory safety bugs. (bsc#1149299) Family: unix Class: patch Status: Reference(s): 1049825 1082828 1092493 1103098 1104662 1105988 1109893 1110542 1111319 1112911 1113296 1116995 1118021 1118024 1118099 1118597 1119947 1120629 1120630 1120631 1120813 1127155 1127458 1130246 1131823 1134226 1137977 1140039 1141670 1144903 1145521 1149294 1149295 1149296 1149297 1149298 1149299 1149303 1149304 1149324 1153108 1153158 1153161 1161167 1163933 1173027 1173998 1174157 1174628 1175259 CVE-2011-3630 CVE-2011-3631 CVE-2011-3632 CVE-2015-8025 CVE-2015-9542 CVE-2017-15130 CVE-2018-15869 CVE-2018-16884 CVE-2018-19870 CVE-2018-19872 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-5391 CVE-2019-10220 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 CVE-2019-11753 CVE-2019-17133 CVE-2019-17639 CVE-2019-3840 CVE-2019-9812 CVE-2020-0569 CVE-2020-13753 CVE-2020-14344 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-8177 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 SUSE-SU-2018:2632-2 SUSE-SU-2019:0553-1 SUSE-SU-2019:2265-1 SUSE-SU-2019:2436-1 SUSE-SU-2020:0251-1 SUSE-SU-2020:0318-1 SUSE-SU-2020:1117-1 SUSE-SU-2020:1732-1 SUSE-SU-2020:2069-1 SUSE-SU-2020:2482-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information elfutils-0.168-lp150.2 is installed OR elfutils-lang-0.168-lp150.2 is installed OR libasm1-0.168-lp150.2 is installed OR libdw1-0.168-lp150.2 is installed OR libdw1-32bit-0.168-lp150.2 is installed OR libebl-plugins-0.168-lp150.2 is installed OR libebl-plugins-32bit-0.168-lp150.2 is installed OR libelf1-0.168-lp150.2 is installed OR libelf1-32bit-0.168-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information python-urllib3-1.24-lp151.2.3 is installed OR python-urllib3-test-1.24-lp151.2.3 is installed OR python2-urllib3-1.24-lp151.2.3 is installed OR python2-urllib3-test-1.24-lp151.2.3 is installed OR python3-urllib3-1.24-lp151.2.3 is installed OR python3-urllib3-test-1.24-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_85-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_23-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-devel-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND hardlink-1.0-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_143-94_47-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information groff-1.22.2-5 is installed OR groff-full-1.22.2-5 is installed OR gxditview-1.22.2-5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed OR libwebkit2gtk3-lang-2.28.3-2.56 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed OR webkit2gtk3-2.28.3-2.56 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.17.0-11.24 is installed
BACK