Oval Definition:oval:org.opensuse.security:def:63699
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

Security issues fixed:

- CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox - CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks - CVE-2019-7317: Use-after-free in png_image_free of libpng library - CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 - CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS - CVE-2019-9816: Type confusion with object groups and UnboxedObjects - CVE-2019-9817: Stealing of cross-domain images using canvas - CVE-2019-9818: Use-after-free in crash generation server - CVE-2019-9819: Compartment mismatch with fetch API - CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell

Non-security issues fixed:

- Font and date adjustments to accommodate the new Reiwa era in Japan - Update to Firefox ESR 60.7 (bsc#1135824)
Family:unixClass:patch
Status:Reference(s):1051510
1061840
1065600
1071995
1072697
1088047
1091236
1094555
1096726
1098633
1100694
1106383
1106751
1109137
1114279
1118595
1118596
1118599
1119532
1120423
1121214
1124167
1127155
1128432
1128471
1128472
1128474
1128476
1128480
1128481
1128490
1128492
1128493
1128902
1128910
1132154
1132390
1133401
1133738
1134303
1134395
1135296
1135350
1135556
1135642
1135824
1136157
1136811
1136922
1137103
1137194
1137221
1137366
1137429
1137625
1137728
1137884
1137995
1137996
1137998
1137999
1138000
1138002
1138003
1138005
1138006
1138007
1138008
1138009
1138010
1138011
1138012
1138013
1138014
1138015
1138016
1138017
1138018
1138019
1138291
1138293
1138374
1138375
1138589
1138719
1139751
1139771
1139782
1139865
1140133
1140328
1140405
1140424
1140428
1140575
1140577
1140637
1140658
1140715
1140719
1140726
1140727
1140728
1140814
1140948
1152856
1154212
1170715
1172698
1172704
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1176315
1176733
821419
945811
CVE-2017-13098
CVE-2017-18922
CVE-2018-1000613
CVE-2018-15173
CVE-2018-15518
CVE-2018-15664
CVE-2018-16871
CVE-2018-19869
CVE-2018-19873
CVE-2018-20836
CVE-2018-21247
CVE-2019-10126
CVE-2019-10638
CVE-2019-10639
CVE-2019-11478
CVE-2019-11599
CVE-2019-11691
CVE-2019-11692
CVE-2019-11693
CVE-2019-11694
CVE-2019-11698
CVE-2019-12456
CVE-2019-12614
CVE-2019-12818
CVE-2019-12819
CVE-2019-20839
CVE-2019-20840
CVE-2019-2894
CVE-2019-2933
CVE-2019-2945
CVE-2019-2949
CVE-2019-2958
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2987
CVE-2019-2988
CVE-2019-2989
CVE-2019-2992
CVE-2019-2999
CVE-2019-3855
CVE-2019-3856
CVE-2019-3857
CVE-2019-3858
CVE-2019-3859
CVE-2019-3860
CVE-2019-3861
CVE-2019-3862
CVE-2019-3863
CVE-2019-7317
CVE-2019-9800
CVE-2019-9815
CVE-2019-9816
CVE-2019-9817
CVE-2019-9818
CVE-2019-9819
CVE-2019-9820
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-17507
CVE-2020-26117
CVE-2020-8023
openSUSE-SU-2019:1621-1
openSUSE-SU-2020:0607-1
openSUSE-SU-2020:1025-1
openSUSE-SU-2020:1452-1
SUSE-SU-2019:0655-1
SUSE-SU-2019:1388-1
SUSE-SU-2019:2426-1
SUSE-SU-2019:3084-1
SUSE-SU-2020:1859-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • docker-18.09.6_ce-lp151.2.6 is installed
  • OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed
  • OR docker-test-18.09.6_ce-lp151.2.6 is installed
  • OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-lp152.9.8 is installed
  • OR LibVNCServer-devel-0.9.10-lp152.9.8 is installed
  • OR libvncclient0-0.9.10-lp152.9.8 is installed
  • OR libvncserver0-0.9.10-lp152.9.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • MozillaFirefox-60.7.0-109.72 is installed
  • OR MozillaFirefox-translations-common-60.7.0-109.72 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • libXvnc1-1.6.0-22.17 is installed
  • OR tigervnc-1.6.0-22.17 is installed
  • OR xorg-x11-Xvnc-1.6.0-22.17 is installed
    • BACK