Oval Definition:	oval:org.opensuse.security:def:60119
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Moderate) Description: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes (bsc#1174538) * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker * CVE-2020-6514: WebRTC data channel leaks internal address to peer * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy * CVE-2020-15653: Bypassing iframe sandbox when allowing popups * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture * CVE-2020-15656: Type confusion for special arguments in IonMonkey * CVE-2020-15658: Overriding file type when saving to disk * CVE-2020-15657: DLL hijacking due to incorrect loading path * CVE-2020-15654: Custom cursor can overlay user interface * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1 Family: unix Class: patch Status: Reference(s): 1006166 1048367 1065000 1068310 1069509 1109160 1118367 1118368 1138743 1145092 1145604 1151021 1154849 1160968 1171740 1173948 1174538 1174662 1174922 1174923 1178682 943457 CVE-2008-1483 CVE-2009-0037 CVE-2009-2417 CVE-2011-0461 CVE-2013-0249 CVE-2013-1944 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998 CVE-2013-2174 CVE-2013-4545 CVE-2014-0015 CVE-2014-0107 CVE-2014-0138 CVE-2014-0139 CVE-2014-3613 CVE-2014-3620 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153 CVE-2016-0755 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6153 CVE-2016-7141 CVE-2016-7167 CVE-2016-7945 CVE-2016-7946 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9586 CVE-2017-15906 CVE-2017-18379 CVE-2017-7407 CVE-2017-7500 CVE-2017-7501 CVE-2018-5741 CVE-2019-10208 CVE-2019-14834 CVE-2019-14835 CVE-2020-12673 CVE-2020-12674 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-25708 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-6463 CVE-2020-6514 CVE-2020-8616 CVE-2020-8617 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2017:3230-1 SUSE-SU-2018:3884-1 SUSE-SU-2019:2159-1 SUSE-SU-2020:0419-1 SUSE-SU-2020:1914-1 SUSE-SU-2020:2232-1 SUSE-SU-2020:2274-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information chromedriver-73.0.3683.75-lp150.206 is installed OR chromium-73.0.3683.75-lp150.206 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information evolution-3.26.6-lp151.4.3 is installed OR evolution-devel-3.26.6-lp151.4.3 is installed OR evolution-lang-3.26.6-lp151.4.3 is installed OR evolution-plugin-bogofilter-3.26.6-lp151.4.3 is installed OR evolution-plugin-pst-import-3.26.6-lp151.4.3 is installed OR evolution-plugin-spamassassin-3.26.6-lp151.4.3 is installed OR glade-catalog-evolution-3.26.6-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libvirglrenderer0-0.5.0-12.3 is installed OR virglrenderer-0.5.0-12.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mutt-1.10.1-55.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information at-3.1.14-8.6 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information xen-4.11.4_06-2.33 is installed OR xen-doc-html-4.11.4_06-2.33 is installed OR xen-libs-4.11.4_06-2.33 is installed OR xen-libs-32bit-4.11.4_06-2.33 is installed OR xen-tools-4.11.4_06-2.33 is installed OR xen-tools-domU-4.11.4_06-2.33 is installed
BACK