Oval Definition:	oval:org.opensuse.security:def:60737
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Moderate) Description: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes (bsc#1174538) * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker * CVE-2020-6514: WebRTC data channel leaks internal address to peer * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy * CVE-2020-15653: Bypassing iframe sandbox when allowing popups * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture * CVE-2020-15656: Type confusion for special arguments in IonMonkey * CVE-2020-15658: Overriding file type when saving to disk * CVE-2020-15657: DLL hijacking due to incorrect loading path * CVE-2020-15654: Custom cursor can overlay user interface * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1 Family: unix Class: patch Status: Reference(s): 1047044 1047898 1050120 1050606 1051446 1052468 1052550 1052710 1052720 1052731 1052732 1055065 1055323 1055434 1055855 1058640 1059751 1064990 1074123 1074969 1074973 1074975 1082318 1088004 1088009 1102840 1110850 1112066 1112695 1113668 1113669 1114828 1114837 1116600 1127820 1127821 1127822 1130840 1141853 1149955 1150003 1150250 1153238 1154162 1156146 1160039 1160398 1160467 1160468 1162423 1163102 1163103 1163104 1169511 1170601 1171477 1171863 1171864 1171866 1171930 1173274 1173948 1174091 1174538 1174543 1174701 CVE-2017-10800 CVE-2017-11141 CVE-2017-11529 CVE-2017-11644 CVE-2017-11724 CVE-2017-12434 CVE-2017-12564 CVE-2017-12618 CVE-2017-12667 CVE-2017-12670 CVE-2017-12672 CVE-2017-12675 CVE-2017-13060 CVE-2017-13146 CVE-2017-13648 CVE-2017-13658 CVE-2017-14326 CVE-2017-14533 CVE-2017-17881 CVE-2017-18022 CVE-2018-11784 CVE-2018-12178 CVE-2018-12180 CVE-2018-14647 CVE-2018-16471 CVE-2018-16850 CVE-2018-19131 CVE-2018-19132 CVE-2018-20852 CVE-2018-3630 CVE-2018-5246 CVE-2018-5247 CVE-2019-14818 CVE-2019-14896 CVE-2019-14897 CVE-2019-1547 CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-1563 CVE-2019-16056 CVE-2019-16935 CVE-2019-20907 CVE-2019-2974 CVE-2019-9947 CVE-2020-10543 CVE-2020-10722 CVE-2020-10878 CVE-2020-12723 CVE-2020-14422 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-6463 CVE-2020-6514 SUSE-SU-2017:3278-1 SUSE-SU-2018:0130-1 SUSE-SU-2019:0579-1 SUSE-SU-2019:1440-1 SUSE-SU-2019:2413-1 SUSE-SU-2020:0050-1 SUSE-SU-2020:0488-1 SUSE-SU-2020:1662-1 SUSE-SU-2020:1686-1 SUSE-SU-2020:2100-1 SUSE-SU-2020:2194-1 SUSE-SU-2020:2699-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information python-cryptography-2.1.4-lp150.3.3 is installed OR python2-cryptography-2.1.4-lp150.3.3 is installed OR python3-cryptography-2.1.4-lp150.3.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND squid-4.8-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libapr-util1-1.5.3-2.3 is installed OR libapr-util1-dbd-sqlite3-1.5.3-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information perl-5.18.2-12.23 is installed OR perl-32bit-5.18.2-12.23 is installed OR perl-base-5.18.2-12.23 is installed OR perl-doc-5.18.2-12.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information dpdk-16.11.9-8.15 is installed OR dpdk-kmp-default-16.11.9_k4.4.180_94.127-8.15 is installed OR dpdk-thunderx-16.11.9-8.15 is installed OR dpdk-thunderx-kmp-default-16.11.9_k4.4.180_94.127-8.15 is installed OR dpdk-tools-16.11.9-8.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information tomcat-8.0.53-29.16 is installed OR tomcat-admin-webapps-8.0.53-29.16 is installed OR tomcat-docs-webapp-8.0.53-29.16 is installed OR tomcat-el-3_0-api-8.0.53-29.16 is installed OR tomcat-javadoc-8.0.53-29.16 is installed OR tomcat-jsp-2_3-api-8.0.53-29.16 is installed OR tomcat-lib-8.0.53-29.16 is installed OR tomcat-servlet-3_1-api-8.0.53-29.16 is installed OR tomcat-webapps-8.0.53-29.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dhcp-4.3.3-10.14 is installed OR dhcp-client-4.3.3-10.14 is installed OR dhcp-relay-4.3.3-10.14 is installed OR dhcp-server-4.3.3-10.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libzypp-16.21.2-2.45 is installed OR libzypp-devel-16.21.2-2.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND xrdp-0.9.0~git.1456906198.f422461-21.27 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-rack-1.6.11-3.3 is installed OR rubygem-rack-1.6.11-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND haproxy-1.6.11-11.3 is installed
BACK