Oval Definition:	oval:org.opensuse.security:def:60061
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR (bsc#1171186): - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020-6831: Buffer overflow in SCTP chunk input validation - CVE-2020-12392: Arbitrary local file access with 'Copy as cURL' - CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection - CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 Family: unix Class: patch Status: Reference(s): 1076832 1077717 1106383 1133495 1138034 1139459 1151377 1151506 1154043 1155574 1156482 1159814 1160305 1160498 1160895 1160912 1162108 1162388 1166844 1169511 1171186 1172031 1172225 1172277 1172402 1173274 1174157 1175259 929629 CVE-2009-3297 CVE-2011-0541 CVE-2012-1152 CVE-2013-6393 CVE-2014-2525 CVE-2014-8146 CVE-2014-8147 CVE-2014-9130 CVE-2015-3202 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-6489 CVE-2018-6003 CVE-2019-10164 CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-17639 CVE-2019-18901 CVE-2019-20807 CVE-2020-10531 CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14422 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-1712 CVE-2020-2574 CVE-2020-2654 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-6831 SUSE-SU-2017:2318-1 SUSE-SU-2018:0295-1 SUSE-SU-2019:1783-2 SUSE-SU-2020:0527-1 SUSE-SU-2020:1180-1 SUSE-SU-2020:1550-1 SUSE-SU-2020:1563-1 SUSE-SU-2020:2157-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND squashfs-4.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND ledger-3.1.3-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-68.8.0-109.119 is installed OR MozillaFirefox-devel-68.8.0-109.119 is installed OR MozillaFirefox-translations-common-68.8.0-109.119 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fuse-2.9.3-5 is installed OR libfuse2-2.9.3-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libqca2-2.0.3-17.7 is installed OR libqca2-32bit-2.0.3-17.7 is installed OR libqt4-4.8.7-8.8 is installed OR libqt4-32bit-4.8.7-8.8 is installed OR libqt4-devel-doc-4.8.7-8.8 is installed OR libqt4-qt3support-4.8.7-8.8 is installed OR libqt4-qt3support-32bit-4.8.7-8.8 is installed OR libqt4-sql-4.8.7-8.8 is installed OR libqt4-sql-32bit-4.8.7-8.8 is installed OR libqt4-sql-mysql-4.8.7-8.8 is installed OR libqt4-sql-plugins-4.8.7-8.8 is installed OR libqt4-sql-sqlite-4.8.7-8.8 is installed OR libqt4-x11-4.8.7-8.8 is installed OR libqt4-x11-32bit-4.8.7-8.8 is installed OR qt4-x11-tools-4.8.7-8.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information curl-7.60.0-2 is installed OR libcurl4-7.60.0-2 is installed OR libcurl4-32bit-7.60.0-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND squid-3.5.21-26.29 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libmysqlclient18-10.0.40.3-29.38 is installed OR mariadb-10.0.40.3-29.38 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information dovecot22-2.2.31-19.22 is installed OR dovecot22-backend-mysql-2.2.31-19.22 is installed OR dovecot22-backend-pgsql-2.2.31-19.22 is installed OR dovecot22-backend-sqlite-2.2.31-19.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-ipaddress-1.0.18-3.13 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.1-11.30 is installed
BACK