Oval Definition:oval:org.opensuse.security:def:60603
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox, mozilla-nss fixes the following issues:

MozillaFirefox to version ESR 60.8:

- CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868). - CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868). - CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868). - CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868). - CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868). - CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868). - CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868). - CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868). - CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868). - CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868).

mozilla-nss to version 3.44.1:

Added IPSEC IKE support to softoken * Many new FIPS test cases
Family:unixClass:patch
Status:Reference(s):1012382
1015336
1015337
1015340
1019683
1019695
1020645
1027260
1027457
1040519
1042286
1043083
1046264
1047487
1048688
1048916
1065600
1066223
1068032
1069702
1070805
1077718
1079935
1087082
1091405
1091764
1093158
1094244
1094973
1096242
1096281
1097375
1099523
1100105
1101557
1102439
1102660
1103156
1103257
1103624
1104098
1104731
1105412
1106105
1106237
1106240
1106929
1107385
1108145
1108240
1108630
1108631
1108632
1109272
1109330
1109806
1110286
1111062
1111180
1111809
1112246
1112963
1113412
1114157
1114169
1114190
1114417
1114475
1114592
1114648
1114763
1114839
1114871
1115431
1115433
1115440
1115587
1115709
1115904
1116027
1116183
1116285
1116336
1116345
1116497
1116841
1116924
1116950
1117162
1117165
1117186
1117562
1118152
1118316
1118319
1118505
1118790
1118798
1118915
1118922
1118926
1118930
1118936
1119204
1119714
1119877
1119946
1119967
1119970
1120046
1120374
1120743
1121239
1121240
1121241
1121242
1121275
1121621
1122983
1125357
1129734
1132852
1133817
1135254
1135773
1140868
1141897
1142649
1142654
1145383
1145498
1146206
1148426
1148517
1149110
1149145
1149535
1150003
1150250
1151206
1162202
1162675
1165402
1165631
1165643
1166290
1167240
1167373
1168994
1170170
1173304
1173942
1173991
1174284
1175626
1175656
1175686
1176012
1176382
1176896
1176931
1178387
144694
CVE-2017-16939
CVE-2017-5637
CVE-2018-10851
CVE-2018-1120
CVE-2018-14626
CVE-2018-16862
CVE-2018-16884
CVE-2018-17096
CVE-2018-17097
CVE-2018-17098
CVE-2018-18500
CVE-2018-18501
CVE-2018-18505
CVE-2018-19407
CVE-2018-19824
CVE-2018-19985
CVE-2018-20169
CVE-2018-3639
CVE-2018-7167
CVE-2018-9568
CVE-2019-0201
CVE-2019-11596
CVE-2019-11709
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11715
CVE-2019-11717
CVE-2019-11719
CVE-2019-11729
CVE-2019-11730
CVE-2019-14250
CVE-2019-14806
CVE-2019-15026
CVE-2019-1547
CVE-2019-1563
CVE-2019-15847
CVE-2019-18634
CVE-2019-18860
CVE-2019-3871
CVE-2019-9811
CVE-2020-0429
CVE-2020-0431
CVE-2020-10713
CVE-2020-11668
CVE-2020-12059
CVE-2020-14059
CVE-2020-14381
CVE-2020-15663
CVE-2020-15664
CVE-2020-15670
CVE-2020-1749
CVE-2020-25212
CVE-2020-25692
CVE-2020-5247
CVE-2020-9543
SUSE-SU-2018:1892-1
SUSE-SU-2018:3606-1
SUSE-SU-2019:0148-1
SUSE-SU-2019:0336-1
SUSE-SU-2019:1861-1
SUSE-SU-2019:2358-1
SUSE-SU-2020:1066-1
SUSE-SU-2020:1158-1
SUSE-SU-2020:1803-1
SUSE-SU-2020:2544-1
SUSE-SU-2020:3219-1
SUSE-SU-2020:3314-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • bouncycastle-1.60-lp150.2.3 is installed
  • OR bouncycastle-javadoc-1.60-lp150.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • fence-agents-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed
  • OR fence-agents-amt_ws-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed
  • OR fence-agents-devel-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libSoundTouch0-1.7.1-5.6 is installed
  • OR soundtouch-1.7.1-5.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_130-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_35-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ovmf-2017+git1492060560.b6d11d7c46-4.26 is installed
  • OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.26 is installed
  • OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-6 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • kernel-default-4.12.14-95.60 is installed
  • OR kernel-default-base-4.12.14-95.60 is installed
  • OR kernel-default-devel-4.12.14-95.60 is installed
  • OR kernel-devel-4.12.14-95.60 is installed
  • OR kernel-macros-4.12.14-95.60 is installed
  • OR kernel-source-4.12.14-95.60 is installed
  • OR kernel-syms-4.12.14-95.60 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND nodejs6-6.14.3-11.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • MozillaFirefox-78.1.0-112.8 is installed
  • OR MozillaFirefox-devel-78.1.0-112.8 is installed
  • OR MozillaFirefox-translations-common-78.1.0-112.8 is installed
    • BACK