Oval Definition:	oval:org.opensuse.security:def:64015
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaFirefox (Important) Description: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.4.1 ESR * Fixed: Security fix MFSA 2020-03 (bsc#1160498) * CVE-2019-17026 (bmo#1607443) IonMonkey type confusion with StoreElementHole and FallibleStoreElement - Firefox Extended Support Release 68.4.0 ESR * Fixed: Various security fixes MFSA 2020-02 (bsc#1160305) * CVE-2019-17015 (bmo#1599005) Memory corruption in parent process during new content process initialization on Windows * CVE-2019-17016 (bmo#1599181) Bypass of @namespace CSS sanitization during pasting * CVE-2019-17017 (bmo#1603055) Type Confusion in XPCVariant.cpp * CVE-2019-17021 (bmo#1599008) Heap address disclosure in parent process during content process initialization on Windows * CVE-2019-17022 (bmo#1602843) CSS sanitization does not escape HTML tags * CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826) Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 Family: unix Class: patch Status: Reference(s): 1050549 1055117 1055186 1058115 1061840 1063638 1070872 1082555 1083647 1085535 1085536 1086657 1097584 1106011 1106284 1108193 1108937 1111331 1112063 1112128 1112178 1113722 1114279 1119680 1119843 1120843 1122776 1123663 1124839 1127175 1127371 1127374 1128415 1128971 1128979 1129138 1129693 1129770 1129845 1130527 1130567 1130579 1131416 1131427 1131438 1131451 1131488 1131530 1131574 1131673 1131847 1131900 1131934 1132044 1132219 1132226 1132369 1132373 1132397 1132402 1132403 1132404 1132405 1132411 1132412 1132413 1132426 1132527 1132531 1132561 1132562 1132564 1132618 1132681 1132726 1132828 1132894 1133005 1133094 1133095 1133149 1133176 1133188 1133547 1133668 1133672 1133698 1133702 1133769 1133772 1133778 1133779 1133780 1133850 1133851 1133852 1133897 1134160 1134162 1134201 1134202 1134204 1134205 1134393 1134459 1134461 1134597 1134600 1134651 1134810 1134848 1135007 1135008 1135120 1135278 1135281 1135309 1135312 1135315 1135320 1135323 1135492 1135642 1136666 1143436 1144547 1144548 1153918 1160305 1160498 1171558 1171924 1173029 1173060 1173063 1174415 1175691 1176069 1176410 1177143 CVE-2018-7191 CVE-2019-11085 CVE-2019-11486 CVE-2019-11811 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-17545 CVE-2019-3881 CVE-2019-3882 CVE-2019-5489 CVE-2019-9500 CVE-2019-9503 CVE-2020-14386 CVE-2020-15900 CVE-2020-25219 CVE-2020-26154 CVE-2020-6505 CVE-2020-6506 CVE-2020-6507 openSUSE-SU-2019:1479-1 openSUSE-SU-2019:1985-1 openSUSE-SU-2019:2466-1 openSUSE-SU-2020:0845-1 openSUSE-SU-2020:0861-1 openSUSE-SU-2020:1379-1 SUSE-SU-2020:0068-1 SUSE-SU-2020:2900-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.4 is installed OR kernel-debug-base-4.12.14-lp151.28.4 is installed OR kernel-debug-devel-4.12.14-lp151.28.4 is installed OR kernel-default-4.12.14-lp151.28.4 is installed OR kernel-default-base-4.12.14-lp151.28.4 is installed OR kernel-default-devel-4.12.14-lp151.28.4 is installed OR kernel-devel-4.12.14-lp151.28.4 is installed OR kernel-docs-4.12.14-lp151.28.4 is installed OR kernel-docs-html-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed OR kernel-macros-4.12.14-lp151.28.4 is installed OR kernel-obs-build-4.12.14-lp151.28.4 is installed OR kernel-obs-qa-4.12.14-lp151.28.4 is installed OR kernel-source-4.12.14-lp151.28.4 is installed OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed OR kernel-syms-4.12.14-lp151.28.4 is installed OR kernel-vanilla-4.12.14-lp151.28.4 is installed OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information ruby2.5-rubygem-bundler-1.16.1-lp152.4.3 is installed OR ruby2.5-rubygem-bundler-doc-1.16.1-lp152.4.3 is installed OR rubygem-bundler-1.16.1-lp152.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-68.4.1-109.101 is installed OR MozillaFirefox-translations-common-68.4.1-109.101 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libecpg6-12.4-3.5 is installed OR libpq5-12.4-3.5 is installed OR libpq5-32bit-12.4-3.5 is installed OR postgresql-12.0.1-4.4 is installed OR postgresql-contrib-12.0.1-4.4 is installed OR postgresql-docs-12.0.1-4.4 is installed OR postgresql-plperl-12.0.1-4.4 is installed OR postgresql-plpython-12.0.1-4.4 is installed OR postgresql-pltcl-12.0.1-4.4 is installed OR postgresql-server-12.0.1-4.4 is installed OR postgresql10-10.14-4.4 is installed OR postgresql10-contrib-10.14-4.4 is installed OR postgresql10-docs-10.14-4.4 is installed OR postgresql10-plperl-10.14-4.4 is installed OR postgresql10-plpython-10.14-4.4 is installed OR postgresql10-pltcl-10.14-4.4 is installed OR postgresql10-server-10.14-4.4 is installed OR postgresql12-12.4-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information libproxy-0.4.13-18.3 is installed OR libproxy-plugins-0.4.13-18.3 is installed OR libproxy1-0.4.13-18.3 is installed OR libproxy1-32bit-0.4.13-18.3 is installed OR libproxy1-config-gnome3-0.4.13-18.3 is installed OR libproxy1-config-gnome3-32bit-0.4.13-18.3 is installed OR libproxy1-networkmanager-0.4.13-18.3 is installed OR libproxy1-pacrunner-webkit-0.4.13-18.3 is installed
BACK