Oval Definition:	oval:org.opensuse.security:def:61003
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Moderate) Description: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes (bsc#1174538) * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker * CVE-2020-6514: WebRTC data channel leaks internal address to peer * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy * CVE-2020-15653: Bypassing iframe sandbox when allowing popups * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture * CVE-2020-15656: Type confusion for special arguments in IonMonkey * CVE-2020-15658: Overriding file type when saving to disk * CVE-2020-15657: DLL hijacking due to incorrect loading path * CVE-2020-15654: Custom cursor can overlay user interface * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1 Family: unix Class: patch Status: Reference(s): 1009994 1010756 1010757 1010766 1010774 1010782 1010968 1010975 1012382 1023175 1047958 1051643 1051644 1060445 1061005 1065237 1069702 1070805 1076957 1077718 1082943 1083903 1090671 1093158 1102851 1107829 1114763 1116841 1117186 1118152 1118319 1119019 1119183 1119714 1119946 1120260 1120743 1120758 1121805 1121816 1121821 1124728 1124732 1124735 1128166 1129080 1129179 1131709 1146358 1146359 1155419 1159478 1159479 1159482 1159486 1159548 1160471 1160968 1162610 1162972 1170170 1170441 1172037 1173274 1173351 1173948 1174538 CVE-2016-10708 CVE-2016-9262 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 CVE-2016-9391 CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2017-1000050 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-16939 CVE-2017-18344 CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 CVE-2018-1000115 CVE-2018-1120 CVE-2018-14633 CVE-2018-16862 CVE-2018-16884 CVE-2018-19407 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-9568 CVE-2019-15681 CVE-2019-15690 CVE-2019-16782 CVE-2019-18388 CVE-2019-18389 CVE-2019-18390 CVE-2019-18391 CVE-2019-2024 CVE-2019-20788 CVE-2019-3459 CVE-2019-3460 CVE-2019-6109 CVE-2019-6111 CVE-2019-6974 CVE-2019-7221 CVE-2019-7222 CVE-2019-8675 CVE-2019-8696 CVE-2019-9213 CVE-2020-12059 CVE-2020-14422 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-6463 CVE-2020-6514 CVE-2020-8161 CVE-2020-8184 CVE-2020-8597 SUSE-SU-2017:2174-1 SUSE-SU-2017:2688-1 SUSE-SU-2018:0339-1 SUSE-SU-2018:0955-1 SUSE-SU-2018:1989-1 SUSE-SU-2019:3057-1 SUSE-SU-2020:0016-1 SUSE-SU-2020:0456-1 SUSE-SU-2020:0490-1 SUSE-SU-2020:2100-1 SUSE-SU-2020:2678-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information evolution-3.26.6-lp151.4.3 is installed OR evolution-devel-3.26.6-lp151.4.3 is installed OR evolution-lang-3.26.6-lp151.4.3 is installed OR evolution-plugin-bogofilter-3.26.6-lp151.4.3 is installed OR evolution-plugin-pst-import-3.26.6-lp151.4.3 is installed OR evolution-plugin-spamassassin-3.26.6-lp151.4.3 is installed OR glade-catalog-evolution-3.26.6-lp151.4.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information MozillaFirefox-78.1.0-lp152.2.12 is installed OR MozillaFirefox-branding-upstream-78.1.0-lp152.2.12 is installed OR MozillaFirefox-buildsymbols-78.1.0-lp152.2.12 is installed OR MozillaFirefox-devel-78.1.0-lp152.2.12 is installed OR MozillaFirefox-translations-common-78.1.0-lp152.2.12 is installed OR MozillaFirefox-translations-other-78.1.0-lp152.2.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information curl-7.37.0-37.3 is installed OR libcurl4-7.37.0-37.3 is installed OR libcurl4-32bit-7.37.0-37.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND python-ipaddress-1.0.18-3.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libvirglrenderer0-0.5.0-12.3 is installed OR virglrenderer-0.5.0-12.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.42 is installed OR openssh-askpass-gnome-7.2p2-74.42 is installed OR openssh-fips-7.2p2-74.42 is installed OR openssh-helpers-7.2p2-74.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND dnsmasq-2.78-18.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.10-25.52 is installed OR python3-3.4.10-25.52 is installed OR python3-base-3.4.10-25.52 is installed OR python3-curses-3.4.10-25.52 is installed OR python3-devel-3.4.10-25.52 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed
BACK