OVAL Reference oval:org.opensuse.security:def:6089

Oval Definition:

oval:org.opensuse.security:def:6089

Revision Date:	2022-07-06	Version:	1
Title:	Security update for MozillaFirefox (Important)
Description:	This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR (MFSA 2022-25) (bsc#1200793): - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution (bmo#1771381) - CVE-2022-31744: CSP bypass enabling stylesheet injection (bmo#1757604) - CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (bmo#1768537) - CVE-2022-34470: Use-after-free in nsSHistory (bmo#1765951) - CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked (bmo#1770123) - CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt (bmo#1773717) - CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content (bmo#1745595) - CVE-2022-34481: Potential integer overflow in ReplaceElementsAt (bmo#1497246) - CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (bmo#1763634, bmo#1772651)
Family:	unix	Class:	patch
Status:		Reference(s):	1084929 1200793 CVE-2006-4484 CVE-2007-6600 CVE-2009-0163 CVE-2009-2820 CVE-2009-3553 CVE-2009-4034 CVE-2009-4136 CVE-2009-4492 CVE-2010-0393 CVE-2010-0540 CVE-2010-0541 CVE-2010-0542 CVE-2010-1169 CVE-2010-1170 CVE-2010-1748 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2010-2941 CVE-2010-3433 CVE-2011-1004 CVE-2011-1005 CVE-2011-4815 CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 CVE-2012-2143 CVE-2012-2655 CVE-2012-3488 CVE-2012-3489 CVE-2012-4433 CVE-2012-5519 CVE-2012-6094 CVE-2013-0255 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-2139 CVE-2013-4242 CVE-2014-0004 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2014-2856 CVE-2014-3537 CVE-2014-3591 CVE-2014-4607 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-8962 CVE-2014-9028 CVE-2014-9474 CVE-2014-9679 CVE-2015-0837 CVE-2015-0848 CVE-2015-1158 CVE-2015-1159 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-3223 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696 CVE-2015-5288 CVE-2015-5289 CVE-2015-5330 CVE-2015-7511 CVE-2016-2399 CVE-2016-6313 CVE-2017-1000083 CVE-2017-18190 CVE-2017-18248 CVE-2017-7526 CVE-2018-0495 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2022-2200 CVE-2022-31744 CVE-2022-34468 CVE-2022-34470 CVE-2022-34472 CVE-2022-34478 CVE-2022-34479 CVE-2022-34481 CVE-2022-34484 SUSE-SU-2022:2289-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information openstack-neutron-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3 is installed OR openstack-nova-2014.2.4~a0~dev80-14.1 is installed OR openstack-nova-compute-2014.2.4~a0~dev80-14.1 is installed OR python-neutron-2014.2.4~a0~dev103-10.3 is installed OR python-nova-2014.2.4~a0~dev80-14.1 is installed OR python-python-memcached-1.54-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information libreoffice-4.3.5.2-10 is installed OR libreoffice-sdk-4.3.5.2-10 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.51-60.20 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND Package Information libudev-mini-devel-228-149 is installed OR libudev-mini1-228-149 is installed OR systemd-mini-228-149 is installed OR systemd-mini-devel-228-149 is installed OR udev-mini-228-149 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND Package Information krb5-mini-1.12.5-40.16 is installed OR krb5-mini-devel-1.12.5-40.16 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND Package Information PackageKit-1.1.3-24.9 is installed OR PackageKit-branding-upstream-1.1.3-24.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information flash-player-11.2.202.336-0.3.1 is installed OR flash-player-gnome-11.2.202.336-0.3.1 is installed OR flash-player-kde4-11.2.202.336-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND mailx-12.5-22 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libecpg6-9.4.5-4 is installed OR libpq5-9.4.5-4 is installed OR libpq5-32bit-9.4.5-4 is installed OR postgresql94-9.4.5-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND libquicktime0-1.2.4-10 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information cups-1.7.5-20.17 is installed OR cups-client-1.7.5-20.17 is installed OR cups-libs-1.7.5-20.17 is installed OR cups-libs-32bit-1.7.5-20.17 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information compat-libldap-2_3-0-2.3.37-16 is installed OR openldap2-2.4.39-16 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-102.1 is installed OR libopenssl0_9_8-0.9.8j-102.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information libpacemaker3-1.1.15-19 is installed OR pacemaker-1.1.15-19 is installed OR pacemaker-cli-1.1.15-19 is installed OR pacemaker-cts-1.1.15-19 is installed OR pacemaker-remote-1.1.15-19 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND ctdb-4.6.16+git.124.aee309c5c18-3.32 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.13 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.13 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_43-52_6-default-1-2 is installed OR kgraft-patch-3_12_43-52_6-xen-1-2 is installed OR kgraft-patch-SLE12_Update_5-1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_6-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_2-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-46.7 is installed OR salt-api-2016.11.4-46.7 is installed OR salt-bash-completion-2016.11.4-46.7 is installed OR salt-cloud-2016.11.4-46.7 is installed OR salt-doc-2016.11.4-46.7 is installed OR salt-master-2016.11.4-46.7 is installed OR salt-minion-2016.11.4-46.7 is installed OR salt-proxy-2016.11.4-46.7 is installed OR salt-ssh-2016.11.4-46.7 is installed OR salt-syndic-2016.11.4-46.7 is installed OR salt-zsh-completion-2016.11.4-46.7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs4-4.5.0-5 is installed OR nodejs4-devel-4.5.0-5 is installed OR nodejs4-docs-4.5.0-5 is installed OR npm4-4.5.0-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information apache2-2.2.10-2.24.5 is installed OR apache2-doc-2.2.10-2.24.5 is installed OR apache2-example-pages-2.2.10-2.24.5 is installed OR apache2-prefork-2.2.10-2.24.5 is installed OR apache2-utils-2.2.10-2.24.5 is installed OR apache2-worker-2.2.10-2.24.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND xen-4.1.5_02-0.5.1 is installed OR xen-doc-html-4.1.5_02-0.5.1 is installed OR xen-doc-pdf-4.1.5_02-0.5.1 is installed OR xen-kmp-default-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-kmp-pae-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-kmp-trace-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-libs-4.1.5_02-0.5.1 is installed OR xen-libs-32bit-4.1.5_02-0.5.1 is installed OR xen-tools-4.1.5_02-0.5.1 is installed OR xen-tools-domU-4.1.5_02-0.5.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND xen-4.1.5_02-0.5.1 is installed OR xen-doc-html-4.1.5_02-0.5.1 is installed OR xen-doc-pdf-4.1.5_02-0.5.1 is installed OR xen-kmp-default-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-kmp-pae-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-kmp-trace-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-libs-4.1.5_02-0.5.1 is installed OR xen-libs-32bit-4.1.5_02-0.5.1 is installed OR xen-tools-4.1.5_02-0.5.1 is installed OR xen-tools-domU-4.1.5_02-0.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information curl-7.19.7-1.18.1 is installed OR libcurl4-7.19.7-1.18.1 is installed OR libcurl4-32bit-7.19.7-1.18.1 is installed OR libcurl4-x86-7.19.7-1.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information kernel-bigsmp-3.0.101-0.47.86.1 is installed OR kernel-bigsmp-base-3.0.101-0.47.86.1 is installed OR kernel-bigsmp-devel-3.0.101-0.47.86.1 is installed OR kernel-default-3.0.101-0.47.86.1 is installed OR kernel-default-base-3.0.101-0.47.86.1 is installed OR kernel-default-devel-3.0.101-0.47.86.1 is installed OR kernel-default-man-3.0.101-0.47.86.1 is installed OR kernel-ec2-3.0.101-0.47.86.1 is installed OR kernel-ec2-base-3.0.101-0.47.86.1 is installed OR kernel-ec2-devel-3.0.101-0.47.86.1 is installed OR kernel-pae-3.0.101-0.47.86.1 is installed OR kernel-pae-base-3.0.101-0.47.86.1 is installed OR kernel-pae-devel-3.0.101-0.47.86.1 is installed OR kernel-source-3.0.101-0.47.86.1 is installed OR kernel-syms-3.0.101-0.47.86.1 is installed OR kernel-trace-3.0.101-0.47.86.1 is installed OR kernel-trace-base-3.0.101-0.47.86.1 is installed OR kernel-trace-devel-3.0.101-0.47.86.1 is installed OR kernel-xen-3.0.101-0.47.86.1 is installed OR kernel-xen-base-3.0.101-0.47.86.1 is installed OR kernel-xen-devel-3.0.101-0.47.86.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information apache2-2.2.12-1.51.52.1 is installed OR apache2-doc-2.2.12-1.51.52.1 is installed OR apache2-example-pages-2.2.12-1.51.52.1 is installed OR apache2-prefork-2.2.12-1.51.52.1 is installed OR apache2-utils-2.2.12-1.51.52.1 is installed OR apache2-worker-2.2.12-1.51.52.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11-SECURITY is installed AND Package Information libldap-openssl1-2_4-2-2.4.26-0.35.1 is installed OR libldap-openssl1-2_4-2-32bit-2.4.26-0.35.1 is installed OR libldap-openssl1-2_4-2-x86-2.4.26-0.35.1 is installed OR openldap2-client-openssl1-2.4.26-0.35.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information bind-9.9.5P1-1 is installed OR bind-chrootenv-9.9.5P1-1 is installed OR bind-doc-9.9.5P1-1 is installed OR bind-libs-9.9.5P1-1 is installed OR bind-libs-32bit-9.9.5P1-1 is installed OR bind-utils-9.9.5P1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information dbus-1-glib-0.100.2-3 is installed OR dbus-1-glib-32bit-0.100.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND chrony-2.3-3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND MozillaFirefox-91.11.0-112.119.1 is installed OR MozillaFirefox-devel-91.11.0-112.119.1 is installed OR MozillaFirefox-translations-common-91.11.0-112.119.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND MozillaFirefox-91.11.0-112.119.1 is installed OR MozillaFirefox-devel-91.11.0-112.119.1 is installed OR MozillaFirefox-translations-common-91.11.0-112.119.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND libXtst6-1.2.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information kgraft-patch-4_4_103-92_53-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-12-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information ImageMagick-6.4.3.6-7.26.1 is installed OR ImageMagick-devel-6.4.3.6-7.26.1 is installed OR libMagick++-devel-6.4.3.6-7.26.1 is installed OR libMagick++1-6.4.3.6-7.26.1 is installed OR libMagickWand1-6.4.3.6-7.26.1 is installed OR libMagickWand1-32bit-6.4.3.6-7.26.1 is installed OR perl-PerlMagick-6.4.3.6-7.26.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information PackageKit-devel-0.3.14-2.30.11 is installed OR hal-devel-0.5.12-23.76.1 is installed OR libpackagekit-glib10-devel-0.3.14-2.30.11 is installed OR libpackagekit-qt10-0.3.14-2.30.11 is installed OR libpackagekit-qt10-devel-0.3.14-2.30.11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information FastCGI-2.4.0-167 is installed OR perl-FastCGI-2.4.0-167 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND ctdb-devel-2.5.5-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND gd-devel-2.1.0-12 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR ImageMagick-devel-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagick++-devel-6.8.8.1-70 is installed OR perl-PerlMagick-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libpcap-1.8.1-9.1 is installed OR libpcap1-32bit-1.8.1-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information kernel-default-4.4.21-84.1 is installed OR kernel-default-extra-4.4.21-84.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND libzmq3-4.0.4-14 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND bluez-cups-5.13-5.4 is installed

BACK