Oval Definition:oval:org.opensuse.security:def:60952
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

Update to version 68.8.0 ESR (bsc#1171186):

- CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020-6831: Buffer overflow in SCTP chunk input validation - CVE-2020-12392: Arbitrary local file access with 'Copy as cURL' - CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection - CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
Family:unixClass:patch
Status:Reference(s):1006166
1022805
1048367
1065000
1068310
1069509
1073748
1077983
1086001
1088004
1088009
1104301
1107030
1108606
1109847
1117740
1121626
1122191
1125113
1125330
1127987
1129821
1130262
1146608
1159913
1161799
1165631
1171186
1172031
1172225
1173027
1173274
1176409
1176412
983268
CVE-2008-1483
CVE-2016-2399
CVE-2016-5102
CVE-2017-15906
CVE-2018-1053
CVE-2018-1060
CVE-2018-1061
CVE-2018-14647
CVE-2018-17000
CVE-2018-18335
CVE-2018-18356
CVE-2018-18506
CVE-2018-19622
CVE-2018-19623
CVE-2018-19624
CVE-2018-19625
CVE-2018-19626
CVE-2018-19627
CVE-2018-5383
CVE-2019-14973
CVE-2019-20807
CVE-2019-5010
CVE-2019-5108
CVE-2019-5785
CVE-2019-6128
CVE-2019-7663
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-14392
CVE-2020-14393
CVE-2020-14422
CVE-2020-1749
CVE-2020-6796
CVE-2020-6797
CVE-2020-6798
CVE-2020-6799
CVE-2020-6800
CVE-2020-6831
CVE-2020-8177
SUSE-SU-2017:1986-1
SUSE-SU-2017:3230-1
SUSE-SU-2018:0507-1
SUSE-SU-2018:2696-1
SUSE-SU-2019:0852-1
SUSE-SU-2020:0384-1
SUSE-SU-2020:1218-1
SUSE-SU-2020:1732-1
SUSE-SU-2020:2157-1
SUSE-SU-2020:2661-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-76.0.3809.87-lp151.2.15 is installed
  • OR chromium-76.0.3809.87-lp151.2.15 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • google-compute-engine-20190801-lp152.5.4 is installed
  • OR google-compute-engine-init-20190801-lp152.5.4 is installed
  • OR google-compute-engine-oslogin-20190801-lp152.5.4 is installed
  • OR google-compute-engine-oslogin-32bit-20190801-lp152.5.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libquicktime-1.2.4-14.3 is installed
  • OR libquicktime0-1.2.4-14.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND python-ipaddress-1.0.18-3.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • gvim-7.4.326-17.6 is installed
  • OR vim-7.4.326-17.6 is installed
  • OR vim-data-7.4.326-17.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libwireshark9-2.4.11-48.35 is installed
  • OR libwiretap7-2.4.11-48.35 is installed
  • OR libwscodecs1-2.4.11-48.35 is installed
  • OR libwsutil8-2.4.11-48.35 is installed
  • OR wireshark-2.4.11-48.35 is installed
  • OR wireshark-gtk-2.4.11-48.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND squid-3.5.21-26.32 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • MozillaFirefox-68.8.0-109.119 is installed
  • OR MozillaFirefox-translations-common-68.8.0-109.119 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.271-43.41 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.271-43.41 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.271-43.41 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.271-43.41 is installed
    • BACK