Oval Definition:oval:org.opensuse.security:def:63814
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox to 68.2.0 ESR fixes the following issues:

Mozilla Firefox was updated to version 68.2.0 ESR (bsc#1154738).

Security issues fixed:

- CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). - CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738). - CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738). - CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).

Non-security issues fixed:

- Firefox 60.7 ESR changed the user interface language (bsc#1137990). - Wrong Firefox GUI Language (bsc#1120374). - Fixed an inadvertent crash report transmission without user opt-in (bsc#1074235). - Firefox hangs randomly when browsing and scrolling (bsc#1043008). - Firefox stops loading page until mouse is moved (bsc#1025108).
Family:unixClass:patch
Status:Reference(s):1010399
1010405
1010406
1010408
1010409
1010421
1010423
1010424
1010425
1010426
1025108
1043008
1047281
1074235
1092611
1100687
1119687
1120374
1121624
1124211
1131576
1137990
1138743
1141122
1145383
1149429
1154460
1154461
1154464
1154738
1154849
1157119
1157888
1158003
1158004
1158005
1158006
1158007
1160305
1160498
1160673
1160922
1172186
1172265
1178171
945190
959933
983922
CVE-2014-3577
CVE-2015-5262
CVE-2016-2830
CVE-2016-5289
CVE-2016-5292
CVE-2016-9063
CVE-2016-9067
CVE-2016-9068
CVE-2016-9069
CVE-2016-9071
CVE-2016-9073
CVE-2016-9075
CVE-2016-9076
CVE-2016-9077
CVE-2017-7789
CVE-2017-9103
CVE-2017-9104
CVE-2017-9105
CVE-2017-9106
CVE-2017-9107
CVE-2017-9108
CVE-2017-9109
CVE-2018-13785
CVE-2018-20346
CVE-2018-20506
CVE-2018-5150
CVE-2018-5151
CVE-2018-5152
CVE-2018-5153
CVE-2018-5154
CVE-2018-5155
CVE-2018-5157
CVE-2018-5158
CVE-2018-5159
CVE-2018-5160
CVE-2018-5163
CVE-2018-5164
CVE-2018-5165
CVE-2018-5166
CVE-2018-5167
CVE-2018-5168
CVE-2018-5169
CVE-2018-5172
CVE-2018-5173
CVE-2018-5174
CVE-2018-5175
CVE-2018-5176
CVE-2018-5177
CVE-2018-5178
CVE-2018-5179
CVE-2018-5180
CVE-2018-5181
CVE-2018-5182
CVE-2018-5183
CVE-2019-11757
CVE-2019-11758
CVE-2019-11759
CVE-2019-11760
CVE-2019-11761
CVE-2019-11762
CVE-2019-11763
CVE-2019-11764
CVE-2019-14806
CVE-2019-14834
CVE-2019-15903
CVE-2019-17015
CVE-2019-17016
CVE-2019-17017
CVE-2019-17021
CVE-2019-17022
CVE-2019-17024
CVE-2019-17026
CVE-2019-18422
CVE-2019-18423
CVE-2019-18424
CVE-2019-18904
CVE-2019-19577
CVE-2019-19578
CVE-2019-19579
CVE-2019-19580
CVE-2019-19581
CVE-2019-19582
CVE-2019-19583
CVE-2019-7317
CVE-2020-8165
openSUSE-SU-2019:1530-1
openSUSE-SU-2019:2145-1
openSUSE-SU-2020:0094-1
openSUSE-SU-2020:0235-1
openSUSE-SU-2020:1679-1
SUSE-SU-2019:0913-1
SUSE-SU-2019:2872-1
SUSE-SU-2019:3310-1
SUSE-SU-2020:0419-1
SUSE-SU-2020:1612-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libpng16-1.6.34-lp151.3.3 is installed
  • OR libpng16-16-1.6.34-lp151.3.3 is installed
  • OR libpng16-16-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-compat-devel-1.6.34-lp151.3.3 is installed
  • OR libpng16-compat-devel-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-devel-1.6.34-lp151.3.3 is installed
  • OR libpng16-devel-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-tools-1.6.34-lp151.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • ruby2.5-rubygem-activesupport-5_1-5.1.4-lp152.4.3 is installed
  • OR ruby2.5-rubygem-activesupport-doc-5_1-5.1.4-lp152.4.3 is installed
  • OR rubygem-activesupport-5_1-5.1.4-lp152.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND apache-commons-httpclient-3.1-6.3 is installed
    • BACK