openSUSE Security Update : firefox / seamonkey / thunderbird (openSUSE-SU-2014:0212-1)

2014-06-13T00:00:00
ID OPENSUSE-2014-119.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2014-06-13T00:00:00

Description

Mozilla Firefox was updated to version 27. Mozilla SeaMonkey was updated to 2.24, fixing similar issues as Firefox 27. Mozilla Thunderbird was updated to 24.3.0, fixing similar issues as Firefox 27.

The Firefox 27 release brings TLS 1.2 support as a major security feature.

It also fixes following security issues :

  • MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)

  • MFSA 2014-02/CVE-2014-1479 (bmo#911864) Clone protected content with XBL scopes

  • MFSA 2014-03/CVE-2014-1480 (bmo#916726) UI selection timeout missing on download prompts

  • MFSA 2014-04/CVE-2014-1482 (bmo#943803) Incorrect use of discarded images by RasterImage

  • MFSA 2014-05/CVE-2014-1483 (bmo#950427) Information disclosure with *FromPoint on iframes

  • MFSA 2014-06/CVE-2014-1484 (bmo#953993) Profile path leaks to Android system log

  • MFSA 2014-07/CVE-2014-1485 (bmo#910139) XSLT stylesheets treated as styles in Content Security Policy

  • MFSA 2014-08/CVE-2014-1486 (bmo#942164) Use-after-free with imgRequestProxy and image proccessing

  • MFSA 2014-09/CVE-2014-1487 (bmo#947592) Cross-origin information leak through web workers

  • MFSA 2014-10/CVE-2014-1489 (bmo#959531) Firefox default start page UI content invokable by script

  • MFSA 2014-11/CVE-2014-1488 (bmo#950604) Crash when using web workers with asm.js

  • MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 (bmo#934545, bmo#930874, bmo#930857) NSS ticket handling issues

  • MFSA 2014-13/CVE-2014-1481(bmo#936056) Inconsistent JavaScript handling of access to Window objects

Mozilla NSS was updated to 3.15.4 :

  • required for Firefox 27

  • regular CA root store update (1.96)

  • Reordered the cipher suites offered in SSL/TLS client hello messages to match modern best practices.

  • Improved SSL/TLS false start. In addition to enabling the SSL_ENABLE_FALSE_START option, an application must now register a callback using the SSL_SetCanFalseStartCallback function.

  • When false start is enabled, libssl will sometimes return unencrypted, unauthenticated data from PR_Recv (CVE-2013-1740, bmo#919877)

  • MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 NSS ticket handling issues New functionality

  • Implemented OCSP querying using the HTTP GET method, which is the new default, and will fall back to the HTTP POST method.

  • Implemented OCSP server functionality for testing purposes (httpserv utility).

  • Support SHA-1 signatures with TLS 1.2 client authentication.

  • Added the --empty-password command-line option to certutil, to be used with -N: use an empty password when creating a new database.

  • Added the -w command-line option to pp: don

                                        
                                            #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2014-119.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(75253);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");

  script_cve_id("CVE-2013-1740", "CVE-2014-1477", "CVE-2014-1478", "CVE-2014-1479", "CVE-2014-1480", "CVE-2014-1481", "CVE-2014-1482", "CVE-2014-1483", "CVE-2014-1484", "CVE-2014-1485", "CVE-2014-1486", "CVE-2014-1487", "CVE-2014-1488", "CVE-2014-1489", "CVE-2014-1490", "CVE-2014-1491");
  script_bugtraq_id(64944, 65316, 65317, 65320, 65321, 65322, 65323, 65324, 65326, 65328, 65329, 65330, 65331, 65332, 65334, 65335);

  script_name(english:"openSUSE Security Update : firefox / seamonkey / thunderbird (openSUSE-SU-2014:0212-1)");
  script_summary(english:"Check for the openSUSE-2014-119 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Mozilla Firefox was updated to version 27. Mozilla SeaMonkey was
updated to 2.24, fixing similar issues as Firefox 27. Mozilla
Thunderbird was updated to 24.3.0, fixing similar issues as Firefox
27.

The Firefox 27 release brings TLS 1.2 support as a major security
feature.

It also fixes following security issues :

  - MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous
    memory safety hazards (rv:27.0 / rv:24.3)

  - MFSA 2014-02/CVE-2014-1479 (bmo#911864) Clone protected
    content with XBL scopes

  - MFSA 2014-03/CVE-2014-1480 (bmo#916726) UI selection
    timeout missing on download prompts

  - MFSA 2014-04/CVE-2014-1482 (bmo#943803) Incorrect use of
    discarded images by RasterImage

  - MFSA 2014-05/CVE-2014-1483 (bmo#950427) Information
    disclosure with *FromPoint on iframes

  - MFSA 2014-06/CVE-2014-1484 (bmo#953993) Profile path
    leaks to Android system log

  - MFSA 2014-07/CVE-2014-1485 (bmo#910139) XSLT stylesheets
    treated as styles in Content Security Policy

  - MFSA 2014-08/CVE-2014-1486 (bmo#942164) Use-after-free
    with imgRequestProxy and image proccessing

  - MFSA 2014-09/CVE-2014-1487 (bmo#947592) Cross-origin
    information leak through web workers

  - MFSA 2014-10/CVE-2014-1489 (bmo#959531) Firefox default
    start page UI content invokable by script

  - MFSA 2014-11/CVE-2014-1488 (bmo#950604) Crash when using
    web workers with asm.js

  - MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 (bmo#934545,
    bmo#930874, bmo#930857) NSS ticket handling issues

  - MFSA 2014-13/CVE-2014-1481(bmo#936056) Inconsistent
    JavaScript handling of access to Window objects

Mozilla NSS was updated to 3.15.4 :

  - required for Firefox 27

  - regular CA root store update (1.96)

  - Reordered the cipher suites offered in SSL/TLS client
    hello messages to match modern best practices.

  - Improved SSL/TLS false start. In addition to enabling
    the SSL_ENABLE_FALSE_START option, an application must
    now register a callback using the
    SSL_SetCanFalseStartCallback function.

  - When false start is enabled, libssl will sometimes
    return unencrypted, unauthenticated data from PR_Recv
    (CVE-2013-1740, bmo#919877)

  - MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 NSS ticket
    handling issues New functionality

  - Implemented OCSP querying using the HTTP GET method,
    which is the new default, and will fall back to the HTTP
    POST method.

  - Implemented OCSP server functionality for testing
    purposes (httpserv utility).

  - Support SHA-1 signatures with TLS 1.2 client
    authentication.

  - Added the --empty-password command-line option to
    certutil, to be used with -N: use an empty password when
    creating a new database.

  - Added the -w command-line option to pp: don't wrap long
    output lines."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2014-02/msg00027.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected firefox / seamonkey / thunderbird packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-irc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-translations-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-translations-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-venkman");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/02/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.3|SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3 / 13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-branding-upstream-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-buildsymbols-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-debuginfo-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-debugsource-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-devel-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-translations-common-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaFirefox-translations-other-27.0-1.47.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaThunderbird-24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaThunderbird-buildsymbols-24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaThunderbird-debuginfo-24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaThunderbird-debugsource-24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaThunderbird-devel-24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaThunderbird-translations-common-24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"MozillaThunderbird-translations-other-24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"enigmail-1.6.0+24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"enigmail-debuginfo-1.6.0+24.3.0-61.39.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libfreebl3-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libfreebl3-debuginfo-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libsoftokn3-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libsoftokn3-debuginfo-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-certs-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-certs-debuginfo-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-debuginfo-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-debugsource-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-devel-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-sysinit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-sysinit-debuginfo-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-tools-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"mozilla-nss-tools-debuginfo-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-debuginfo-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-debugsource-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-dom-inspector-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-irc-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-translations-common-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-translations-other-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"seamonkey-venkman-2.24-1.33.2") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libfreebl3-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libsoftokn3-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"mozilla-nss-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.15.4-1.28.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-branding-upstream-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-buildsymbols-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-debuginfo-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-debugsource-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-devel-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-translations-common-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-translations-other-27.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaThunderbird-24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaThunderbird-buildsymbols-24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaThunderbird-debuginfo-24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaThunderbird-debugsource-24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaThunderbird-devel-24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaThunderbird-translations-common-24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"MozillaThunderbird-translations-other-24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"enigmail-1.6.0+24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"enigmail-debuginfo-1.6.0+24.3.0-70.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libfreebl3-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libfreebl3-debuginfo-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libsoftokn3-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libsoftokn3-debuginfo-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-certs-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-certs-debuginfo-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-debuginfo-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-debugsource-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-devel-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-sysinit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-sysinit-debuginfo-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-tools-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-tools-debuginfo-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-debuginfo-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-debugsource-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-dom-inspector-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-irc-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-translations-common-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-translations-other-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"seamonkey-venkman-2.24-8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libfreebl3-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.15.4-12.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.15.4-12.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc");
}