{"id": "OPENVAS:1361412562310704571", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 4571-1 (thunderbird - security update)", "description": "The remote host is missing an update for the ", "published": "2019-11-19T00:00:00", "modified": "2020-01-16T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704571", "reporter": "Copyright (C) 2019 Greenbone Networks GmbH", "references": ["https://www.debian.org/security/2019/dsa-4571.html", "https://security-tracker.debian.org/tracker/DSA-4571-1"], "cvelist": ["CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "lastseen": "2020-01-16T19:15:53", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["DEBIAN_DLA-1987.NASL", "CENTOS_RHSA-2019-3193.NASL", "ORACLELINUX_ELSA-2019-3237.NASL", "UBUNTU_USN-4202-2.NASL", "DEBIAN_DSA-4549.NASL", "DEBIAN_DSA-4571.NASL", "NEWSTART_CGSL_NS-SA-2019-0215_THUNDERBIRD.NASL", "MOZILLA_FIREFOX_68_2_ESR.NASL", "REDHAT-RHSA-2019-3196.NASL", "DEBIAN_DLA-1997.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891997", "OPENVAS:1361412562310704549", "OPENVAS:1361412562310883132", "OPENVAS:1361412562310852765", "OPENVAS:1361412562310815712", "OPENVAS:1361412562310844268", "OPENVAS:1361412562310815817", "OPENVAS:1361412562310891987", "OPENVAS:1361412562310815816", "OPENVAS:1361412562310852836"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4549-1:796DA", "DEBIAN:DSA-4571-1:418C4", "DEBIAN:DLA-1997-1:9DD2C", "DEBIAN:DLA-1987-1:E3D38"]}, {"type": "archlinux", "idList": ["ASA-201910-15", "ASA-201910-16"]}, {"type": "ubuntu", "idList": ["USN-4165-1", "USN-4202-1", "USN-4202-2"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3196", "ELSA-2019-3210", "ELSA-2019-3193", "ELSA-2019-3237", "ELSA-2019-3281"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2459-1", "OPENSUSE-SU-2019:2464-1", "OPENSUSE-SU-2019:2451-1", "OPENSUSE-SU-2019:2452-1"]}, {"type": "redhat", "idList": ["RHSA-2019:3210", "RHSA-2019:3193", "RHSA-2019:3196", "RHSA-2019:3281", "RHSA-2019:3756", "RHSA-2019:3237"]}, {"type": "centos", "idList": ["CESA-2019:3210", "CESA-2019:3281", "CESA-2019:3193", "CESA-2019:3756"]}, {"type": "amazon", "idList": ["ALAS2-2019-1376"]}, {"type": "kaspersky", "idList": ["KLA11591", "KLA11590"]}, {"type": "slackware", "idList": ["SSA-2019-295-01"]}, {"type": "cve", "idList": ["CVE-2019-11755", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11764", "CVE-2019-11762", "CVE-2019-11757", "CVE-2019-11760", "CVE-2019-11763", "CVE-2019-15903"]}], "modified": "2020-01-16T19:15:53", "rev": 2}, "score": {"value": 7.9, "vector": "NONE", "modified": "2020-01-16T19:15:53", "rev": 2}, "vulnersScore": 7.9}, "pluginID": "1361412562310704571", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704571\");\n script_version(\"2020-01-16T07:57:40+0000\");\n script_cve_id(\"CVE-2019-11755\", \"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-16 07:57:40 +0000 (Thu, 16 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-19 03:00:12 +0000 (Tue, 19 Nov 2019)\");\n script_name(\"Debian Security Advisory DSA 4571-1 (thunderbird - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(10|9)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4571.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4571-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the DSA-4571-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of\nservice.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x\nseries has ended, so starting with this update we're now following the\n68.x releases.\");\n\n script_tag(name:\"affected\", value:\"'thunderbird' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), this problem has been fixed\nin version 1:68.2.2-1~deb9u1.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1:68.2.2-1~deb10u1.\n\nWe recommend that you upgrade your thunderbird packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"lightning\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ar\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ast\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-be\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bg\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-br\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ca\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cs\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cy\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-da\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-de\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-dsb\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-el\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-en-gb\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-ar\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-es\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-et\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-eu\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fi\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fy-nl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ga-ie\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gd\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-he\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hsb\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hu\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hy-am\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-id\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-is\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-it\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ja\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kab\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kk\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ko\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-lt\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ms\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nb-no\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nn-no\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-br\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-pt\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-rm\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ro\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ru\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-si\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sk\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sq\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sv-se\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-tr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-uk\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-vi\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-cn\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-tw\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-all\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ar\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ast\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-be\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bg\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-br\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ca\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cs\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cy\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-da\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-de\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-dsb\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-el\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-en-gb\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-ar\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-es\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-et\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-eu\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fi\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fy-nl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ga-ie\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gd\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-he\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hsb\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hu\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hy-am\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-id\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-is\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-it\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ja\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kab\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kk\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ko\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-lt\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ms\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nb-no\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nn-no\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-br\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-pt\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-rm\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ro\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ru\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-si\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sk\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sl\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sq\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sv-se\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-tr\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-uk\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-vi\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-cn\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-tw\", ver:\"1:68.2.2-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-all\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ast\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-be\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bg\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bn-bd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ca\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-cs\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-da\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-de\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-dsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-el\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-en-gb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-es\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-et\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-eu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fy-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ga-ie\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-he\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hy-am\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-id\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-is\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-it\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ja\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-kab\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ko\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-lt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nb-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nn-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pa-in\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-pt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-rm\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ro\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ru\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-si\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sq\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sv-se\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ta-lk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-tr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-uk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-vi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-cn\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-tw\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ast\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-be\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bg\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bn-bd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ca\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cs\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cy\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-da\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-de\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-dsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-el\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-en-gb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-es\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-et\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-eu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fy-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ga-ie\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-he\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hy-am\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-id\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-is\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-it\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ja\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-kab\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ko\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-lt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nb-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nn-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pa-in\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-pt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-rm\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ro\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ru\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-si\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sq\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sv-se\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ta-lk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-tr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-uk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-vi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-cn\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-tw\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ast\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-be\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bg\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bn-bd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ca\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cs\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cy\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-da\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-de\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-dsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-el\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-en-gb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-es\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-et\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-eu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fy-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ga-ie\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-he\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hy-am\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-id\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-is\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-it\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ja\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kab\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ko\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-lt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ms\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nb-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nn-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pa-in\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-pt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-rm\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ro\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ru\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-si\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sq\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sv-se\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ta-lk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-tr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-uk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-vi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-cn\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-tw\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-all\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ast\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-be\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bg\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bn-bd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ca\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cs\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cy\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-da\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-de\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-dsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-el\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-en-gb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-ar\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-es\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-et\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-eu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fy-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ga-ie\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gd\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-he\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hsb\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hu\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hy-am\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-id\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-is\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-it\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ja\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kab\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ko\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-lt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ms\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nb-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nn-no\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pa-in\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-br\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-pt\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-rm\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ro\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ru\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-si\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sl\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sq\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sv-se\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ta-lk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-tr\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-uk\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-vi\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-cn\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-tw\", ver:\"1:68.2.2-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "naslFamily": "Debian Local Security Checks"}

{"openvas": [{"lastseen": "2020-01-29T19:29:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-29T00:00:00", "published": "2019-11-26T00:00:00", "id": "OPENVAS:1361412562310891997", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891997", "type": "openvas", "title": "Debian LTS: Security Advisory for thunderbird (DLA-1997-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891997\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-11755\", \"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-26 12:50:00 +0000 (Tue, 26 Nov 2019)\");\n script_name(\"Debian LTS: Security Advisory for thunderbird (DLA-1997-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1997-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the DLA-1997-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of service.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x series\nhas ended, so starting with this update we're now following the 68.x releases.\");\n\n script_tag(name:\"affected\", value:\"'thunderbird' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1:68.2.2-1~deb8u1.\n\nWe recommend that you upgrade your thunderbird packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-all\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ast\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-be\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bg\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bn-bd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ca\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-cs\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-da\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-de\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-dsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-el\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-en-gb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-es\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-et\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-eu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fy-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ga-ie\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-he\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hy-am\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-id\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-is\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-it\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ja\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-kab\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ko\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-lt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nb-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nn-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pa-in\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-pt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-rm\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ro\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ru\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-si\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sq\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sv-se\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ta-lk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-tr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-uk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-vi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-cn\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-tw\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ast\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-be\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bg\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bn-bd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ca\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cs\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cy\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-da\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-de\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-dsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-el\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-en-gb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-es\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-et\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-eu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fy-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ga-ie\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-he\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hy-am\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-id\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-is\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-it\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ja\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-kab\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ko\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-lt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nb-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nn-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pa-in\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-pt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-rm\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ro\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ru\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-si\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sq\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sv-se\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ta-lk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-tr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-uk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-vi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-cn\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-tw\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ast\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-be\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bg\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bn-bd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ca\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cs\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cy\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-da\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-de\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-dsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-el\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-en-gb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-es\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-et\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-eu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fy-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ga-ie\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-he\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hy-am\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-id\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-is\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-it\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ja\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kab\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ko\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-lt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ms\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nb-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nn-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pa-in\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-pt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-rm\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ro\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ru\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-si\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sq\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sv-se\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ta-lk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-tr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-uk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-vi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-cn\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-tw\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-all\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ast\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-be\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bg\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bn-bd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ca\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cs\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cy\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-da\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-de\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-dsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-el\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-en-gb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-ar\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-es\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-et\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-eu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fy-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ga-ie\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gd\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-he\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hsb\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hu\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hy-am\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-id\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-is\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-it\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ja\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kab\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ko\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-lt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ms\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nb-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nn-no\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pa-in\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-br\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-pt\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-rm\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ro\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ru\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-si\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sl\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sq\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sv-se\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ta-lk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-tr\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-uk\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-vi\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-cn\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-tw\", ver:\"1:68.2.2-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:25:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-29T00:00:00", "published": "2019-11-11T00:00:00", "id": "OPENVAS:1361412562310891987", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891987", "type": "openvas", "title": "Debian LTS: Security Advisory for firefox-esr (DLA-1987-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891987\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-11 03:00:11 +0000 (Mon, 11 Nov 2019)\");\n script_name(\"Debian LTS: Security Advisory for firefox-esr (DLA-1987-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1987-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox-esr'\n package(s) announced via the DLA-1987-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of service.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we're now\nfollowing the 68.x releases.\");\n\n script_tag(name:\"affected\", value:\"'firefox-esr' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n68.2.0esr-1~deb8u1.\n\nWe recommend that you upgrade your firefox-esr packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-dbg\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-dev\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ach\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-af\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-all\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-an\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ar\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-as\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ast\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-az\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-be\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bg\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-bd\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-br\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bs\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ca\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cak\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cs\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cy\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-da\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-de\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-dsb\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-el\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-ca\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-gb\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-za\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eo\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-ar\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-cl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-es\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-mx\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-et\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eu\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fa\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ff\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fi\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fy-nl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ga-ie\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gd\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gu-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-he\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hi-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hsb\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hu\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hy-am\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ia\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-id\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-is\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-it\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ja\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ka\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kab\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-km\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ko\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lij\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lt\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lv\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mai\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ml\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ms\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-my\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nb-no\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ne-np\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nn-no\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-oc\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-or\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pa-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-br\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-pt\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-rm\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ro\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ru\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-si\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-son\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sq\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sv-se\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ta\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-te\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-th\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-tr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ur\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uz\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-vi\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-xh\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-cn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-tw\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cak\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-ca\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ia\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ka\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kab\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-my\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ne-np\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-oc\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ur\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"68.2.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-16T19:15:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-16T00:00:00", "published": "2019-10-26T00:00:00", "id": "OPENVAS:1361412562310704549", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704549", "type": "openvas", "title": "Debian Security Advisory DSA 4549-1 (firefox-esr - security update)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704549\");\n script_version(\"2020-01-16T07:57:40+0000\");\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-16 07:57:40 +0000 (Thu, 16 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-26 02:00:12 +0000 (Sat, 26 Oct 2019)\");\n script_name(\"Debian Security Advisory DSA 4549-1 (firefox-esr - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4549.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4549-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox-esr'\n package(s) announced via the DSA-4549-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of service.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we're now\nfollowing the 68.x releases.\");\n\n script_tag(name:\"affected\", value:\"'firefox-esr' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), some additional config changes\nto the buildd network are needed (to provide the new Rust-based toolchain\nneeded by ESR68). Packages will be made available when those are sorted out.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 68.2.0esr-1~deb10u1.\n\nWe recommend that you upgrade your firefox-esr packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ach\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-af\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-all\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-an\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ar\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-as\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ast\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-az\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-be\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bg\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-bd\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-in\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-br\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bs\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ca\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cak\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cs\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cy\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-da\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-de\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-dsb\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-el\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-ca\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-gb\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-za\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eo\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-ar\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-cl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-es\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-mx\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-et\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eu\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fa\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ff\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fi\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fy-nl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ga-ie\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gd\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gu-in\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-he\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hi-in\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hsb\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hu\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hy-am\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ia\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-id\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-is\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-it\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ja\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ka\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kab\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-km\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ko\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lij\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lt\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lv\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mai\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ml\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ms\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-my\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nb-no\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ne-np\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nn-no\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-oc\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-or\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pa-in\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-br\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-pt\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-rm\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ro\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ru\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-si\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-son\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sq\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sv-se\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ta\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-te\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-th\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-tr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ur\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uz\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-vi\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-xh\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-cn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-tw\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cak\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-ca\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ia\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ka\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kab\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-my\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ne-np\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-oc\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ur\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"68.2.0esr-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-16T19:08:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-16T00:00:00", "published": "2019-12-11T00:00:00", "id": "OPENVAS:1361412562310844268", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844268", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-4202-2", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844268\");\n script_version(\"2020-01-16T07:57:40+0000\");\n script_cve_id(\"CVE-2019-11755\", \"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-16 07:57:40 +0000 (Thu, 16 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 03:01:29 +0000 (Wed, 11 Dec 2019)\");\n script_name(\"Ubuntu Update for thunderbird USN-4202-2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4202-2\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-December/005245.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the USN-4202-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading,\nThunderbird\ncreated a new profile for some users. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that a specially crafted S/MIME message with an inner\nencryption layer could be displayed as having a valid signature in some\ncircumstances, even if the signer had no access to the encrypted message.\nAn attacker could potentially exploit this to spoof the message author.\n(CVE-2019-11755)\nMultiple security issues were discovered in Thunderbird. If a user were\ntricked in to opening a specially crafted website in a browsing context,\nan attacker could potentially exploit these to cause a denial of service,\nbypass security restrictions, bypass same-origin restrictions, conduct\ncross-site scripting (XSS) attacks, or execute arbitrary code.\n(CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760,\nCVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764)\nA heap overflow was discovered in the expat library in Thunderbird. If a\nuser were tricked in to opening a specially crafted message, an attacker\ncould potentially exploit this to cause a denial of service, or execute\narbitrary code. (CVE-2019-15903)\");\n\n script_tag(name:\"affected\", value:\"'thunderbird' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:68.2.2+build1-0ubuntu0.19.10.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:68.2.2+build1-0ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T17:32:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "modified": "2020-03-04T00:00:00", "published": "2019-10-25T00:00:00", "id": "OPENVAS:1361412562310815816", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815816", "type": "openvas", "title": "Mozilla Thunderbird Security Updates(mfsa_2019-32_2019-35)-Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815816\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2019-15903\", \"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\",\n \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\",\n \"CVE-2019-11764\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-25 15:57:09 +0530 (Fri, 25 Oct 2019)\");\n script_name(\"Mozilla Thunderbird Security Updates(mfsa_2019-32_2019-35)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A heap overflow error in expat library in XML_GetCurrentLineNumber.\n\n - An use-after-free error when creating index updates in IndexedDB.\n\n - A memory corruption error in the accessibility engine.\n\n - Multiple stack buffer overflow errors in HKDF output and WebRTC networking.\n\n - An unintended access to a privileged JSONView object.\n\n - The document.domain-based origin isolation has same-origin-property violation.\n\n - Failure to correctly handle null bytes when processing HTML entities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows attackers to\n cause denial of service, run arbitrary code and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before 68.2 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 68.2\n Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_thunderbird_detect_win.nasl\");\n script_mandatory_keys(\"Thunderbird/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\ntbVer = infos['version'];\ntbPath = infos['location'];\n\nif(version_is_less(version:tbVer, test_version:\"68.2\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"68.2\", install_path:tbPath);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-16T19:10:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-16T00:00:00", "published": "2019-11-01T00:00:00", "id": "OPENVAS:1361412562310883126", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883126", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2019:3210 centos7 ", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883126\");\n script_version(\"2020-01-16T07:57:40+0000\");\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-16 07:57:40 +0000 (Thu, 16 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-01 03:00:57 +0000 (Fri, 01 Nov 2019)\");\n script_name(\"CentOS Update for thunderbird CESA-2019:3210 centos7 \");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2019:3210\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2019-October/023498.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the CESA-2019:3210 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es):\n\n * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2\n(CVE-2019-11764)\n\n * Mozilla: Use-after-free when creating index updates in IndexedDB\n(CVE-2019-11757)\n\n * Mozilla: Potentially exploitable crash due to 360 Total Security\n(CVE-2019-11758)\n\n * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n * Mozilla: Unintended access to a privileged JSONView object\n(CVE-2019-11761)\n\n * Mozilla: document.domain-based origin isolation has same-origin-property\nviolation (CVE-2019-11762)\n\n * Mozilla: Incorrect HTML parsing results in XSS bypass technique\n(CVE-2019-11763)\n\n * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"'thunderbird' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~68.2.0~1.el7.centos\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:29:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852877", "type": "openvas", "title": "openSUSE: Security Advisory for Recommended (openSUSE-SU-2019:2452-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852877\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\",\n \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\",\n \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:40:31 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for Recommended (openSUSE-SU-2019:2452-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2452-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Recommended'\n package(s) announced via the openSUSE-SU-2019:2452-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaThunderbird to version 68.2.1 provides the\n following fixes:\n\n - Security issues fixed (bsc#1154738):\n\n * CVE-2019-15903: Fixed a heap overflow in the expat library\n (bsc#1149429).\n\n * CVE-2019-11757: Fixed a use-after-free when creating index updates in\n IndexedDB (bsc#1154738).\n\n * CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total\n Security (bsc#1154738).\n\n * CVE-2019-11759: Fixed a stack buffer overflow in HKDF output\n (bsc#1154738).\n\n * CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking\n (bsc#1154738).\n\n * CVE-2019-11761: Fixed an unintended access to a privileged JSONView\n object (bsc#1154738).\n\n * CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n\n * CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n\n * CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\n Other fixes (bsc#1153879):\n\n * Some attachments couldn't be opened in messages originating from MS\n Outlook 2016.\n\n * Address book import from CSV.\n\n * Performance problem in message body search.\n\n * Ctrl+Enter to send a message would open an attachment if the\n attachment pane had focus.\n\n * Calendar: Issues with 'Today Pane' start-up.\n\n * Calendar: Glitches with custom repeat and reminder number input.\n\n * Calendar: Problems with WCAP provider.\n\n * A language for the user interface can now be chosen in the advanced\n settings\n\n * Fixed an issue with Google authentication (OAuth2)\n\n * Fixed an issue where selected or unread messages were not shown in the\n correct color in the thread pane under some circumstances\n\n * Fixed an issue where when using a language pack, names of standard\n folders were not localized (bsc#1149126)\n\n * Fixed an issue where the address book default startup directory in\n preferences panel not persisted\n\n * Fixed various visual glitches\n\n * Fixed issues with the chat\n\n * Fixed building with rust >= 1.38.\n\n * Fixrd LTO build without PGO.\n\n * Removed kde.js since disabling instantApply breaks extensions and is\n now obsolete with the move to HTML views for preferences. (bsc#1151186)\n\n * Updated create-tar.sh. (bsc#1152778)\n\n * Deactivated the crashreporter for the last remaining arch.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2452=1\");\n\n script_tag(name:\"affected\", value:\"'Recommended' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~68.2.1~lp151.2.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~68.2.1~lp151.2.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~68.2.1~lp151.2.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~68.2.1~lp151.2.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~68.2.1~lp151.2.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:54:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-11-10T00:00:00", "id": "OPENVAS:1361412562310852762", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852762", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox-branding-SLE (openSUSE-SU-2019:2459-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852762\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-10 03:00:44 +0000 (Sun, 10 Nov 2019)\");\n script_name(\"openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox-branding-SLE (openSUSE-SU-2019:2459-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2459-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox, '\n package(s) announced via the openSUSE-SU-2019:2459-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the\n following issues:\n\n Changes in MozillaFirefox:\n\n Security issues fixed:\n\n - CVE-2019-15903: Fixed a heap overflow in the expat library\n (bsc#1149429).\n\n - CVE-2019-11757: Fixed a use-after-free when creating index updates in\n IndexedDB (bsc#1154738).\n\n - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total\n Security (bsc#1154738).\n\n - CVE-2019-11759: Fixed a stack buffer overflow in HKDF output\n (bsc#1154738).\n\n - CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking\n (bsc#1154738).\n\n - CVE-2019-11761: Fixed an unintended access to a privileged JSONView\n object (bsc#1154738).\n\n - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n\n - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n\n - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\n Non-security issues fixed:\n\n - Added Provides-line for translations-common (bsc#1153423) .\n\n - Moved some settings from branding-package here (bsc#1153869).\n\n - Disabled DoH by default.\n\n Changes in MozillaFirefox-branding-SLE:\n\n - Moved extensions preferences to core package (bsc#1153869).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2459=1\");\n\n script_tag(name:\"affected\", value:\"'MozillaFirefox, ' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-openSUSE\", rpm:\"MozillaFirefox-branding-openSUSE~68~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~68.2.0~lp150.3.71.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"firefox-esr-branding-openSUSE\", rpm:\"firefox-esr-branding-openSUSE~68~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T17:32:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "modified": "2020-03-04T00:00:00", "published": "2019-10-25T00:00:00", "id": "OPENVAS:1361412562310815817", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815817", "type": "openvas", "title": "Mozilla Thunderbird Security Updates(mfsa_2019-32_2019-35)-Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815817\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2019-15903\", \"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\",\n \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\",\n \"CVE-2019-11764\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-25 15:57:09 +0530 (Fri, 25 Oct 2019)\");\n script_name(\"Mozilla Thunderbird Security Updates(mfsa_2019-32_2019-35)-Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A heap overflow error in expat library in XML_GetCurrentLineNumber.\n\n - An use-after-free error when creating index updates in IndexedDB.\n\n - A memory corruption error in the accessibility engine.\n\n - Multiple stack buffer overflow errors in HKDF output and WebRTC networking.\n\n - An unintended access to a privileged JSONView object.\n\n - The document.domain-based origin isolation has same-origin-property violation.\n\n - Failure to correctly handle null bytes when processing HTML entities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows attackers to\n cause denial of service, run arbitrary code and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before 68.2 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 68.2\n Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Thunderbird/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\ntbVer = infos['version'];\ntbPath = infos['location'];\n\nif(version_is_less(version:tbVer, test_version:\"68.2\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"68.2\", install_path:tbPath);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:54:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-11-10T00:00:00", "id": "OPENVAS:1361412562310852765", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852765", "type": "openvas", "title": "openSUSE: Security Advisory for Recommended (openSUSE-SU-2019:2464-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852765\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-10 03:00:54 +0000 (Sun, 10 Nov 2019)\");\n script_name(\"openSUSE: Security Advisory for Recommended (openSUSE-SU-2019:2464-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2464-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Recommended'\n package(s) announced via the openSUSE-SU-2019:2464-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaThunderbird to version 68.2.1 provides the\n following fixes:\n\n - Security issues fixed (bsc#1154738):\n\n * CVE-2019-15903: Fixed a heap overflow in the expat library\n (bsc#1149429).\n\n * CVE-2019-11757: Fixed a use-after-free when creating index updates in\n IndexedDB (bsc#1154738).\n\n * CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total\n Security (bsc#1154738).\n\n * CVE-2019-11759: Fixed a stack buffer overflow in HKDF output\n (bsc#1154738).\n\n * CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking\n (bsc#1154738).\n\n * CVE-2019-11761: Fixed an unintended access to a privileged JSONView\n object (bsc#1154738).\n\n * CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n\n * CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n\n * CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\n Other fixes (bsc#1153879):\n\n * Some attachments couldn't be opened in messages originating from MS\n Outlook 2016.\n\n * Address book import from CSV.\n\n * Performance problem in message body search.\n\n * Ctrl+Enter to send a message would open an attachment if the\n attachment pane had focus.\n\n * Calendar: Issues with 'Today Pane' start-up.\n\n * Calendar: Glitches with custom repeat and reminder number input.\n\n * Calendar: Problems with WCAP provider.\n\n * A language for the user interface can now be chosen in the advanced\n settings\n\n * Fixed an issue with Google authentication (OAuth2)\n\n * Fixed an issue where selected or unread messages were not shown in the\n correct color in the thread pane under some circumstances\n\n * Fixed an issue where when using a language pack, names of standard\n folders were not localized (bsc#1149126)\n\n * Fixed an issue where the address book default startup directory in\n preferences panel not persisted\n\n * Fixed various visual glitches\n\n * Fixed issues with the chat\n\n * Fixed building with rust >= 1.38.\n\n * Fixrd LTO build without PGO.\n\n * Removed kde.js since disabling instantApply breaks extensions and is\n now obsolete with the move to HTML views for preferences. (bsc#1151186)\n\n * Updated create-tar.sh. (bsc#1152778)\n\n * Deactivated the crashreporter for the last remaining arch.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2464=1\");\n\n script_tag(name:\"affected\", value:\"'Recommended' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~68.2.1~lp150.3.54.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~68.2.1~lp150.3.54.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~68.2.1~lp150.3.54.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~68.2.1~lp150.3.54.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~68.2.1~lp150.3.54.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:41:49", "description": "Multiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of\nservice.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x\nseries has ended, so starting with this update we're now following the\n68.x releases.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1:68.2.2-1~deb8u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 17, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-20T00:00:00", "title": "Debian DLA-1997-1 : thunderbird security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2019-11-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se", "p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb", "p-cpe:/a:debian:debian_linux:icedove-l10n-sr", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:icedove-l10n-hsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-ru", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hu", "p-cpe:/a:debian:debian_linux:lightning-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-it", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cs", "p-cpe:/a:debian:debian_linux:lightning-l10n-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-ro", "p-cpe:/a:debian:debian_linux:icedove-l10n-ko", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr", "p-cpe:/a:debian:debian_linux:icedove-l10n-hr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-sq", "p-cpe:/a:debian:debian_linux:icedove-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast", "p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se", "p-cpe:/a:debian:debian_linux:icedove-l10n-ja", "p-cpe:/a:debian:debian_linux:iceowl-l10n-kab", "p-cpe:/a:debian:debian_linux:icedove-l10n-sk", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-es", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-id", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ca", "p-cpe:/a:debian:debian_linux:icedove-l10n-all", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sr", "p-cpe:/a:debian:debian_linux:icedove-l10n-cs", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sl", "p-cpe:/a:debian:debian_linux:lightning-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-it", "p-cpe:/a:debian:debian_linux:icedove-l10n-de", "p-cpe:/a:debian:debian_linux:icedove-l10n-ca", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-si", "p-cpe:/a:debian:debian_linux:icedove-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-si", "p-cpe:/a:debian:debian_linux:iceowl-l10n-id", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro", "p-cpe:/a:debian:debian_linux:lightning-l10n-hr", "p-cpe:/a:debian:debian_linux:icedove-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-da", "p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:icedove-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs", "p-cpe:/a:debian:debian_linux:icedove-l10n-be", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gd", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bg", "p-cpe:/a:debian:debian_linux:iceowl-l10n-tr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-et", "p-cpe:/a:debian:debian_linux:icedove-l10n-et", "p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca", "p-cpe:/a:debian:debian_linux:lightning-l10n-vi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am", "p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-de", "p-cpe:/a:debian:debian_linux:icedove-l10n-uk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-si", "p-cpe:/a:debian:debian_linux:icedove-l10n-it", "p-cpe:/a:debian:debian_linux:calendar-google-provider", "p-cpe:/a:debian:debian_linux:lightning-l10n-de", "p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:lightning-l10n-id", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ko", "p-cpe:/a:debian:debian_linux:icedove-l10n-hu", "p-cpe:/a:debian:debian_linux:icedove-l10n-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru", "p-cpe:/a:debian:debian_linux:icedove-l10n-sq", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-ar", "p-cpe:/a:debian:debian_linux:lightning-l10n-el", "p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in", "p-cpe:/a:debian:debian_linux:lightning-l10n-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko", "p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-ja", "p-cpe:/a:debian:debian_linux:lightning-l10n-fr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:lightning-l10n-hsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-tr", "p-cpe:/a:debian:debian_linux:lightning-l10n-is", "p-cpe:/a:debian:debian_linux:iceowl-l10n-el", "p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-de", "p-cpe:/a:debian:debian_linux:iceowl-l10n-he", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sq", "p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceowl-l10n-et", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-si", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-he", "p-cpe:/a:debian:debian_linux:icedove-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-is", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-dbg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm", "p-cpe:/a:debian:debian_linux:icedove-l10n-tr", "p-cpe:/a:debian:debian_linux:icedove-dbg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl", "p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es", "p-cpe:/a:debian:debian_linux:icedove-l10n-pl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceowl-l10n-it", "p-cpe:/a:debian:debian_linux:lightning-l10n-ko", "p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cy", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br", "p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am", "p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-is", "p-cpe:/a:debian:debian_linux:icedove-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fi", "p-cpe:/a:debian:debian_linux:icedove-l10n-dsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceowl-extension", "p-cpe:/a:debian:debian_linux:lightning-l10n-uk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-lt", "p-cpe:/a:debian:debian_linux:icedove-l10n-sl", "p-cpe:/a:debian:debian_linux:lightning-l10n-cs", "p-cpe:/a:debian:debian_linux:icedove-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:icedove-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-dev", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:lightning-l10n-hu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceowl-l10n-vi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-he", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:icedove-l10n-bg", "p-cpe:/a:debian:debian_linux:icedove-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-pl", "p-cpe:/a:debian:debian_linux:lightning-l10n-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceowl-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-all", "p-cpe:/a:debian:debian_linux:lightning-l10n-sk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd", "p-cpe:/a:debian:debian_linux:lightning-l10n-bg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-et", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ja", "p-cpe:/a:debian:debian_linux:icedove-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:icedove-l10n-gd", "p-cpe:/a:debian:debian_linux:lightning-l10n-gd", "p-cpe:/a:debian:debian_linux:icedove-dev", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu", "p-cpe:/a:debian:debian_linux:iceowl-l10n-uk", "p-cpe:/a:debian:debian_linux:lightning-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-kab", "p-cpe:/a:debian:debian_linux:icedove", "p-cpe:/a:debian:debian_linux:icedove-l10n-nl", "p-cpe:/a:debian:debian_linux:icedove-l10n-he", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:icedove-l10n-vi", "p-cpe:/a:debian:debian_linux:lightning-l10n-cy", "p-cpe:/a:debian:debian_linux:icedove-l10n-lt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning-l10n-ast", "p-cpe:/a:debian:debian_linux:icedove-l10n-is", "p-cpe:/a:debian:debian_linux:thunderbird", "p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:icedove-l10n-fr", "p-cpe:/a:debian:debian_linux:icedove-l10n-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-es", "p-cpe:/a:debian:debian_linux:icedove-l10n-id", "p-cpe:/a:debian:debian_linux:lightning-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-da", "p-cpe:/a:debian:debian_linux:iceowl-l10n-be"], "id": "DEBIAN_DLA-1997.NASL", "href": "https://www.tenable.com/plugins/nessus/131136", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1997-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131136);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-11755\", \"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n\n script_name(english:\"Debian DLA-1997-1 : thunderbird security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of\nservice.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x\nseries has ended, so starting with this update we're now following the\n68.x releases.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1:68.2.2-1~deb8u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/thunderbird\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:calendar-google-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-extension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"calendar-google-provider\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dbg\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dev\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-all\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ast\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-be\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-bg\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-bn-bd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ca\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-cs\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-da\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-de\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-dsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-el\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-en-gb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-es-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-es-es\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-et\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-eu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-fi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-fr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-fy-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ga-ie\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-gd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-gl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-he\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hy-am\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-id\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-is\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-it\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ja\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-kab\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ko\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-lt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-nb-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-nn-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pa-in\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pt-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pt-pt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-rm\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ro\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ru\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-si\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sq\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sv-se\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ta-lk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-tr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-uk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-vi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-zh-cn\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-zh-tw\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-extension\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ast\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-be\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-bg\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-bn-bd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ca\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-cs\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-cy\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-da\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-de\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-dsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-el\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-en-gb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-es-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-es-es\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-et\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-eu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-fi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-fr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-fy-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ga-ie\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-gd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-gl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-he\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hy-am\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-id\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-is\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-it\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ja\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-kab\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ko\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-lt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-nb-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-nn-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pa-in\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pt-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pt-pt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-rm\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ro\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ru\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-si\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sq\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sv-se\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ta-lk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-tr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-uk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-vi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-zh-cn\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-zh-tw\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ast\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-be\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-bg\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-bn-bd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ca\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-cs\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-cy\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-da\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-de\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-dsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-el\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-en-gb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-es-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-es-es\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-et\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-eu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-fi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-fr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-fy-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ga-ie\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-gd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-gl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-he\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hy-am\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-id\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-is\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-it\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ja\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-kab\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ko\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-lt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-nb-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-nn-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pa-in\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pt-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pt-pt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-rm\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ro\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ru\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-si\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sq\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sv-se\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ta-lk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-tr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-uk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-vi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-zh-cn\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-zh-tw\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-dbg\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-dev\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-all\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ast\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-be\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-bg\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-bn-bd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ca\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-cs\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-da\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-de\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-dsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-el\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-en-gb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-es-ar\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-es-es\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-et\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-eu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-fi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-fr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-fy-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ga-ie\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-gd\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-gl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-he\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hsb\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hu\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hy-am\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-id\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-is\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-it\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ja\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-kab\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ko\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-lt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-nb-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-nl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-nn-no\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pa-in\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pt-br\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pt-pt\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-rm\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ro\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ru\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-si\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sl\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sq\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sv-se\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ta-lk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-tr\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-uk\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-vi\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-zh-cn\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-zh-tw\", reference:\"1:68.2.2-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:52:03", "description": "Multiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of\nservice.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x\nseries has ended, so starting with this update we're now following the\n68.x releases.", "edition": 19, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-20T00:00:00", "title": "Debian DSA-4571-1 : thunderbird - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "p-cpe:/a:debian:debian_linux:thunderbird", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4571.NASL", "href": "https://www.tenable.com/plugins/nessus/131139", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4571. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131139);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11755\", \"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_xref(name:\"DSA\", value:\"4571\");\n\n script_name(english:\"Debian DSA-4571-1 : thunderbird - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of\nservice.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x\nseries has ended, so starting with this update we're now following the\n68.x releases.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/thunderbird\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/thunderbird\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/thunderbird\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4571\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the thunderbird packages.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 1:68.2.2-1~deb9u1.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1:68.2.2-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"calendar-google-provider\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ar\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ast\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-be\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-bg\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-br\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ca\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-cs\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-cy\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-da\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-de\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-dsb\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-el\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-en-gb\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-es-ar\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-es-es\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-et\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-eu\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-fi\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-fr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-fy-nl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ga-ie\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-gd\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-gl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-he\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-hr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-hsb\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-hu\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-hy-am\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-id\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-is\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-it\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ja\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-kab\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-kk\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ko\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-lt\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ms\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-nb-no\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-nl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-nn-no\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-pl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-pt-br\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-pt-pt\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-rm\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ro\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-ru\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-si\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-sk\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-sl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-sq\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-sr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-sv-se\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-tr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-uk\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-vi\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-zh-cn\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lightning-l10n-zh-tw\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-all\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ar\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ast\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-be\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-bg\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-br\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ca\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-cs\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-cy\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-da\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-de\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-dsb\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-el\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-en-gb\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-es-ar\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-es-es\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-et\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-eu\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-fi\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-fr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-fy-nl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ga-ie\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-gd\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-gl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-he\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-hr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-hsb\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-hu\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-hy-am\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-id\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-is\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-it\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ja\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-kab\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-kk\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ko\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-lt\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ms\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-nb-no\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-nl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-nn-no\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-pl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-pt-br\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-pt-pt\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-rm\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ro\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-ru\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-si\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-sk\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-sl\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-sq\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-sr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-sv-se\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-tr\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-uk\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-vi\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-zh-cn\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"thunderbird-l10n-zh-tw\", reference:\"1:68.2.2-1~deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"calendar-google-provider\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-dbg\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-dev\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-all\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ast\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-be\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-bg\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-bn-bd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ca\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-cs\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-da\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-de\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-dsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-el\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-en-gb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-es-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-es-es\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-et\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-eu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-fi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-fr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-fy-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ga-ie\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-gd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-gl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-he\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hy-am\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-id\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-is\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-it\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ja\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-kab\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ko\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-lt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-nb-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-nn-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pa-in\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pt-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pt-pt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-rm\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ro\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ru\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-si\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sq\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sv-se\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ta-lk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-tr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-uk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-vi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-zh-cn\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-zh-tw\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-extension\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ast\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-be\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-bg\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-bn-bd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ca\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-cs\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-cy\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-da\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-de\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-dsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-el\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-en-gb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-es-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-es-es\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-et\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-eu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-fi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-fr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-fy-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ga-ie\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-gd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-gl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-he\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hy-am\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-id\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-is\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-it\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ja\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-kab\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ko\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-lt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-nb-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-nn-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pa-in\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pt-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pt-pt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-rm\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ro\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ru\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-si\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sq\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sv-se\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ta-lk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-tr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-uk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-vi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-zh-cn\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-zh-tw\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ast\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-be\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-bg\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-bn-bd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ca\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-cs\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-cy\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-da\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-de\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-dsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-el\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-en-gb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-es-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-es-es\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-et\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-eu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-fi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-fr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-fy-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ga-ie\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-gd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-gl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-he\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hy-am\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-id\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-is\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-it\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ja\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-kab\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ko\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-lt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-nb-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-nn-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pa-in\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pt-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pt-pt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-rm\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ro\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ru\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-si\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sq\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sv-se\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ta-lk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-tr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-uk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-vi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-zh-cn\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-zh-tw\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-dbg\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-dev\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-all\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ast\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-be\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-bg\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-bn-bd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ca\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-cs\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-da\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-de\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-dsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-el\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-en-gb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-es-ar\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-es-es\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-et\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-eu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-fi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-fr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-fy-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ga-ie\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-gd\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-gl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-he\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hsb\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hu\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hy-am\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-id\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-is\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-it\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ja\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-kab\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ko\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-lt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-nb-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-nl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-nn-no\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pa-in\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pt-br\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pt-pt\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-rm\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ro\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ru\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-si\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sl\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sq\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sv-se\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ta-lk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-tr\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-uk\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-vi\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-zh-cn\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-zh-tw\", reference:\"1:68.2.2-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:51:54", "description": "Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of\nservice.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we're now\nfollowing the 68.x releases.", "edition": 21, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-10-28T00:00:00", "title": "Debian DSA-4549-1 : firefox-esr - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "p-cpe:/a:debian:debian_linux:firefox-esr"], "id": "DEBIAN_DSA-4549.NASL", "href": "https://www.tenable.com/plugins/nessus/130288", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4549. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130288);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_xref(name:\"DSA\", value:\"4549\");\n\n script_name(english:\"Debian DSA-4549-1 : firefox-esr - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of\nservice.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we're now\nfollowing the 68.x releases.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/firefox-esr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4549\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the firefox-esr packages.\n\nFor the oldstable distribution (stretch), some additional config\nchanges to the buildd network are needed (to provide the new\nRust-based toolchain needed by ESR68). Packages will be made available\nwhen those are sorted out.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 68.2.0esr-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ach\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-af\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-all\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-an\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ar\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-as\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ast\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-az\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-be\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bg\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bn-bd\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bn-in\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-br\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bs\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ca\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-cak\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-cs\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-cy\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-da\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-de\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-dsb\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-el\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-en-gb\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-en-za\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-eo\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-ar\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-cl\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-es\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-mx\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-et\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-eu\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fa\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ff\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fi\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fr\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fy-nl\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ga-ie\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gd\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gl\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gn\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gu-in\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-he\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hi-in\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hr\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hsb\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hu\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hy-am\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ia\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-id\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-is\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-it\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ja\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ka\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-kab\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-kk\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-km\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-kn\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ko\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-lij\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-lt\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-lv\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-mai\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-mk\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ml\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-mr\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ms\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-my\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-nb-no\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ne-np\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-nl\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-nn-no\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-oc\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-or\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pa-in\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pl\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pt-br\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pt-pt\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-rm\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ro\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ru\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-si\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sk\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sl\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-son\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sq\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sr\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sv-se\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ta\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-te\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-th\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-tr\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-uk\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ur\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-uz\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-vi\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-xh\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-zh-cn\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-zh-tw\", reference:\"68.2.0esr-1~deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:41:43", "description": "Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of\nservice.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we're now\nfollowing the 68.x releases.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n68.2.0esr-1~deb8u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 17, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-12T00:00:00", "title": "Debian DLA-1987-1 : firefox-esr security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2019-11-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-id", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-or", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-si", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-it", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-af", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-dev", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-an", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:iceweasel-dbg", "p-cpe:/a:debian:debian_linux:iceweasel-dev", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-th", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr", "p-cpe:/a:debian:debian_linux:iceweasel", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-dbg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-son", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-et", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-te", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-as", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af"], "id": "DEBIAN_DLA-1987.NASL", "href": "https://www.tenable.com/plugins/nessus/130772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1987-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130772);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n\n script_name(english:\"Debian DLA-1987-1 : firefox-esr security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of\nservice.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we're now\nfollowing the 68.x releases.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n68.2.0esr-1~deb8u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/firefox-esr\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-dbg\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-dev\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ach\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-af\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-all\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-an\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ar\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-as\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ast\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-az\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-be\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-bg\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-bn-bd\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-bn-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-br\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-bs\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ca\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-cs\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-cy\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-da\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-de\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-dsb\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-el\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-en-gb\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-en-za\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-eo\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-es-ar\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-es-cl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-es-es\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-es-mx\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-et\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-eu\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-fa\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ff\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-fi\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-fr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-fy-nl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ga-ie\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-gd\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-gl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-gn\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-gu-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-he\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-hi-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-hr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-hsb\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-hu\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-hy-am\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-id\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-is\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-it\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ja\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-kk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-km\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-kn\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ko\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-lij\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-lt\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-lv\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-mai\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-mk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ml\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-mr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ms\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-nb-no\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-nl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-nn-no\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-or\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-pa-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-pl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-pt-br\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-pt-pt\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-rm\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ro\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ru\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-si\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-sk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-sl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-son\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-sq\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-sr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-sv-se\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-ta\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-te\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-th\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-tr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-uk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-uz\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-vi\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-xh\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-zh-cn\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firefox-esr-l10n-zh-tw\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-dbg\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-dev\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ach\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-af\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-all\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-an\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ar\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-as\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ast\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-az\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-be\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bg\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-br\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bs\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ca\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-cs\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-cy\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-da\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-de\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-dsb\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-el\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-eo\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-et\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-eu\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fa\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ff\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fi\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gd\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gn\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-he\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hu\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-id\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-is\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-it\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ja\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-kk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-km\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-kn\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ko\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lij\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lt\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lv\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mai\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ml\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ms\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-or\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-rm\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ro\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ru\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-si\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sl\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-son\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sq\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ta\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-te\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-th\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-tr\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-uk\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-uz\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-vi\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-xh\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"68.2.0esr-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T11:02:31", "description": "USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading,\nThunderbird created a new profile for some users. This update fixes\nthe problem.\n\nWe apologize for the inconvenience.\n\nIt was discovered that a specially crafted S/MIME message with an\ninner encryption layer could be displayed as having a valid signature\nin some circumstances, even if the signer had no access to the\nencrypted message. An attacker could potentially exploit this to spoof\nthe message author. (CVE-2019-11755)\n\nMultiple security issues were discovered in Thunderbird. If a user\nwere tricked in to opening a specially crafted website in a browsing\ncontext, an attacker could potentially exploit these to cause a denial\nof service, bypass security restrictions, bypass same-origin\nrestrictions, conduct cross-site scripting (XSS) attacks, or execute\narbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759,\nCVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763,\nCVE-2019-11764)\n\nA heap overflow was discovered in the expat library in Thunderbird. If\na user were tricked in to opening a specially crafted message, an\nattacker could potentially exploit this to cause a denial of service,\nor execute arbitrary code. (CVE-2019-15903).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-12-12T00:00:00", "title": "Ubuntu 18.04 LTS / 19.10 : Thunderbird regression (USN-4202-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2019-12-12T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.10", "p-cpe:/a:canonical:ubuntu_linux:thunderbird"], "id": "UBUNTU_USN-4202-2.NASL", "href": "https://www.tenable.com/plugins/nessus/132011", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4202-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132011);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2019-11755\", \"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_xref(name:\"USN\", value:\"4202-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.10 : Thunderbird regression (USN-4202-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading,\nThunderbird created a new profile for some users. This update fixes\nthe problem.\n\nWe apologize for the inconvenience.\n\nIt was discovered that a specially crafted S/MIME message with an\ninner encryption layer could be displayed as having a valid signature\nin some circumstances, even if the signer had no access to the\nencrypted message. An attacker could potentially exploit this to spoof\nthe message author. (CVE-2019-11755)\n\nMultiple security issues were discovered in Thunderbird. If a user\nwere tricked in to opening a specially crafted website in a browsing\ncontext, an attacker could potentially exploit these to cause a denial\nof service, bypass security restrictions, bypass same-origin\nrestrictions, conduct cross-site scripting (XSS) attacks, or execute\narbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759,\nCVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763,\nCVE-2019-11764)\n\nA heap overflow was discovered in the expat library in Thunderbird. If\na user were tricked in to opening a specially crafted message, an\nattacker could potentially exploit this to cause a denial of service,\nor execute arbitrary code. (CVE-2019-15903).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4202-2/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"thunderbird\", pkgver:\"1:68.2.2+build1-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"thunderbird\", pkgver:\"1:68.2.2+build1-0ubuntu0.19.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T20:27:12", "description": "An update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2\n(CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB\n(CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security\n(CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object\n(CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has\nsame-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique\n(CVE-2019-11763)\n\n* expat: heap-based buffer over-read via crafted XML input\n(CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 13, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-10-30T00:00:00", "title": "RHEL 7 : thunderbird (RHSA-2019:3210)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2019-10-30T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/o:redhat:enterprise_linux:7.7", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo"], "id": "REDHAT-RHSA-2019-3210.NASL", "href": "https://www.tenable.com/plugins/nessus/130371", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3210. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130371);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n script_xref(name:\"RHSA\", value:\"2019:3210\");\n\n script_name(english:\"RHEL 7 : thunderbird (RHSA-2019:3210)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2\n(CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB\n(CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security\n(CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object\n(CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has\nsame-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique\n(CVE-2019-11763)\n\n* expat: heap-based buffer over-read via crafted XML input\n(CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-15903\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3210\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"thunderbird-68.2.0-1.el7_7\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-68.2.0-1.el7_7\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T19:47:26", "description": "This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the\nfollowing issues :\n\nChanges in MozillaFirefox :\n\nSecurity issues fixed :\n\n - CVE-2019-15903: Fixed a heap overflow in the expat\n library (bsc#1149429).\n\n - CVE-2019-11757: Fixed a use-after-free when creating\n index updates in IndexedDB (bsc#1154738).\n\n - CVE-2019-11758: Fixed a potentially exploitable crash\n due to 360 Total Security (bsc#1154738).\n\n - CVE-2019-11759: Fixed a stack-based buffer overflow in\n HKDF output (bsc#1154738).\n\n - CVE-2019-11760: Fixed a stack-based buffer overflow in\n WebRTC networking (bsc#1154738).\n\n - CVE-2019-11761: Fixed an unintended access to a\n privileged JSONView object (bsc#1154738).\n\n - CVE-2019-11762: Fixed a same-origin-property violation\n (bsc#1154738).\n\n - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n\n - CVE-2019-11764: Fixed several memory safety bugs\n (bsc#1154738).\n\nNon-security issues fixed :\n\n - Added Provides-line for translations-common\n (bsc#1153423) .\n\n - Moved some settings from branding-package here\n (bsc#1153869).\n\n - Disabled DoH by default.\n\nChanges in MozillaFirefox-branding-SLE :\n\n - Moved extensions preferences to core package\n (bsc#1153869).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 11, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-12T00:00:00", "title": "openSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2451)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2019-11-12T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:firefox-esr-branding-openSUSE", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-openSUSE", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox"], "id": "OPENSUSE-2019-2451.NASL", "href": "https://www.tenable.com/plugins/nessus/130885", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2451.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130885);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2451)\");\n script_summary(english:\"Check for the openSUSE-2019-2451 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the\nfollowing issues :\n\nChanges in MozillaFirefox :\n\nSecurity issues fixed :\n\n - CVE-2019-15903: Fixed a heap overflow in the expat\n library (bsc#1149429).\n\n - CVE-2019-11757: Fixed a use-after-free when creating\n index updates in IndexedDB (bsc#1154738).\n\n - CVE-2019-11758: Fixed a potentially exploitable crash\n due to 360 Total Security (bsc#1154738).\n\n - CVE-2019-11759: Fixed a stack-based buffer overflow in\n HKDF output (bsc#1154738).\n\n - CVE-2019-11760: Fixed a stack-based buffer overflow in\n WebRTC networking (bsc#1154738).\n\n - CVE-2019-11761: Fixed an unintended access to a\n privileged JSONView object (bsc#1154738).\n\n - CVE-2019-11762: Fixed a same-origin-property violation\n (bsc#1154738).\n\n - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n\n - CVE-2019-11764: Fixed several memory safety bugs\n (bsc#1154738).\n\nNon-security issues fixed :\n\n - Added Provides-line for translations-common\n (bsc#1153423) .\n\n - Moved some settings from branding-package here\n (bsc#1153869).\n\n - Disabled DoH by default.\n\nChanges in MozillaFirefox-branding-SLE :\n\n - Moved extensions preferences to core package\n (bsc#1153869).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1129528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154738\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected MozillaFirefox / MozillaFirefox-branding-SLE packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-openSUSE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:firefox-esr-branding-openSUSE\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-branding-openSUSE-68-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-debuginfo-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-debugsource-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-devel-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-translations-common-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaFirefox-translations-other-68.2.0-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"firefox-esr-branding-openSUSE-68-lp151.3.3.1\", allowmaj:TRUE) ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox-branding-openSUSE / firefox-esr-branding-openSUSE / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T03:22:08", "description": "The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 68.2. It is, therefore, affected\nby multiple vulnerabilities as referenced in the mfsa2019-33 advisory, including the following:\n\n - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to\n document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or\n XML_GetCurrentColumnNumber) could then result in a heap-based buffer over-read. (CVE-2019-15903)\n\n - A use-after-free vulnerability exists in IndexedDB when creating updates. When following the value's\n prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference\n it. This resulted in a use-after-free and a potentially exploitable crash. (CVE-2019-11757)\n\n - A potential memory corruption vulnerability is present in the accessibility engine when 360 Total\n Security is installed, resulting in a potentially exploitable crash. (CVE-2019-11758)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 22, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-10-24T00:00:00", "title": "Mozilla Firefox ESR 68.x < 68.2 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MACOS_FIREFOX_68_2_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/130171", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2019-33.\n# The text itself is copyright (C) Mozilla Foundation.\n\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130171);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/16\");\n\n script_cve_id(\n \"CVE-2019-11757\",\n \"CVE-2019-11758\",\n \"CVE-2019-11759\",\n \"CVE-2019-11760\",\n \"CVE-2019-11761\",\n \"CVE-2019-11762\",\n \"CVE-2019-11763\",\n \"CVE-2019-11764\",\n \"CVE-2019-15903\"\n );\n script_xref(name:\"MFSA\", value:\"2019-33\");\n script_xref(name:\"IAVA\", value:\"2019-A-0395\");\n\n script_name(english:\"Mozilla Firefox ESR 68.x < 68.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 68.2. It is, therefore, affected\nby multiple vulnerabilities as referenced in the mfsa2019-33 advisory, including the following:\n\n - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to\n document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or\n XML_GetCurrentColumnNumber) could then result in a heap-based buffer over-read. (CVE-2019-15903)\n\n - A use-after-free vulnerability exists in IndexedDB when creating updates. When following the value's\n prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference\n it. This resulted in a use-after-free and a potentially exploitable crash. (CVE-2019-11757)\n\n - A potential memory corruption vulnerability is present in the accessibility engine when 360 Total\n Security is installed, resulting in a potentially exploitable crash. (CVE-2019-11758)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 68.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nkb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nversion = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\npath = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nis_esr = get_kb_item(kb_base+'/is_esr');\nif (isnull(is_esr)) audit(AUDIT_NOT_INST, 'Mozilla Firefox ESR');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:TRUE, fix:'68.2', min:'68.0.0', severity:SECURITY_WARNING, xss:TRUE);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T04:22:49", "description": "This update for MozillaThunderbird to version 68.2.1 provides the\nfollowing fixes :\n\n - Security issues fixed (bsc#1154738) :\n\n - CVE-2019-15903: Fixed a heap overflow in the expat\n library (bsc#1149429).\n\n - CVE-2019-11757: Fixed a use-after-free when creating\n index updates in IndexedDB (bsc#1154738).\n\n - CVE-2019-11758: Fixed a potentially exploitable crash\n due to 360 Total Security (bsc#1154738).\n\n - CVE-2019-11759: Fixed a stack-based buffer overflow in\n HKDF output (bsc#1154738).\n\n - CVE-2019-11760: Fixed a stack-based buffer overflow in\n WebRTC networking (bsc#1154738).\n\n - CVE-2019-11761: Fixed an unintended access to a\n privileged JSONView object (bsc#1154738).\n\n - CVE-2019-11762: Fixed a same-origin-property violation\n (bsc#1154738).\n\n - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n\n - CVE-2019-11764: Fixed several memory safety bugs\n (bsc#1154738).\n\nOther fixes (bsc#1153879) :\n\n - Some attachments couldn't be opened in messages\n originating from MS Outlook 2016.\n\n - Address book import from CSV.\n\n - Performance problem in message body search.\n\n - Ctrl+Enter to send a message would open an attachment if\n the attachment pane had focus.\n\n - Calendar: Issues with 'Today Pane' start-up.\n\n - Calendar: Glitches with custom repeat and reminder\n number input.\n\n - Calendar: Problems with WCAP provider.\n\n - A language for the user interface can now be chosen in\n the advanced settings \n\n - Fixed an issue with Google authentication (OAuth2)\n\n - Fixed an issue where selected or unread messages were\n not shown in the correct color in the thread pane under\n some circumstances\n\n - Fixed an issue where when using a language pack, names\n of standard folders were not localized (bsc#1149126)\n\n - Fixed an issue where the address book default startup\n directory in preferences panel not persisted\n\n - Fixed various visual glitches\n\n - Fixed issues with the chat\n\n - Fixed building with rust >= 1.38.\n\n - Fixrd LTO build without PGO.\n\n - Removed kde.js since disabling instantApply breaks\n extensions and is now obsolete with the move to HTML\n views for preferences. (bsc#1151186)\n\n - Updated create-tar.sh. (bsc#1152778)\n\n - Deactivated the crashreporter for the last remaining\n arch.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 19, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-13T00:00:00", "title": "openSUSE Security Update : MozillaThunderbird (openSUSE-2019-2452)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common"], "id": "OPENSUSE-2019-2452.NASL", "href": "https://www.tenable.com/plugins/nessus/130936", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2452.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130936);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (openSUSE-2019-2452)\");\n script_summary(english:\"Check for the openSUSE-2019-2452 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaThunderbird to version 68.2.1 provides the\nfollowing fixes :\n\n - Security issues fixed (bsc#1154738) :\n\n - CVE-2019-15903: Fixed a heap overflow in the expat\n library (bsc#1149429).\n\n - CVE-2019-11757: Fixed a use-after-free when creating\n index updates in IndexedDB (bsc#1154738).\n\n - CVE-2019-11758: Fixed a potentially exploitable crash\n due to 360 Total Security (bsc#1154738).\n\n - CVE-2019-11759: Fixed a stack-based buffer overflow in\n HKDF output (bsc#1154738).\n\n - CVE-2019-11760: Fixed a stack-based buffer overflow in\n WebRTC networking (bsc#1154738).\n\n - CVE-2019-11761: Fixed an unintended access to a\n privileged JSONView object (bsc#1154738).\n\n - CVE-2019-11762: Fixed a same-origin-property violation\n (bsc#1154738).\n\n - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n\n - CVE-2019-11764: Fixed several memory safety bugs\n (bsc#1154738).\n\nOther fixes (bsc#1153879) :\n\n - Some attachments couldn't be opened in messages\n originating from MS Outlook 2016.\n\n - Address book import from CSV.\n\n - Performance problem in message body search.\n\n - Ctrl+Enter to send a message would open an attachment if\n the attachment pane had focus.\n\n - Calendar: Issues with 'Today Pane' start-up.\n\n - Calendar: Glitches with custom repeat and reminder\n number input.\n\n - Calendar: Problems with WCAP provider.\n\n - A language for the user interface can now be chosen in\n the advanced settings \n\n - Fixed an issue with Google authentication (OAuth2)\n\n - Fixed an issue where selected or unread messages were\n not shown in the correct color in the thread pane under\n some circumstances\n\n - Fixed an issue where when using a language pack, names\n of standard folders were not localized (bsc#1149126)\n\n - Fixed an issue where the address book default startup\n directory in preferences panel not persisted\n\n - Fixed various visual glitches\n\n - Fixed issues with the chat\n\n - Fixed building with rust >= 1.38.\n\n - Fixrd LTO build without PGO.\n\n - Removed kde.js since disabling instantApply breaks\n extensions and is now obsolete with the move to HTML\n views for preferences. (bsc#1151186)\n\n - Updated create-tar.sh. (bsc#1152778)\n\n - Deactivated the crashreporter for the last remaining\n arch.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153879\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154738\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaThunderbird-68.2.1-lp151.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaThunderbird-debuginfo-68.2.1-lp151.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaThunderbird-debugsource-68.2.1-lp151.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T20:41:14", "description": "This update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es) :\n\n - Mozilla: Memory safety bugs fixed in Firefox 70 and\n Firefox ESR 68.2 (CVE-2019-11764)\n\n - Mozilla: Use-after-free when creating index updates in\n IndexedDB (CVE-2019-11757)\n\n - Mozilla: Potentially exploitable crash due to 360 Total\n Security (CVE-2019-11758)\n\n - Mozilla: Stack buffer overflow in HKDF output\n (CVE-2019-11759)\n\n - Mozilla: Stack buffer overflow in WebRTC networking\n (CVE-2019-11760)\n\n - Mozilla: Unintended access to a privileged JSONView\n object (CVE-2019-11761)\n\n - Mozilla: document.domain-based origin isolation has\n same-origin-property violation (CVE-2019-11762)\n\n - Mozilla: Incorrect HTML parsing results in XSS bypass\n technique (CVE-2019-11763)\n\n - expat: heap-based buffer over-read via crafted XML input\n (CVE-2019-15903)", "edition": 11, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-10-30T00:00:00", "title": "Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20191029)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "modified": "2019-10-30T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20191029_THUNDERBIRD_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/130386", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130386);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2019-11757\", \"CVE-2019-11758\", \"CVE-2019-11759\", \"CVE-2019-11760\", \"CVE-2019-11761\", \"CVE-2019-11762\", \"CVE-2019-11763\", \"CVE-2019-11764\", \"CVE-2019-15903\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20191029)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es) :\n\n - Mozilla: Memory safety bugs fixed in Firefox 70 and\n Firefox ESR 68.2 (CVE-2019-11764)\n\n - Mozilla: Use-after-free when creating index updates in\n IndexedDB (CVE-2019-11757)\n\n - Mozilla: Potentially exploitable crash due to 360 Total\n Security (CVE-2019-11758)\n\n - Mozilla: Stack buffer overflow in HKDF output\n (CVE-2019-11759)\n\n - Mozilla: Stack buffer overflow in WebRTC networking\n (CVE-2019-11760)\n\n - Mozilla: Unintended access to a privileged JSONView\n object (CVE-2019-11761)\n\n - Mozilla: document.domain-based origin isolation has\n same-origin-property violation (CVE-2019-11762)\n\n - Mozilla: Incorrect HTML parsing results in XSS bypass\n technique (CVE-2019-11763)\n\n - expat: heap-based buffer over-read via crafted XML input\n (CVE-2019-15903)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1910&L=SCIENTIFIC-LINUX-ERRATA&P=10771\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5b386bc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11764\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"thunderbird-68.2.0-1.el7_7\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-68.2.0-1.el7_7\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-10-17T13:51:19", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4571-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nNovember 17, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : thunderbird\nCVE ID : CVE-2019-15903 CVE-2019-11764 CVE-2019-11763\n CVE-2019-11762 CVE-2019-11761 CVE-2019-11760\n CVE-2019-11759 CVE-2019-11757 CVE-2019-11755\n\nMultiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of\nservice.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x\nseries has ended, so starting with this update we&#x27;re now following the\n68.x releases.\n\t\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 1:68.2.2-1~deb9u1.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1:68.2.2-1~deb10u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/thunderbird\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 20, "modified": "2019-11-17T21:55:55", "published": "2019-11-17T21:55:55", "id": "DEBIAN:DSA-4571-1:418C4", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00223.html", "title": "[SECURITY] [DSA 4571-1] thunderbird security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:10:26", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "Package : thunderbird\nVersion : 1:68.2.2-1~deb8u1\nCVE ID : CVE-2019-11755 CVE-2019-11757 CVE-2019-11759\n CVE-2019-11760 CVE-2019-11761 CVE-2019-11762\n CVE-2019-11763 CVE-2019-11764 CVE-2019-15903\n\nMultiple security issues have been found in Thunderbird which could\npotentially result in the execution of arbitrary code or denial of service.\n\nDebian follows the Thunderbird upstream releases. Support for the 60.x series\nhas ended, so starting with this update we&#x27;re now following the 68.x releases.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n1:68.2.2-1~deb8u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nFurther information about Debian LTS security advisories, how to apply these\nupdates to your system and frequently asked questions can be found at:\nhttps://wiki.debian.org/LTS\n", "edition": 7, "modified": "2019-11-18T16:32:01", "published": "2019-11-18T16:32:01", "id": "DEBIAN:DLA-1997-1:9DD2C", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201911/msg00017.html", "title": "[SECURITY] [DLA 1997-1] thunderbird security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:49:12", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "Package : firefox-esr\nVersion : 68.2.0esr-1~deb8u1\nCVE ID : CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761\n CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of service.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we&#x27;re now\nfollowing the 68.x releases.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n68.2.0esr-1~deb8u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 7, "modified": "2019-11-10T09:50:25", "published": "2019-11-10T09:50:25", "id": "DEBIAN:DLA-1987-1:E3D38", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201911/msg00006.html", "title": "[SECURITY] [DLA 1987-1] firefox-esr security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-11T01:21:20", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4549-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nOctober 24, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : firefox-esr\nCVE ID : CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 \n CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, cross-site scripting or denial of service.\n\nDebian follows the extended support releases (ESR) of Firefox. Support\nfor the 60.x series has ended, so starting with this update we&#x27;re now\nfollowing the 68.x releases.\n\nFor the oldstable distribution (stretch), some additional config changes\nto the buildd network are needed (to provide the new Rust-based toolchain\nneeded by ESR68). Packages will be made available when those are sorted out.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 68.2.0esr-1~deb10u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 18, "modified": "2019-10-24T20:44:08", "published": "2019-10-24T20:44:08", "id": "DEBIAN:DSA-4549-1:796DA", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00201.html", "title": "[SECURITY] [DSA 4549-1] firefox-esr security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:39", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-15903"], "description": "Arch Linux Security Advisory ASA-201910-15\n==========================================\n\nSeverity: Critical\nDate : 2019-10-26\nCVE-ID : CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761\nCVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903\nPackage : thunderbird\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1054\n\nSummary\n=======\n\nThe package thunderbird before version 68.2.0-1 is vulnerable to\nmultiple issues including arbitrary code execution, access restriction\nbypass, denial of service, insufficient validation and same-origin\npolicy bypass.\n\nResolution\n==========\n\nUpgrade to 68.2.0-1.\n\n# pacman -Syu \"thunderbird>=68.2.0-1\"\n\nThe problems have been fixed upstream in version 68.2.0.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-11757 (arbitrary code execution)\n\nA use-after-free issue has been found in the IndexedDB component of\nFirefox before 70.0 and Thunderbird before 68.2. When storing a value\nin IndexedDB, the value's prototype chain is followed and it was\npossible to retain a reference to a locale, delete it, and subsequently\nreference it.\n\n- CVE-2019-11759 (arbitrary code execution)\n\nA stack-based buffer overflow has been found in the HKDF output of\nFirefox before 70.0 and Thunderbird before 68.2. An attacker could have\ncaused 4 bytes of HMAC output to be written past the end of a buffer\nstored on the stack.\n\n- CVE-2019-11760 (arbitrary code execution)\n\nA fixed-size stack buffer overflow has been found in nrappkit, in the\nWebRTC signaling code of Firefox before 70.0 and Thunderbird before\n68.2.\n\n- CVE-2019-11761 (access restriction bypass)\n\nAn issue has been found in Firefox before 70.0 and Thunderbird before\n68.2, where by using a form with a data URI it was possible to gain\naccess to the privileged JSONView object that had been cloned into\ncontent. Impact from exposing this object appears to be minimal,\nhowever it was a bypass of existing defense in depth mechanisms.\n\n- CVE-2019-11762 (same-origin policy bypass)\n\nA same-origin policy bypass has been found in Firefox before 70.0 and\nThunderbird before 68.2 where, if two same-origin documents set\ndocument.domain differently to become cross-origin, it was possible for\nthem to call arbitrary DOM methods/getters/setters on the now-cross-\norigin window.\n\n- CVE-2019-11763 (insufficient validation)\n\nAn issue has been found in Firefox before 70.0 and Thunderbird before\n68.2, where failure to correctly handle null bytes when processing HTML\nentities resulted in incorrectly parsing these entities. This could\nhave led to HTML comment text being treated as HTML which could have\nled to XSS in a web application under certain conditions. It could have\nalso led to HTML entities being masked from filters, enabling the use\nof entities to mask the actual characters of interest from filters.\n\n- CVE-2019-11764 (arbitrary code execution)\n\nSeveral memory safety bugs have been found in Firefox before 70.0 and\nThunderbird before 68.2. Some of these bugs showed evidence of memory\ncorruption and Mozilla presumes that with enough effort some of these\ncould be exploited to run arbitrary code.\n\n- CVE-2019-15903 (denial of service)\n\nA security issue has been found in libexpat before 2.2.8, where crafted\nXML input could fool the parser into changing from DTD parsing to\ndocument parsing too early; a consecutive call to\nXML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted\nin a heap-based buffer over-read\n\nImpact\n======\n\nA remote attacker could crash Thunderbird, bypass security measures or\nexecute arbitrary code.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11757\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11757\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1577107\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11759\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11759\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1577953\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11760\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11760\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1577719\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11761\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11761\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1561502\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11762\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11762\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1582857\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11763\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11763\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1584216\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11764\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11764\nhttps://bugzilla.mozilla.org/buglist.cgi?bug_id=1558522%2C1577061%2C1548044%2C1571223%2C1573048%2C1578933%2C1575217%2C1583684%2C1586845%2C1581950%2C1583463%2C1586599\nhttps://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html\nhttps://crbug.com/1004341\nhttps://github.com/libexpat/libexpat/issues/317\nhttps://github.com/libexpat/libexpat/pull/318\nhttps://security.archlinux.org/CVE-2019-11757\nhttps://security.archlinux.org/CVE-2019-11759\nhttps://security.archlinux.org/CVE-2019-11760\nhttps://security.archlinux.org/CVE-2019-11761\nhttps://security.archlinux.org/CVE-2019-11762\nhttps://security.archlinux.org/CVE-2019-11763\nhttps://security.archlinux.org/CVE-2019-11764\nhttps://security.archlinux.org/CVE-2019-15903", "modified": "2019-10-26T00:00:00", "published": "2019-10-26T00:00:00", "id": "ASA-201910-15", "href": "https://security.archlinux.org/ASA-201910-15", "type": "archlinux", "title": "[ASA-201910-15] thunderbird: multiple issues", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-22T18:36:39", "bulletinFamily": "unix", "cvelist": ["CVE-2018-6156", "CVE-2019-11757", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-11765", "CVE-2019-15903", "CVE-2019-17000", "CVE-2019-17001", "CVE-2019-17002"], "description": "Arch Linux Security Advisory ASA-201910-16\n==========================================\n\nSeverity: Critical\nDate : 2019-10-26\nCVE-ID : CVE-2018-6156 CVE-2019-11757 CVE-2019-11759 CVE-2019-11760\nCVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764\nCVE-2019-11765 CVE-2019-15903 CVE-2019-17000 CVE-2019-17001\nCVE-2019-17002\nPackage : firefox\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1055\n\nSummary\n=======\n\nThe package firefox before version 70.0-1 is vulnerable to multiple\nissues including arbitrary code execution, access restriction bypass,\ndenial of service, insufficient validation and same-origin policy\nbypass.\n\nResolution\n==========\n\nUpgrade to 70.0-1.\n\n# pacman -Syu \"firefox>=70.0-1\"\n\nThe problems have been fixed upstream in version 70.0.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-6156 (arbitrary code execution)\n\nA heap-based buffer overflow has been found in Firefox before 70.0,\nwhere an incorrect derivation of a packet length in WebRTC caused heap\ncorruption via a crafted video file.\n\n- CVE-2019-11757 (arbitrary code execution)\n\nA use-after-free issue has been found in the IndexedDB component of\nFirefox before 70.0 and Thunderbird before 68.2. When storing a value\nin IndexedDB, the value's prototype chain is followed and it was\npossible to retain a reference to a locale, delete it, and subsequently\nreference it.\n\n- CVE-2019-11759 (arbitrary code execution)\n\nA stack-based buffer overflow has been found in the HKDF output of\nFirefox before 70.0 and Thunderbird before 68.2. An attacker could have\ncaused 4 bytes of HMAC output to be written past the end of a buffer\nstored on the stack.\n\n- CVE-2019-11760 (arbitrary code execution)\n\nA fixed-size stack buffer overflow has been found in nrappkit, in the\nWebRTC signaling code of Firefox before 70.0 and Thunderbird before\n68.2.\n\n- CVE-2019-11761 (access restriction bypass)\n\nAn issue has been found in Firefox before 70.0 and Thunderbird before\n68.2, where by using a form with a data URI it was possible to gain\naccess to the privileged JSONView object that had been cloned into\ncontent. Impact from exposing this object appears to be minimal,\nhowever it was a bypass of existing defense in depth mechanisms.\n\n- CVE-2019-11762 (same-origin policy bypass)\n\nA same-origin policy bypass has been found in Firefox before 70.0 and\nThunderbird before 68.2 where, if two same-origin documents set\ndocument.domain differently to become cross-origin, it was possible for\nthem to call arbitrary DOM methods/getters/setters on the now-cross-\norigin window.\n\n- CVE-2019-11763 (insufficient validation)\n\nAn issue has been found in Firefox before 70.0 and Thunderbird before\n68.2, where failure to correctly handle null bytes when processing HTML\nentities resulted in incorrectly parsing these entities. This could\nhave led to HTML comment text being treated as HTML which could have\nled to XSS in a web application under certain conditions. It could have\nalso led to HTML entities being masked from filters, enabling the use\nof entities to mask the actual characters of interest from filters.\n\n- CVE-2019-11764 (arbitrary code execution)\n\nSeveral memory safety bugs have been found in Firefox before 70.0 and\nThunderbird before 68.2. Some of these bugs showed evidence of memory\ncorruption and Mozilla presumes that with enough effort some of these\ncould be exploited to run arbitrary code.\n\n- CVE-2019-11765 (insufficient validation)\n\nIncorrect permissions could be granted to a website in Firefox before\n70.0. A compromised content process could send a message to the parent\nprocess that would cause the 'Click to Play' permission prompt to be\nshown. However, due to lack of validation from the parent process, if\nthe user accepted the permission request an attacker-controlled\npermission would be granted rather than the 'Click to Play' permission.\n\n- CVE-2019-15903 (denial of service)\n\nA security issue has been found in libexpat before 2.2.8, where crafted\nXML input could fool the parser into changing from DTD parsing to\ndocument parsing too early; a consecutive call to\nXML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted\nin a heap-based buffer over-read\n\n- CVE-2019-17000 (access restriction bypass)\n\nA CSP bypass has been found in Firefox 69, where an object tag with a\ndata URI did not correctly inherit the document's Content Security\nPolicy. This allowed a CSP bypass in a cross-origin frame if the\ndocument's policy explicitly allowed data: URIs.\n\n- CVE-2019-17001 (access restriction bypass)\n\nA CSP bypass has been found in Firefox 69, where a Content-Security-\nPolicy that blocks in-line scripts could be bypassed using an object\ntag to execute JavaScript in the protected document (cross-site\nscripting). This is a separate bypass from CVE-2019-17000.\n\n- CVE-2019-17002 (access restriction bypass)\n\nAn issue has been found in Firefox before 70.0 where, if upgrade-\ninsecure-requests was specified in the Content Security Policy, and a\nlink was dragged and dropped from that page, the link was not upgraded\nto https.\n\nImpact\n======\n\nA remote attacker can crash Firefox, bypass security measures or\nexecute arbitrary code.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2018-6156\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1480088\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11757\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11757\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1577107\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11759\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11759\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1577953\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11760\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11760\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1577719\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11761\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11761\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1561502\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11762\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11762\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1582857\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11763\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11763\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1584216\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11764\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11764\nhttps://bugzilla.mozilla.org/buglist.cgi?bug_id=1558522%2C1577061%2C1548044%2C1571223%2C1573048%2C1578933%2C1575217%2C1583684%2C1586845%2C1581950%2C1583463%2C1586599\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11765\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1562582\nhttps://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html\nhttps://crbug.com/1004341\nhttps://github.com/libexpat/libexpat/issues/317\nhttps://github.com/libexpat/libexpat/pull/318\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-17000\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1441468\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-17001\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1587976\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-17002\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1561056\nhttps://security.archlinux.org/CVE-2018-6156\nhttps://security.archlinux.org/CVE-2019-11757\nhttps://security.archlinux.org/CVE-2019-11759\nhttps://security.archlinux.org/CVE-2019-11760\nhttps://security.archlinux.org/CVE-2019-11761\nhttps://security.archlinux.org/CVE-2019-11762\nhttps://security.archlinux.org/CVE-2019-11763\nhttps://security.archlinux.org/CVE-2019-11764\nhttps://security.archlinux.org/CVE-2019-11765\nhttps://security.archlinux.org/CVE-2019-15903\nhttps://security.archlinux.org/CVE-2019-17000\nhttps://security.archlinux.org/CVE-2019-17001\nhttps://security.archlinux.org/CVE-2019-17002", "modified": "2019-10-26T00:00:00", "published": "2019-10-26T00:00:00", "id": "ASA-201910-16", "href": "https://security.archlinux.org/ASA-201910-16", "type": "archlinux", "title": "[ASA-201910-16] firefox: multiple issues", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:36:49", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "It was discovered that a specially crafted S/MIME message with an inner \nencryption layer could be displayed as having a valid signature in some \ncircumstances, even if the signer had no access to the encrypted message. \nAn attacker could potentially exploit this to spoof the message author. \n(CVE-2019-11755)\n\nMultiple security issues were discovered in Thunderbird. If a user were \ntricked in to opening a specially crafted website in a browsing context, \nan attacker could potentially exploit these to cause a denial of service, \nbypass security restrictions, bypass same-origin restrictions, conduct \ncross-site scripting (XSS) attacks, or execute arbitrary code. \n(CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, \nCVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764)\n\nA heap overflow was discovered in the expat library in Thunderbird. If a \nuser were tricked in to opening a specially crafted message, an attacker \ncould potentially exploit this to cause a denial of service, or execute \narbitrary code. (CVE-2019-15903)", "edition": 4, "modified": "2019-11-26T00:00:00", "published": "2019-11-26T00:00:00", "id": "USN-4202-1", "href": "https://ubuntu.com/security/notices/USN-4202-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-02T11:37:52", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11755", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird \ncreated a new profile for some users. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that a specially crafted S/MIME message with an inner \nencryption layer could be displayed as having a valid signature in some \ncircumstances, even if the signer had no access to the encrypted message. \nAn attacker could potentially exploit this to spoof the message author. \n(CVE-2019-11755)\n\nMultiple security issues were discovered in Thunderbird. If a user were \ntricked in to opening a specially crafted website in a browsing context, \nan attacker could potentially exploit these to cause a denial of service, \nbypass security restrictions, bypass same-origin restrictions, conduct \ncross-site scripting (XSS) attacks, or execute arbitrary code. \n(CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, \nCVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764)\n\nA heap overflow was discovered in the expat library in Thunderbird. If a \nuser were tricked in to opening a specially crafted message, an attacker \ncould potentially exploit this to cause a denial of service, or execute \narbitrary code. (CVE-2019-15903)", "edition": 4, "modified": "2019-12-10T00:00:00", "published": "2019-12-10T00:00:00", "id": "USN-4202-2", "href": "https://ubuntu.com/security/notices/USN-4202-2", "title": "Thunderbird regression", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-02T11:33:38", "bulletinFamily": "unix", "cvelist": ["CVE-2019-17001", "CVE-2019-11765", "CVE-2019-11761", "CVE-2019-17000", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-17002", "CVE-2018-6156", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "Multiple security issues were discovered in Firefox. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit these to cause a denial of service, bypass security \nrestrictions, bypass same-origin restrictions, conduct cross-site \nscripting (XSS) attacks, bypass content security policy (CSP) protections, \nor execute arbitrary code.", "edition": 4, "modified": "2019-10-23T00:00:00", "published": "2019-10-23T00:00:00", "id": "USN-4165-1", "href": "https://ubuntu.com/security/notices/USN-4165-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2019-11-09T20:21:51", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the\n following issues:\n\n Changes in MozillaFirefox:\n\n Security issues fixed:\n\n - CVE-2019-15903: Fixed a heap overflow in the expat library\n (bsc#1149429).\n - CVE-2019-11757: Fixed a use-after-free when creating index updates in\n IndexedDB (bsc#1154738).\n - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total\n Security (bsc#1154738).\n - CVE-2019-11759: Fixed a stack buffer overflow in HKDF output\n (bsc#1154738).\n - CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking\n (bsc#1154738).\n - CVE-2019-11761: Fixed an unintended access to a privileged JSONView\n object (bsc#1154738).\n - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\n Non-security issues fixed:\n\n - Added Provides-line for translations-common (bsc#1153423) .\n - Moved some settings from branding-package here (bsc#1153869).\n - Disabled DoH by default.\n\n Changes in MozillaFirefox-branding-SLE:\n\n - Moved extensions preferences to core package (bsc#1153869).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-11-09T18:17:11", "published": "2019-11-09T18:17:11", "id": "OPENSUSE-SU-2019:2459-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html", "title": "Security update for MozillaFirefox, MozillaFirefox-branding-SLE (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-09T20:21:51", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the\n following issues:\n\n Changes in MozillaFirefox:\n\n Security issues fixed:\n\n - CVE-2019-15903: Fixed a heap overflow in the expat library\n (bsc#1149429).\n - CVE-2019-11757: Fixed a use-after-free when creating index updates in\n IndexedDB (bsc#1154738).\n - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total\n Security (bsc#1154738).\n - CVE-2019-11759: Fixed a stack buffer overflow in HKDF output\n (bsc#1154738).\n - CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking\n (bsc#1154738).\n - CVE-2019-11761: Fixed an unintended access to a privileged JSONView\n object (bsc#1154738).\n - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\n Non-security issues fixed:\n\n - Added Provides-line for translations-common (bsc#1153423) .\n - Moved some settings from branding-package here (bsc#1153869).\n - Disabled DoH by default.\n\n Changes in MozillaFirefox-branding-SLE:\n\n - Moved extensions preferences to core package (bsc#1153869).\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-11-09T18:15:49", "published": "2019-11-09T18:15:49", "id": "OPENSUSE-SU-2019:2451-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html", "title": "Security update for MozillaFirefox, MozillaFirefox-branding-SLE (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-09T20:21:51", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "This update for MozillaThunderbird to version 68.2.1 provides the\n following fixes:\n\n - Security issues fixed (bsc#1154738):\n * CVE-2019-15903: Fixed a heap overflow in the expat library\n (bsc#1149429).\n * CVE-2019-11757: Fixed a use-after-free when creating index updates in\n IndexedDB (bsc#1154738).\n * CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total\n Security (bsc#1154738).\n * CVE-2019-11759: Fixed a stack buffer overflow in HKDF output\n (bsc#1154738).\n * CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking\n (bsc#1154738).\n * CVE-2019-11761: Fixed an unintended access to a privileged JSONView\n object (bsc#1154738).\n * CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n * CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n * CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\n Other fixes (bsc#1153879):\n * Some attachments couldn't be opened in messages originating from MS\n Outlook 2016.\n * Address book import from CSV.\n * Performance problem in message body search.\n * Ctrl+Enter to send a message would open an attachment if the\n attachment pane had focus.\n * Calendar: Issues with &quot;Today Pane&quot; start-up.\n * Calendar: Glitches with custom repeat and reminder number input.\n * Calendar: Problems with WCAP provider.\n * A language for the user interface can now be chosen in the advanced\n settings\n * Fixed an issue with Google authentication (OAuth2)\n * Fixed an issue where selected or unread messages were not shown in the\n correct color in the thread pane under some circumstances\n * Fixed an issue where when using a language pack, names of standard\n folders were not localized (bsc#1149126)\n * Fixed an issue where the address book default startup directory in\n preferences panel not persisted\n * Fixed various visual glitches\n * Fixed issues with the chat\n * Fixed building with rust &gt;= 1.38.\n * Fixrd LTO build without PGO.\n * Removed kde.js since disabling instantApply breaks extensions and is\n now obsolete with the move to HTML views for preferences. (bsc#1151186)\n * Updated create-tar.sh. (bsc#1152778)\n * Deactivated the crashreporter for the last remaining arch.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-11-09T18:19:14", "published": "2019-11-09T18:19:14", "id": "OPENSUSE-SU-2019:2452-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html", "title": "Recommended update for MozillaThunderbird (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-09T20:32:35", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "This update for MozillaThunderbird to version 68.2.1 provides the\n following fixes:\n\n - Security issues fixed (bsc#1154738):\n * CVE-2019-15903: Fixed a heap overflow in the expat library\n (bsc#1149429).\n * CVE-2019-11757: Fixed a use-after-free when creating index updates in\n IndexedDB (bsc#1154738).\n * CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total\n Security (bsc#1154738).\n * CVE-2019-11759: Fixed a stack buffer overflow in HKDF output\n (bsc#1154738).\n * CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking\n (bsc#1154738).\n * CVE-2019-11761: Fixed an unintended access to a privileged JSONView\n object (bsc#1154738).\n * CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n * CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n * CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\n Other fixes (bsc#1153879):\n * Some attachments couldn't be opened in messages originating from MS\n Outlook 2016.\n * Address book import from CSV.\n * Performance problem in message body search.\n * Ctrl+Enter to send a message would open an attachment if the\n attachment pane had focus.\n * Calendar: Issues with &quot;Today Pane&quot; start-up.\n * Calendar: Glitches with custom repeat and reminder number input.\n * Calendar: Problems with WCAP provider.\n * A language for the user interface can now be chosen in the advanced\n settings\n * Fixed an issue with Google authentication (OAuth2)\n * Fixed an issue where selected or unread messages were not shown in the\n correct color in the thread pane under some circumstances\n * Fixed an issue where when using a language pack, names of standard\n folders were not localized (bsc#1149126)\n * Fixed an issue where the address book default startup directory in\n preferences panel not persisted\n * Fixed various visual glitches\n * Fixed issues with the chat\n * Fixed building with rust &gt;= 1.38.\n * Fixrd LTO build without PGO.\n * Removed kde.js since disabling instantApply breaks extensions and is\n now obsolete with the move to HTML views for preferences. (bsc#1151186)\n * Updated create-tar.sh. (bsc#1152778)\n * Deactivated the crashreporter for the last remaining arch.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-11-09T18:20:22", "published": "2019-11-09T18:20:22", "id": "OPENSUSE-SU-2019:2464-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html", "title": "Recommended update for MozillaThunderbird (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2020-01-14T13:36:29", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-15903"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-11-06T21:48:22", "published": "2019-11-06T21:10:14", "id": "RHSA-2019:3756", "href": "https://access.redhat.com/errata/RHSA-2019:3756", "type": "redhat", "title": "(RHSA-2019:3756) Important: thunderbird security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T13:37:47", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-15903"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-29T13:29:45", "published": "2019-10-29T13:12:31", "id": "RHSA-2019:3210", "href": "https://access.redhat.com/errata/RHSA-2019:3210", "type": "redhat", "title": "(RHSA-2019:3210) Important: thunderbird security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T13:34:48", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-15903"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-29T17:37:55", "published": "2019-10-29T17:29:02", "id": "RHSA-2019:3237", "href": "https://access.redhat.com/errata/RHSA-2019:3237", "type": "redhat", "title": "(RHSA-2019:3237) Important: thunderbird security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-06T15:36:22", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-15903"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.2.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-03-05T16:59:47", "published": "2019-10-24T12:09:07", "id": "RHSA-2019:3196", "href": "https://access.redhat.com/errata/RHSA-2019:3196", "type": "redhat", "title": "(RHSA-2019:3196) Critical: firefox security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-06T15:36:33", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-15903"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.2.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-03-05T16:58:05", "published": "2019-10-23T17:10:31", "id": "RHSA-2019:3193", "href": "https://access.redhat.com/errata/RHSA-2019:3193", "type": "redhat", "title": "(RHSA-2019:3193) Critical: firefox security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T13:37:18", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.2.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-31T17:51:41", "published": "2019-10-31T17:19:24", "id": "RHSA-2019:3281", "href": "https://access.redhat.com/errata/RHSA-2019:3281", "type": "redhat", "title": "(RHSA-2019:3281) Critical: firefox security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:08", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "**Issue Overview:**\n\nSeveral memory safety bugs were discovered in Mozilla Firefox and Thunderbird. Memory corruption and arbitrary code execution are possible with these vulnerabilities. These bugs can be exploited over the network.([CVE-2019-11764 __](<https://access.redhat.com/security/cve/CVE-2019-11764>))\n\nA flaw was discovered in both Firefox and Thunderbird where 4 bytes of a HMAC output could be written past the end of a buffer stored on the memory stack. This could allow an attacker to execute arbitrary code or lead to a crash. This flaw can be exploited over the network.([CVE-2019-11759 __](<https://access.redhat.com/security/cve/CVE-2019-11759>))\n\nA flaw was found in Mozilla Firefox and Thunderbird where null bytes were incorrectly parsed in HTML entities. This could lead to HTML comments being treated as code which could lead to XSS in a web application or HTML entities being masked from filters.([CVE-2019-11763 __](<https://access.redhat.com/security/cve/CVE-2019-11763>))\n\nA vulnerability was found in Mozilla Firefox and Thunderbird. Privileged JSONView objects that have been cloned into content can be accessed using a form with a data URI. This flaw bypasses existing defense-in-depth mechanisms and can be exploited over the network.([CVE-2019-11761 __](<https://access.redhat.com/security/cve/CVE-2019-11761>))\n\nA flaw was discovered in Mozilla Firefox and Thunderbird where a fixed-stack buffer overflow could occur during WebRTC signalling. The vulnerability could lead to an exploitable crash or leak data.([CVE-2019-11760 __](<https://access.redhat.com/security/cve/CVE-2019-11760>))\n\nA use-after-free flaw was found in Mozilla Firefox and Thunderbird. When following a value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. An attacker could use this flaw to execute code that was stored in the referenced memory or crash the system.([CVE-2019-11757 __](<https://access.redhat.com/security/cve/CVE-2019-11757>))\n\nIn libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.([CVE-2019-15903 __](<https://access.redhat.com/security/cve/CVE-2019-15903>))\n\nA flaw was found in Mozilla's firefox and thunderbird where if two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This could cause an interaction between two different sites on two different windows running under the same application.([CVE-2019-11762 __](<https://access.redhat.com/security/cve/CVE-2019-11762>))\n\nA flaw was found in the 360 Total Security code in Firefox and Thunderbird. Memory corruption is possible in the accessibility engine that could lead to an exploit to run arbitrary code. This vulnerability could be exploited over a network connection and would affect confidentiality and integrity of information as well as availability of the system.([CVE-2019-11758 __](<https://access.redhat.com/security/cve/CVE-2019-11758>))\n\n \n**Affected Packages:** \n\n\nthunderbird\n\n \n**Issue Correction:** \nRun _yum update thunderbird_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n src: \n thunderbird-68.2.0-1.amzn2.0.1.src \n \n x86_64: \n thunderbird-68.2.0-1.amzn2.0.1.x86_64 \n thunderbird-debuginfo-68.2.0-1.amzn2.0.1.x86_64 \n \n \n", "edition": 1, "modified": "2019-12-13T19:41:00", "published": "2019-12-13T19:41:00", "id": "ALAS2-2019-1376", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1376.html", "title": "Important: thunderbird", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2020-09-02T11:42:44", "bulletinFamily": "info", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "### *Detect date*:\n09/22/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions.\n\n### *Affected products*:\nMozilla Thunderbird earlier than 68.2\n\n### *Solution*:\nUpdate to the latest version \n[Download Mozilla Thunderbird](<https://www.mozilla.org/en-US/thunderbird/>)\n\n### *Original advisories*:\n[Advisory 2019-35](<https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Thunderbird](<https://threats.kaspersky.com/en/product/Mozilla-Thunderbird/>)\n\n### *CVE-IDS*:\n[CVE-2019-15903](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903>)0.0Unknown \n[CVE-2019-11758](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11758>)0.0Unknown \n[CVE-2019-11761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761>)0.0Unknown \n[CVE-2019-11757](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757>)0.0Unknown \n[CVE-2019-11760](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760>)0.0Unknown \n[CVE-2019-11759](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759>)0.0Unknown \n[CVE-2019-11762](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762>)0.0Unknown \n[CVE-2019-11764](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764>)0.0Unknown \n[CVE-2019-11763](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763>)0.0Unknown", "edition": 1, "modified": "2020-05-22T00:00:00", "published": "2019-09-22T00:00:00", "id": "KLA11591", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11591", "title": "\r KLA11591Multiple vulnerabilities in Mozilla Thunderbird ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-02T11:56:03", "bulletinFamily": "info", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "### *Detect date*:\n10/22/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code.\n\n### *Affected products*:\nMozilla Firefox earlier than 68.2\n\n### *Solution*:\nUpdate to the latest version \n[Download Mozilla Firefox ESR](<https://www.mozilla.org/en-US/firefox/organizations/all/>)\n\n### *Original advisories*:\n[Advisory 2019-33](<https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox ESR](<https://threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/>)\n\n### *CVE-IDS*:\n[CVE-2019-15903](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903>)0.0Unknown \n[CVE-2019-11758](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11758>)0.0Unknown \n[CVE-2019-11761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761>)0.0Unknown \n[CVE-2019-11757](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757>)0.0Unknown \n[CVE-2019-11760](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760>)0.0Unknown \n[CVE-2019-11759](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759>)0.0Unknown \n[CVE-2019-11762](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762>)0.0Unknown \n[CVE-2019-11764](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764>)0.0Unknown \n[CVE-2019-11763](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763>)0.0Unknown", "edition": 1, "modified": "2020-05-22T00:00:00", "published": "2019-10-22T00:00:00", "id": "KLA11590", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11590", "title": "\r KLA11590Multiple vulnerabilities in Mozilla Firefox ESR ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-01-14T14:37:06", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "[68.2.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[68.2.0-1]\n- Update to 68.2.0\n[68.1.1-2]\n- Update to 68.1.1", "edition": 3, "modified": "2019-10-30T00:00:00", "published": "2019-10-30T00:00:00", "id": "ELSA-2019-3237", "href": "http://linux.oracle.com/errata/ELSA-2019-3237.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T14:31:18", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "[68.2.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[68.2.0-1]\n- Update to 68.2.0\n[68.1.1-2]\n- Update to 68.1.1\n[60.9.0-2]\n- Update to 60.9.0", "edition": 4, "modified": "2019-10-29T00:00:00", "published": "2019-10-29T00:00:00", "id": "ELSA-2019-3210", "href": "http://linux.oracle.com/errata/ELSA-2019-3210.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T14:37:04", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "[68.2.0-2.0.1]\n- Rebuild to pickup Oracle default bookmarks [Orabug: 30069264]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[68.2.0-2]\n- Rebuild\n[68.2.0-1]\n- Update to 68.2.0 ESR\n[68.1.0-6]\n- Enable system nss on RHEL6\n[68.1.0-2]\n- Enable building langpacks", "edition": 3, "modified": "2019-10-24T00:00:00", "published": "2019-10-24T00:00:00", "id": "ELSA-2019-3196", "href": "http://linux.oracle.com/errata/ELSA-2019-3196.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T14:31:20", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "[68.2.0-1.0.1]\n- Update distribution for Oracle Linux [Orabug: 30143292]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[68.2.0-1]\n- Update to 68.2.0 ESR\n[68.1.0-6]\n- Enable system nss on RHEL6", "edition": 4, "modified": "2019-10-23T00:00:00", "published": "2019-10-23T00:00:00", "id": "ELSA-2019-3193", "href": "http://linux.oracle.com/errata/ELSA-2019-3193.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-08T01:33:12", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2017-5428", "CVE-2019-11764", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "[68.2.0-4.0.1]\n- fix LD_LIBRARY_PATH\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one\n[68.2.0-4]\n- Added patch for TLS 1.3 support.\n[68.2.0-3]\n- Rebuild\n[68.2.0-2]\n- Rebuild\n[68.2.0-1]\n- Update to 68.2.0 ESR\n[68.1.0-6]\n- Enable system nss on RHEL6\n[68.1.0-2]\n- Enable building langpacks\n[68.1.0-1]\n- Update to 68.1.0 ESR\n[68.0.1-4]\n- Enable system nss\n[68.0.1-3]\n- Enable official branding\n[68.0.1-2]\n- Enabled PipeWire on RHEL8\n[68.0.1-1]\n- Updated to 68.0.1 ESR\n[68.0-0.11]\n- Update to 68.0 ESR\n[68.0-0.10]\n- Updated to 68.0 alpha 13\n- Enabled second arches\n[68.0-0.1]\n- Updated to 68.0 alpha\n[60.6.0-3]\n- Added Google API keys (mozbz#1531176)\n[60.6.0-2]\n- Update to 60.6.0 ESR (Build 2)\n[60.6.0-1]\n- Update to 60.6.0 ESR (Build 1)\n[60.5.1-1]\n- Update to 60.5.1 ESR\n[60.5.0-3]\n- Added fix for rhbz#1672424 - Firefox crashes on NFS drives.\n[60.5.0-2]\n- Updated to 60.5.0 ESR build2\n[60.5.0-1]\n- Updated to 60.5.0 ESR build1\n[60.4.0-3]\n- Fixing fontconfig warnings (rhbz#1601475)\n[60.4.0-2]\n- Added pipewire patch from Tomas Popela (rhbz#1664270)\n[60.4.0-1]\n- Update to 60.4.0 ESR\n[60.3.0-2]\n- Added firefox-gnome-shell-extension\n[60.3.0-1]\n- Update to 60.3.0 ESR\n[60.2.2-2]\n- Added patch for rhbz#1633932\n[60.2.2-1]\n- Update to 60.2.2 ESR\n[60.2.1-1]\n- Update to 60.2.1 ESR\n[60.2.0-1]\n- Update to 60.2.0 ESR\n[60.1.0-9]\n- Do not set user agent (rhbz#1608065)\n- GTK dialogs are localized now (rhbz#1619373)\n- JNLP association works again (rhbz#1607457)\n[60.1.0-8]\n- Fixed homepage and bookmarks (rhbz#1606778)\n- Fixed missing file associations in RHEL6 (rhbz#1613565)\n[60.1.0-7]\n- Run at-spi-bus if not running already (for the bundled gtk3)\n[60.1.0-6]\n- Fix for missing schemes for bundled gtk3\n[60.1.0-5]\n- Added mesa-libEGL dependency to gtk3/rhel6\n[60.1.0-4]\n- Disabled jemalloc on all second arches\n[60.1.0-3]\n- Updated to 60.1.0 ESR build2\n[60.1.0-2]\n- Disabled jemalloc on second arches\n[60.1.0-1]\n- Updated to 60.1.0 ESR\n[60.0-12]\n- Fixing bundled libffi issues\n- Readded some requirements\n[60.0-10]\n- Added fix for mozilla BZ#1436242 - IPC crashes.\n[60.0-9]\n- Bundling libffi for the sec-arches\n- Added openssl-devel for the Python\n- Fixing bundled gtk3\n[60.0-8]\n- Added fix for mozilla BZ#1458492\n[60.0-7]\n- Added patch from rhbz#1498561 to fix ppc64(le) crashes.\n[60.0-6]\n- Disabled jemalloc on second arches\n[60.0-4]\n- Update to 60.0 ESR\n[52.7.0-1]\n- Update to 52.7.0 ESR\n[52.6.0-2]\n- Build Firefox for desktop arches only (x86_64 and ppc64le)\n[52.6.0-1]\n- Update to 52.6.0 ESR\n[52.5.0-1]\n- Update to 52.5.0 ESR\n[52.4.0-1]\n- Update to 52.4.0 ESR\n[52.3.0-3]\n- Update to 52.3.0 ESR (b2)\n- Require correct nss version\n[52.2.0-1]\n- Update to 52.2.0 ESR\n[52.1.2-1]\n- Update to 52.1.2 ESR\n[52.0-7]\n- Added fix for accept language (rhbz#1454322)\n[52.0-6]\n- Removing patch required for older NSS from RHEL 7.3\n- Added patch for rhbz#1414564\n[52.0-5]\n- Added fix for mozbz#1348168/CVE-2017-5428\n[52.0-4]\n- Update to 52.0 ESR (b4)\n[52.0-3]\n- Added fix for rhbz#1423012 - ppc64 gfx crashes\n[52.0-2]\n- Enable system nss\n[52.0-1]\n- Update to 52.0ESR (B1)\n- Build RHEL7 package for Gtk3\n[52.0-0.13]\n- Added fix for rhbz#1414535\n[52.0-0.12]\n- Update to 52.0b8\n[52.0-0.11]\n- Readded addons patch\n[52.0-0.10]\n- Update to 52.0b3\n[52.0-0.9]\n- Update to 52.0b2\n[52.0-0.8]\n- Update to 52.0b1\n[52.0-0.5]\n- Firefox Aurora 52 testing build", "edition": 1, "modified": "2020-07-07T00:00:00", "published": "2020-07-07T00:00:00", "id": "ELSA-2019-3281", "href": "http://linux.oracle.com/errata/ELSA-2019-3281.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:38:24", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "**CentOS Errata and Security Advisory** CESA-2019:3193\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.2.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-October/035535.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "edition": 6, "modified": "2019-10-31T14:47:55", "published": "2019-10-31T14:47:55", "id": "CESA-2019:3193", "href": "http://lists.centos.org/pipermail/centos-announce/2019-October/035535.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:36:41", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "**CentOS Errata and Security Advisory** CESA-2019:3210\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-October/035536.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 5, "modified": "2019-10-31T14:48:49", "published": "2019-10-31T14:48:49", "id": "CESA-2019:3210", "href": "http://lists.centos.org/pipermail/centos-announce/2019-October/035536.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:38:58", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-15903", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "**CentOS Errata and Security Advisory** CESA-2019:3756\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.2.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-November/035552.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 5, "modified": "2019-11-14T01:20:42", "published": "2019-11-14T01:20:42", "id": "CESA-2019:3756", "href": "http://lists.centos.org/pipermail/centos-announce/2019-November/035552.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:37:47", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11758", "CVE-2019-11761", "CVE-2019-11759", "CVE-2019-11762", "CVE-2019-11764", "CVE-2019-11757", "CVE-2019-11763", "CVE-2019-11760"], "description": "**CentOS Errata and Security Advisory** CESA-2019:3281\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.2.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764)\n\n* Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757)\n\n* Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758)\n\n* Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759)\n\n* Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760)\n\n* Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761)\n\n* Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762)\n\n* Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-November/035539.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "edition": 5, "modified": "2019-11-01T22:26:11", "published": "2019-11-01T22:26:11", "id": "CESA-2019:3281", "href": "http://lists.centos.org/pipermail/centos-announce/2019-November/035539.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:00", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-15903"], "description": "New mozilla-firefox packages are available for Slackware 14.2 and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/mozilla-firefox-68.2.0esr-i686-1_slack14.2.txz: Upgraded.\n This release contains security fixes and improvements.\n For more information, see:\n https://www.mozilla.org/en-US/firefox/68.2.0/releasenotes/\n https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11758\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mozilla-firefox-68.2.0esr-i686-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mozilla-firefox-68.2.0esr-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-68.2.0esr-i686-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-68.2.0esr-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.2 package:\n439c3fddbbe04d5ea525598cbb07ca46 mozilla-firefox-68.2.0esr-i686-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n414f4fa6867cef39168416347e5cbf30 mozilla-firefox-68.2.0esr-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n1eb1505393581c5d65be10a4abb4eb99 xap/mozilla-firefox-68.2.0esr-i686-1.txz\n\nSlackware x86_64 -current package:\nc8fc2ebc5953de938738883b0efa14de xap/mozilla-firefox-68.2.0esr-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg mozilla-firefox-68.2.0esr-i686-1_slack14.2.txz", "modified": "2019-10-22T19:35:11", "published": "2019-10-22T19:35:11", "id": "SSA-2019-295-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.408819", "type": "slackware", "title": "[slackware-security] mozilla-firefox", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2020-12-09T21:41:40", "description": "When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.", "edition": 14, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-08T20:15:00", "title": "CVE-2019-11757", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11757"], "modified": "2020-03-14T19:15:00", "cpe": [], "id": "CVE-2019-11757", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11757", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:40", "description": "A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1.", "edition": 14, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-27T18:15:00", "title": "CVE-2019-11755", "type": "cve", "cwe": ["CWE-347"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11755"], "modified": "2020-08-24T17:37:00", "cpe": [], "id": "CVE-2019-11755", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11755", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:40", "description": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.", "edition": 13, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-08T20:15:00", "title": "CVE-2019-11760", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11760"], "modified": "2020-03-14T19:15:00", "cpe": [], "id": "CVE-2019-11760", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11760", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:40", "description": "Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.", "edition": 13, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-08T21:15:00", "title": "CVE-2019-11764", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11764"], "modified": "2020-03-14T19:15:00", "cpe": [], "id": "CVE-2019-11764", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11764", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:40", "description": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.", "edition": 14, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.5}, "published": "2020-01-08T20:15:00", "title": "CVE-2019-11761", "type": "cve", "cwe": ["CWE-362", "CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11761"], "modified": "2020-08-24T17:37:00", "cpe": [], "id": "CVE-2019-11761", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11761", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:40", "description": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.", "edition": 13, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-01-08T20:15:00", "title": "CVE-2019-11762", "type": "cve", "cwe": ["CWE-346"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11762"], "modified": "2020-03-14T19:15:00", "cpe": [], "id": "CVE-2019-11762", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11762", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:40", "description": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.", "edition": 13, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-08T20:15:00", "title": "CVE-2019-11759", "type": "cve", "cwe": ["CWE-120"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11759"], "modified": "2020-03-14T19:15:00", "cpe": [], "id": "CVE-2019-11759", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11759", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:45", "description": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.", "edition": 40, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-09-04T06:15:00", "title": "CVE-2019-15903", "type": "cve", "cwe": ["CWE-776", "CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15903"], "modified": "2020-10-20T22:15:00", "cpe": [], "id": "CVE-2019-15903", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-15903", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2020-12-09T21:41:40", "description": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.", "edition": 13, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-01-08T20:15:00", "title": "CVE-2019-11763", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11763"], "modified": "2020-03-14T19:15:00", "cpe": [], "id": "CVE-2019-11763", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11763", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}]}