Oval Definition:	oval:org.opensuse.security:def:126290
Revision Date: 2019-07-17 Version: 1 Title: Security update for tomcat (Moderate) Description: This update for tomcat to version 9.0.21 fixes the following issues: Security issues fixed: - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames (bsc#1131055). - CVE-2019-0221: Fixed a cross site scripting vulnerability with the SSI printenv command (bsc#1136085). - CVE-2019-10072: Fixed incomplete patch for CVE-2019-0199 (bsc#1139924). Please also see http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.21_(markt) and http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt) Family: unix Class: patch Status: Reference(s): 1131055 1136085 1139924 CVE-2019-0199 CVE-2019-0221 CVE-2019-10072 SUSE-SU-2019:1866-1 Platform(s): SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4 Product(s): Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND tomcat-9.0.21-3.13.2 is installed OR tomcat-admin-webapps-9.0.21-3.13.2 is installed OR tomcat-docs-webapp-9.0.21-3.13.2 is installed OR tomcat-el-3_0-api-9.0.21-3.13.2 is installed OR tomcat-javadoc-9.0.21-3.13.2 is installed OR tomcat-jsp-2_3-api-9.0.21-3.13.2 is installed OR tomcat-lib-9.0.21-3.13.2 is installed OR tomcat-servlet-4_0-api-9.0.21-3.13.2 is installed OR tomcat-webapps-9.0.21-3.13.2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND tomcat-9.0.21-3.13.2 is installed OR tomcat-admin-webapps-9.0.21-3.13.2 is installed OR tomcat-docs-webapp-9.0.21-3.13.2 is installed OR tomcat-el-3_0-api-9.0.21-3.13.2 is installed OR tomcat-javadoc-9.0.21-3.13.2 is installed OR tomcat-jsp-2_3-api-9.0.21-3.13.2 is installed OR tomcat-lib-9.0.21-3.13.2 is installed OR tomcat-servlet-4_0-api-9.0.21-3.13.2 is installed OR tomcat-webapps-9.0.21-3.13.2 is installed
BACK