Oval Definition:	oval:org.opensuse.security:def:59151
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr (MFSA 2019-37 bsc#1158328) Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction (bmo#1546331) - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code (bmo#1580156) - CVE-2019-11745: Fixed an out of bounds write in NSS when encrypting with a block cipher (bmo#1586176) - CVE-2019-17009: Fixed an issue where updater temporary files accessible to unprivileged processes (bmo#1510494) - CVE-2019-17010: Fixed a use-after-free when performing device orientation checks (bmo#1581084) - CVE-2019-17005: Fixed a buffer overflow in plain text serializer (bmo#1584170) - CVE-2019-17011: Fixed a use-after-free when retrieving a document in antitracking (bmo#1591334) - CVE-2019-17012: Fixed multiple memmory issues (bmo#1449736, bmo#1533957, bmo#1560667,bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502) Family: unix Class: patch Status: Reference(s): 1027282 1041090 1042670 1073269 1073748 1078326 1078485 1081750 1084650 1086001 1102682 1104662 1114592 1120489 1120813 1122292 1122293 1122299 1127458 1132665 1135254 1141780 1141782 1141783 1141785 1141787 1141789 1141897 1142649 1142654 1147021 1148517 1149145 1149792 1152107 1153830 1155094 1158328 1159035 1159913 1160467 1160468 1162202 1162224 1162367 1162675 1162825 1163985 1165631 1165894 1166238 1168930 1169605 1169786 1169936 1170302 1170411 1170741 1170939 1171561 1173798 1174205 1174757 1175691 1176069 945401 CVE-2007-4772 CVE-2007-6600 CVE-2009-4034 CVE-2009-4136 CVE-2010-1169 CVE-2010-1170 CVE-2010-3433 CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 CVE-2012-2143 CVE-2012-2655 CVE-2012-3488 CVE-2012-3489 CVE-2013-0255 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-5288 CVE-2015-5289 CVE-2016-0766 CVE-2016-0773 CVE-2016-2193 CVE-2016-3065 CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 CVE-2018-11212 CVE-2018-11212 CVE-2018-20217 CVE-2018-5390 CVE-2019-11745 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-13722 CVE-2019-14250 CVE-2019-14896 CVE-2019-14897 CVE-2019-15847 CVE-2019-16746 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-18348 CVE-2019-18634 CVE-2019-20503 CVE-2019-2422 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-3840 CVE-2019-4473 CVE-2019-5108 CVE-2019-7317 CVE-2019-9674 CVE-2020-11008 CVE-2020-14314 CVE-2020-14331 CVE-2020-14386 CVE-2020-16166 CVE-2020-1720 CVE-2020-1749 CVE-2020-5260 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-8492 SUSE-SU-2019:0111-1 SUSE-SU-2019:0553-1 SUSE-SU-2019:0604-1 SUSE-SU-2019:2371-1 SUSE-SU-2019:3347-1 SUSE-SU-2020:0406-1 SUSE-SU-2020:0715-1 SUSE-SU-2020:0717-1 SUSE-SU-2020:0868-1 SUSE-SU-2020:1524-1 SUSE-SU-2020:2576-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.0 NonFree openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information kernel-default-4.12.14-lp150.11 is installed OR kernel-vanilla-base-4.12.14-lp150.11 is installed Definition Synopsis openSUSE Leap 15.0 NonFree is installed AND opera-63.0.3368.66-lp151.2.6 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information lighttpd-1.4.54-lp151.3.3 is installed OR lighttpd-mod_authn_gssapi-1.4.54-lp151.3.3 is installed OR lighttpd-mod_authn_ldap-1.4.54-lp151.3.3 is installed OR lighttpd-mod_authn_mysql-1.4.54-lp151.3.3 is installed OR lighttpd-mod_authn_pam-1.4.54-lp151.3.3 is installed OR lighttpd-mod_authn_sasl-1.4.54-lp151.3.3 is installed OR lighttpd-mod_cml-1.4.54-lp151.3.3 is installed OR lighttpd-mod_geoip-1.4.54-lp151.3.3 is installed OR lighttpd-mod_magnet-1.4.54-lp151.3.3 is installed OR lighttpd-mod_maxminddb-1.4.54-lp151.3.3 is installed OR lighttpd-mod_mysql_vhost-1.4.54-lp151.3.3 is installed OR lighttpd-mod_rrdtool-1.4.54-lp151.3.3 is installed OR lighttpd-mod_trigger_b4_dl-1.4.54-lp151.3.3 is installed OR lighttpd-mod_vhostdb_dbi-1.4.54-lp151.3.3 is installed OR lighttpd-mod_vhostdb_ldap-1.4.54-lp151.3.3 is installed OR lighttpd-mod_vhostdb_mysql-1.4.54-lp151.3.3 is installed OR lighttpd-mod_vhostdb_pgsql-1.4.54-lp151.3.3 is installed OR lighttpd-mod_webdav-1.4.54-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information krb5-1.12.5-40.31 is installed OR krb5-32bit-1.12.5-40.31 is installed OR krb5-client-1.12.5-40.31 is installed OR krb5-doc-1.12.5-40.31 is installed OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed OR krb5-server-1.12.5-40.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-devel-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libecpg6-9.6.3-2 is installed OR libpq5-9.6.3-2 is installed OR libpq5-32bit-9.6.3-2 is installed OR postgresql96-9.6.3-2 is installed OR postgresql96-contrib-9.6.3-2 is installed OR postgresql96-docs-9.6.3-2 is installed OR postgresql96-server-9.6.3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND sudo-1.8.20p2-3.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_7_0-openjdk-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_155-94_50-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_17-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND gd-2.1.0-24.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
BACK