Oval Definition:oval:org.opensuse.security:def:65383
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872)

- CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

Family:unixClass:patch
Status:Reference(s):1071995
1138872
1141897
1142649
1148517
1149145
CVE-2019-11708
CVE-2019-14250
CVE-2019-15847
SUSE-SU-2019:1682-1
SUSE-SU-2019:2702-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-3.48 is installed
  • OR MozillaFirefox-branding-upstream-60.7.2-3.48 is installed
  • OR MozillaFirefox-buildsymbols-60.7.2-3.48 is installed
  • OR MozillaFirefox-devel-60.7.2-3.48 is installed
    • BACK