Oval Definition:oval:org.opensuse.security:def:63720
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872)

- CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

Family:unixClass:patch
Status:Reference(s):1051510
1055117
1063993
1071995
1079730
1083647
1083710
1100408
1101982
1102247
1103991
1103992
1104745
1109837
1111666
1112374
1112646
1114957
1116717
1117275
1119222
1119493
1120470
1120502
1120503
1120504
1120584
1120589
1121600
1123080
1123156
1123179
1127034
1127315
1127611
1129537
1129770
1130972
1133021
1133291
1134090
1134097
1134390
1134399
1135335
1135642
1135715
1136217
1136342
1136460
1136461
1136462
1136467
1136896
1137458
1137534
1137535
1137584
1137609
1137811
1137827
1138872
1138874
1139358
1139619
1140133
1140139
1140322
1140559
1140652
1140676
1140887
1140888
1140889
1140891
1140893
1140903
1140945
1140948
1140954
1140955
1140956
1140957
1140958
1140959
1140960
1140961
1140962
1140964
1140971
1140972
1140992
1141312
1141401
1141402
1141452
1141453
1141454
1141478
1142023
1142052
1142112
1142115
1142119
1142220
1142221
1142254
1142350
1142351
1142354
1142359
1142450
1142623
1142673
1142701
1142868
1143003
1143045
1143105
1143185
1143189
1143191
1143209
1143507
1152930
1162610
1171363
1174477
1174628
1178671
682920
CVE-2018-16872
CVE-2018-18954
CVE-2018-19364
CVE-2018-19489
CVE-2018-20544
CVE-2018-20545
CVE-2018-20546
CVE-2018-20547
CVE-2018-20548
CVE-2018-20549
CVE-2018-20855
CVE-2019-1125
CVE-2019-11708
CVE-2019-11810
CVE-2019-13631
CVE-2019-13648
CVE-2019-14283
CVE-2019-14284
CVE-2019-6237
CVE-2019-6778
CVE-2019-8571
CVE-2019-8583
CVE-2019-8584
CVE-2019-8586
CVE-2019-8587
CVE-2019-8594
CVE-2019-8595
CVE-2019-8596
CVE-2019-8597
CVE-2019-8601
CVE-2019-8607
CVE-2019-8608
CVE-2019-8609
CVE-2019-8610
CVE-2019-8611
CVE-2019-8615
CVE-2019-8619
CVE-2019-8622
CVE-2019-8623
CVE-2019-9628
CVE-2020-12108
CVE-2020-12321
CVE-2020-14342
CVE-2020-14344
CVE-2020-8597
openSUSE-SU-2019:1766-1
openSUSE-SU-2020:0661-1
openSUSE-SU-2020:1164-1
openSUSE-SU-2020:1579-1
SUSE-SU-2019:0435-1
SUSE-SU-2019:0928-1
SUSE-SU-2019:1684-1
SUSE-SU-2019:2070-1
SUSE-SU-2019:2745-1
SUSE-SU-2020:0490-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.2-lp151.2.3 is installed
  • OR libjavascriptcoregtk-4_0-18-32bit-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk-4_0-37-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk-4_0-37-32bit-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk3-lang-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.24.2-lp151.2.3 is installed
  • OR webkit-jsc-4-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-devel-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-minibrowser-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-plugin-process-gtk2-2.24.2-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libX11-1.6.5-lp152.5.3 is installed
  • OR libX11-6-1.6.5-lp152.5.3 is installed
  • OR libX11-6-32bit-1.6.5-lp152.5.3 is installed
  • OR libX11-data-1.6.5-lp152.5.3 is installed
  • OR libX11-devel-1.6.5-lp152.5.3 is installed
  • OR libX11-devel-32bit-1.6.5-lp152.5.3 is installed
  • OR libX11-xcb1-1.6.5-lp152.5.3 is installed
  • OR libX11-xcb1-32bit-1.6.5-lp152.5.3 is installed
  • OR libxcb-1.13-lp152.5.3 is installed
  • OR libxcb-composite0-1.13-lp152.5.3 is installed
  • OR libxcb-composite0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-damage0-1.13-lp152.5.3 is installed
  • OR libxcb-damage0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-devel-1.13-lp152.5.3 is installed
  • OR libxcb-devel-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-devel-doc-1.13-lp152.5.3 is installed
  • OR libxcb-dpms0-1.13-lp152.5.3 is installed
  • OR libxcb-dpms0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-dri2-0-1.13-lp152.5.3 is installed
  • OR libxcb-dri2-0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-dri3-0-1.13-lp152.5.3 is installed
  • OR libxcb-dri3-0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-glx0-1.13-lp152.5.3 is installed
  • OR libxcb-glx0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-present0-1.13-lp152.5.3 is installed
  • OR libxcb-present0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-randr0-1.13-lp152.5.3 is installed
  • OR libxcb-randr0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-record0-1.13-lp152.5.3 is installed
  • OR libxcb-record0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-render0-1.13-lp152.5.3 is installed
  • OR libxcb-render0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-res0-1.13-lp152.5.3 is installed
  • OR libxcb-res0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-screensaver0-1.13-lp152.5.3 is installed
  • OR libxcb-screensaver0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-shape0-1.13-lp152.5.3 is installed
  • OR libxcb-shape0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-shm0-1.13-lp152.5.3 is installed
  • OR libxcb-shm0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-sync1-1.13-lp152.5.3 is installed
  • OR libxcb-sync1-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xf86dri0-1.13-lp152.5.3 is installed
  • OR libxcb-xf86dri0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xfixes0-1.13-lp152.5.3 is installed
  • OR libxcb-xfixes0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xinerama0-1.13-lp152.5.3 is installed
  • OR libxcb-xinerama0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xinput0-1.13-lp152.5.3 is installed
  • OR libxcb-xinput0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xkb1-1.13-lp152.5.3 is installed
  • OR libxcb-xkb1-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xtest0-1.13-lp152.5.3 is installed
  • OR libxcb-xtest0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xv0-1.13-lp152.5.3 is installed
  • OR libxcb-xv0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb-xvmc0-1.13-lp152.5.3 is installed
  • OR libxcb-xvmc0-32bit-1.13-lp152.5.3 is installed
  • OR libxcb1-1.13-lp152.5.3 is installed
  • OR libxcb1-32bit-1.13-lp152.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • kernel-firmware-20190618-5.14 is installed
  • OR ucode-amd-20190618-5.14 is installed
    • BACK