OVAL Reference oval:org.opensuse.security:def:60804

Oval Definition:

oval:org.opensuse.security:def:60804

Revision Date:	2020-12-01	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.5.0 ESR (bsc#1178824) * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls * CVE-2020-26953: Fullscreen could be enabled without displaying the security UI * CVE-2020-26956: XSS through paste (manual and clipboard API) * CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions * CVE-2020-26959: Use-after-free in WebRequestService * CVE-2020-26960: Potential use-after-free in uses of nsTArray * CVE-2020-15999: Heap buffer overflow in freetype * CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses * CVE-2020-26965: Software keyboards may have remembered typed passwords * CVE-2020-26966: Single-word search queries were also broadcast to local network * CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
Family:	unix	Class:	patch
Status:		Reference(s):	1027519 1055695 1055857 1056278 1056280 1056281 1056282 1057358 1059893 1077001 1120943 1122293 1122299 1124493 1124593 1128481 1128829 1128963 1132728 1132729 1132732 1134297 1136570 1149332 1154162 1154328 1160770 1163985 1164692 1165784 1171475 1171847 1171878 1172085 1172105 1172116 1172121 1172402 1174955 1176013 1177155 1178824 CVE-2016-1000031 CVE-2016-6328 CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 CVE-2017-7544 CVE-2018-1000007 CVE-2018-11212 CVE-2018-20030 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-2974 CVE-2019-3693 CVE-2019-3820 CVE-2019-3860 CVE-2019-7164 CVE-2019-7548 CVE-2019-9278 CVE-2020-0093 CVE-2020-10029 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-15708 CVE-2020-15999 CVE-2020-16012 CVE-2020-1720 CVE-2020-1938 CVE-2020-25637 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26966 CVE-2020-26968 SUSE-SU-2017:2420-1 SUSE-SU-2018:0217-1 SUSE-SU-2019:1606-2 SUSE-SU-2019:2261-1 SUSE-SU-2019:3076-1 SUSE-SU-2020:0050-1 SUSE-SU-2020:0725-1 SUSE-SU-2020:1534-1 SUSE-SU-2020:1563-1 SUSE-SU-2020:3024-1 SUSE-SU-2020:3095-1 SUSE-SU-2020:3548-1
Platform(s):	openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libipa_hbac-devel-1.16.1-lp151.7.3 is installed OR libipa_hbac0-1.16.1-lp151.7.3 is installed OR libnfsidmap-sss-1.16.1-lp151.7.3 is installed OR libsss_certmap-devel-1.16.1-lp151.7.3 is installed OR libsss_certmap0-1.16.1-lp151.7.3 is installed OR libsss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_simpleifp-devel-1.16.1-lp151.7.3 is installed OR libsss_simpleifp0-1.16.1-lp151.7.3 is installed OR python3-ipa_hbac-1.16.1-lp151.7.3 is installed OR python3-sss-murmur-1.16.1-lp151.7.3 is installed OR python3-sss_nss_idmap-1.16.1-lp151.7.3 is installed OR python3-sssd-config-1.16.1-lp151.7.3 is installed OR sssd-1.16.1-lp151.7.3 is installed OR sssd-32bit-1.16.1-lp151.7.3 is installed OR sssd-ad-1.16.1-lp151.7.3 is installed OR sssd-dbus-1.16.1-lp151.7.3 is installed OR sssd-ipa-1.16.1-lp151.7.3 is installed OR sssd-krb5-1.16.1-lp151.7.3 is installed OR sssd-krb5-common-1.16.1-lp151.7.3 is installed OR sssd-ldap-1.16.1-lp151.7.3 is installed OR sssd-proxy-1.16.1-lp151.7.3 is installed OR sssd-tools-1.16.1-lp151.7.3 is installed OR sssd-wbclient-1.16.1-lp151.7.3 is installed OR sssd-wbclient-devel-1.16.1-lp151.7.3 is installed OR sssd-winbind-idmap-1.16.1-lp151.7.3 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information grub2-2.04-lp152.7.9 is installed OR grub2-branding-upstream-2.04-lp152.7.9 is installed OR grub2-i386-efi-2.04-lp152.7.9 is installed OR grub2-i386-efi-debug-2.04-lp152.7.9 is installed OR grub2-i386-pc-2.04-lp152.7.9 is installed OR grub2-i386-pc-debug-2.04-lp152.7.9 is installed OR grub2-i386-xen-2.04-lp152.7.9 is installed OR grub2-snapper-plugin-2.04-lp152.7.9 is installed OR grub2-systemd-sleep-plugin-2.04-lp152.7.9 is installed OR grub2-x86_64-efi-2.04-lp152.7.9 is installed OR grub2-x86_64-efi-debug-2.04-lp152.7.9 is installed OR grub2-x86_64-xen-2.04-lp152.7.9 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information xen-4.9.0_12-3.15 is installed OR xen-doc-html-4.9.0_12-3.15 is installed OR xen-libs-4.9.0_12-3.15 is installed OR xen-libs-32bit-4.9.0_12-3.15 is installed OR xen-tools-4.9.0_12-3.15 is installed OR xen-tools-domU-4.9.0_12-3.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libvirt-3.3.0-5.46 is installed OR libvirt-admin-3.3.0-5.46 is installed OR libvirt-client-3.3.0-5.46 is installed OR libvirt-daemon-3.3.0-5.46 is installed OR libvirt-daemon-config-network-3.3.0-5.46 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.46 is installed OR libvirt-daemon-driver-interface-3.3.0-5.46 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.46 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.46 is installed OR libvirt-daemon-driver-network-3.3.0-5.46 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.46 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.46 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.46 is installed OR libvirt-daemon-driver-secret-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.46 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.46 is installed OR libvirt-daemon-hooks-3.3.0-5.46 is installed OR libvirt-daemon-lxc-3.3.0-5.46 is installed OR libvirt-daemon-qemu-3.3.0-5.46 is installed OR libvirt-daemon-xen-3.3.0-5.46 is installed OR libvirt-doc-3.3.0-5.46 is installed OR libvirt-libs-3.3.0-5.46 is installed OR libvirt-lock-sanlock-3.3.0-5.46 is installed OR libvirt-nss-3.3.0-5.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information postgresql96-9.6.17-3.33 is installed OR postgresql96-contrib-9.6.17-3.33 is installed OR postgresql96-docs-9.6.17-3.33 is installed OR postgresql96-libs-9.6.17-3.33 is installed OR postgresql96-plperl-9.6.17-3.33 is installed OR postgresql96-plpython-9.6.17-3.33 is installed OR postgresql96-pltcl-9.6.17-3.33 is installed OR postgresql96-server-9.6.17-3.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.9.0-109.123 is installed OR MozillaFirefox-translations-common-68.9.0-109.123 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information jakarta-commons-fileupload-1.1.1-122.3 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-122.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information lcms2-2.7-9.7 is installed OR liblcms2-2-2.7-9.7 is installed OR liblcms2-2-32bit-2.7-9.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND python-ipaddress-1.0.18-3.13 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-78.5.0-112.36 is installed OR MozillaFirefox-devel-78.5.0-112.36 is installed OR MozillaFirefox-translations-common-78.5.0-112.36 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.20-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-SQLAlchemy-1.1.12-3.5 is installed

BACK