| Revision Date: | 2020-12-02 | Version: | 1 |
| Title: | Security update for apache-commons-httpclient (Important) |
| Description: |
This update for apache-commons-httpclient fixes the following issues:
- http/conn/ssl/SSLConnectionSocketFactory.java ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors. [bsc#945190, CVE-2015-5262] - org.apache.http.conn.ssl.AbstractVerifier does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows MITM attackers to spoof SSL servers via a 'CN=' string in a field in the distinguished name (DN) of a certificate. [bsc#1178171, CVE-2014-3577]
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1012382
1047238
1050242
1050911
1051510
1053043
1054914
1055117
1055186
1056686
1056787
1058115
1060662
1061840
1061843
1063638
1064597
1064701
1064802
1065600
1065729
1066129
1066369
1068546
1071009
1071306
1071995
1075020
1078248
1082318
1082387
1082555
1083647
1085030
1085535
1085536
1085539
1086103
1087092
1090734
1091171
1093205
1094814
1099658
1102097
1103678
1103992
1104353
1104427
1104902
1106011
1106061
1106284
1106434
1108193
1108382
1108838
1108937
1110946
1111696
1112063
1112894
1112899
1112902
1112903
1112905
1112906
1112907
1113722
1114279
1114427
1114542
1115688
1117158
1117561
1118139
1118689
1119086
1119843
1120091
1120423
1120431
1120566
1120843
1120876
1120902
1120937
1122293
1122299
1122776
1123105
1123454
1123663
1123959
1124370
1124503
1124839
1126356
1127616
1128052
1128828
1128904
1128979
1129138
1129273
1129424
1129497
1129519
1129664
1129693
1129770
1130579
1130699
1130972
1131107
1131281
1131326
1131451
1131488
1131565
1131673
1132044
1133021
1133176
1133188
1133190
1133320
1133612
1133616
1134160
1134162
1134199
1134200
1134201
1134202
1134203
1134204
1134205
1134291
1134354
1134393
1134459
1134460
1134461
1134537
1134597
1134651
1134671
1134760
1134806
1134810
1134813
1134848
1134881
1134882
1134936
1135006
1135007
1135008
1135056
1135100
1135120
1135219
1135278
1135281
1135309
1135312
1135314
1135315
1135316
1135320
1135323
1135330
1135492
1135542
1135556
1135603
1135642
1135661
1135758
1135897
1136206
1136261
1136424
1136428
1136430
1136432
1136434
1136435
1136438
1136439
1136477
1136478
1136573
1136586
1136881
1136935
1136990
1137001
1137151
1137152
1137153
1137162
1137372
1137444
1137586
1137739
1137752
1137811
1137825
1137884
1138459
1138539
1139020
1139021
1139101
1139500
1140012
1140255
1140426
1140487
1141450
1141543
1141554
1141853
1141897
1142019
1142076
1142109
1142117
1142118
1142119
1142496
1142541
1142614
1142635
1142649
1142685
1142701
1142857
1143300
1143466
1143765
1143841
1143843
1144123
1144333
1144474
1144518
1144718
1144813
1144880
1144886
1144912
1144920
1144979
1145010
1145051
1145059
1145189
1145235
1145300
1145302
1145388
1145389
1145390
1145391
1145392
1145393
1145394
1145395
1145396
1145397
1145408
1145409
1145575
1145661
1145678
1145687
1145738
1145739
1145740
1145741
1145742
1145920
1145922
1145934
1145937
1145940
1145941
1145942
1146074
1146084
1146163
1146285
1146346
1146351
1146352
1146361
1146376
1146378
1146381
1146391
1146399
1146413
1146425
1146512
1146514
1146516
1146519
1146524
1146526
1146529
1146531
1146543
1146547
1146550
1146575
1146589
1146678
1146938
1148031
1148032
1148033
1148034
1148035
1148093
1148133
1148192
1148196
1148198
1148202
1148303
1148363
1148379
1148394
1148517
1148527
1148574
1148616
1148617
1148619
1148859
1148868
1149053
1149083
1149104
1149105
1149106
1149145
1149197
1149214
1149224
1149325
1149376
1149413
1149418
1149424
1149522
1149527
1149539
1149552
1149591
1149602
1149612
1149626
1149652
1149713
1149940
1149976
1150025
1150033
1150112
1150562
1150727
1150860
1150861
1150933
1153102
1176116
1176256
1176257
1176258
1176259
1178171
945190
CVE-2014-3577
CVE-2015-5262
CVE-2017-18551
CVE-2018-11212
CVE-2018-20852
CVE-2018-20976
CVE-2018-21008
CVE-2018-7191
CVE-2019-10081
CVE-2019-10082
CVE-2019-10092
CVE-2019-10097
CVE-2019-10098
CVE-2019-10124
CVE-2019-10160
CVE-2019-10207
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
CVE-2019-11486
CVE-2019-11487
CVE-2019-11815
CVE-2019-11833
CVE-2019-11884
CVE-2019-12382
CVE-2019-12387
CVE-2019-12450
CVE-2019-13132
CVE-2019-14250
CVE-2019-14814
CVE-2019-14815
CVE-2019-14816
CVE-2019-14835
CVE-2019-15030
CVE-2019-15031
CVE-2019-15090
CVE-2019-15098
CVE-2019-15117
CVE-2019-15118
CVE-2019-15211
CVE-2019-15212
CVE-2019-15214
CVE-2019-15215
CVE-2019-15216
CVE-2019-15217
CVE-2019-15218
CVE-2019-15219
CVE-2019-15220
CVE-2019-15221
CVE-2019-15222
CVE-2019-15239
CVE-2019-15290
CVE-2019-15292
CVE-2019-15538
CVE-2019-15666
CVE-2019-15847
CVE-2019-15902
CVE-2019-15917
CVE-2019-15919
CVE-2019-15920
CVE-2019-15921
CVE-2019-15924
CVE-2019-15926
CVE-2019-15927
CVE-2019-17113
CVE-2019-2422
CVE-2019-2426
CVE-2019-3846
CVE-2019-5489
CVE-2019-9456
CVE-2019-9517
CVE-2019-9893
CVE-2020-15166
SUSE-SU-2019:0221-1
SUSE-SU-2019:1529-1
SUSE-SU-2019:1594-1
SUSE-SU-2019:1731-1
SUSE-SU-2019:1776-1
SUSE-SU-2019:2050-1
SUSE-SU-2019:2237-1
SUSE-SU-2019:2517-1
SUSE-SU-2019:2622-1
SUSE-SU-2019:2702-1
SUSE-SU-2020:3152-1
SUSE-SU-2020:3264-1
|
| Platform(s): | SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for High Performance Computing 15
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Realtime packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Package Hub for SUSE Linux Enterprise 12
| Product(s): | |
| Definition Synopsis |
| SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information
python-keystoneclient-1.0.0-14 is installed
OR python-keystoneclient-doc-1.0.0-14 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 is installed
AND bogofilter-1.2.4-3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
cpio-2.11-32 is installed
OR cpio-lang-2.11-32 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP2 is installed
AND Package Information
java-1_7_0-openjdk-1.7.0.121-36 is installed
OR java-1_7_0-openjdk-headless-1.7.0.121-36 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
libSoundTouch0-1.7.1-5.3 is installed
OR libSoundTouch0-32bit-1.7.1-5.3 is installed
OR soundtouch-1.7.1-5.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP3 is installed
AND Package Information
cluster-md-kmp-default-4.4.73-5 is installed
OR dlm-kmp-default-4.4.73-5 is installed
OR gfs2-kmp-default-4.4.73-5 is installed
OR ocfs2-kmp-default-4.4.73-5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP4 is installed
AND conntrack-tools-1.4.2-5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 15 is installed
AND Package Information
libqb-1.0.3+20171226.6d62b64-3.3 is installed
OR libqb-devel-1.0.3+20171226.6d62b64-3.3 is installed
OR libqb0-1.0.3+20171226.6d62b64-3.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 15 SP1 is installed
AND Package Information
cluster-md-kmp-default-4.12.14-197.7 is installed
OR dlm-kmp-default-4.12.14-197.7 is installed
OR gfs2-kmp-default-4.12.14-197.7 is installed
OR kernel-default-4.12.14-197.7 is installed
OR ocfs2-kmp-default-4.12.14-197.7 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
AND apache-commons-httpclient-3.1-11.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Containers 12 is installed
AND docker-1.6.2-31 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for High Performance Computing 15 is installed
AND Package Information
libpmi0-17.11.7-6.3 is installed
OR libslurm32-17.11.7-6.3 is installed
OR perl-slurm-17.11.7-6.3 is installed
OR slurm-17.11.7-6.3 is installed
OR slurm-auth-none-17.11.7-6.3 is installed
OR slurm-config-17.11.7-6.3 is installed
OR slurm-devel-17.11.7-6.3 is installed
OR slurm-doc-17.11.7-6.3 is installed
OR slurm-lua-17.11.7-6.3 is installed
OR slurm-munge-17.11.7-6.3 is installed
OR slurm-node-17.11.7-6.3 is installed
OR slurm-pam_slurm-17.11.7-6.3 is installed
OR slurm-plugins-17.11.7-6.3 is installed
OR slurm-slurmdbd-17.11.7-6.3 is installed
OR slurm-sql-17.11.7-6.3 is installed
OR slurm-torque-17.11.7-6.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Legacy Software 15 is installed
AND Package Information
java-1_8_0-ibm-1.8.0_sr5.15-3.3 is installed
OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-3.3 is installed
OR java-1_8_0-ibm-devel-1.8.0_sr5.15-3.3 is installed
OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-3.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
AND Package Information
java-1_8_0-ibm-1.8.0_sr6.0-3.30 is installed
OR java-1_8_0-ibm-alsa-1.8.0_sr6.0-3.30 is installed
OR java-1_8_0-ibm-devel-1.8.0_sr6.0-3.30 is installed
OR java-1_8_0-ibm-plugin-1.8.0_sr6.0-3.30 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 is installed
AND Package Information
kernel-livepatch-4_12_14-25_6-default-4-2 is installed
OR kernel-livepatch-SLE15_Update_2-4-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
AND Package Information
kernel-default-4.12.14-150.22 is installed
OR kernel-default-base-4.12.14-150.22 is installed
OR kernel-docs-4.12.14-150.22 is installed
OR kernel-docs-html-4.12.14-150.22 is installed
OR kernel-obs-qa-4.12.14-150.22 is installed
OR kselftests-kmp-default-4.12.14-150.22 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
AND Package Information
bzip2-1.0.6-5.3 is installed
OR bzip2-doc-1.0.6-5.3 is installed
OR libbz2-devel-32bit-1.0.6-5.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
AND Package Information
python-2.7.14-7.24 is installed
OR python-base-2.7.14-7.24 is installed
OR python-curses-2.7.14-7.24 is installed
OR python-devel-2.7.14-7.24 is installed
OR python-gdbm-2.7.14-7.24 is installed
OR python-xml-2.7.14-7.24 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed
AND Package Information
cluster-md-kmp-rt-4.12.14-14.8 is installed
OR dlm-kmp-rt-4.12.14-14.8 is installed
OR gfs2-kmp-rt-4.12.14-14.8 is installed
OR kernel-devel-rt-4.12.14-14.8 is installed
OR kernel-rt-4.12.14-14.8 is installed
OR kernel-rt-base-4.12.14-14.8 is installed
OR kernel-rt-devel-4.12.14-14.8 is installed
OR kernel-rt_debug-4.12.14-14.8 is installed
OR kernel-rt_debug-devel-4.12.14-14.8 is installed
OR kernel-source-rt-4.12.14-14.8 is installed
OR kernel-syms-rt-4.12.14-14.8 is installed
OR ocfs2-kmp-rt-4.12.14-14.8 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Server Applications 15 is installed
AND Package Information
ovmf-2017+git1510945757.b2662641d5-5.22 is installed
OR ovmf-tools-2017+git1510945757.b2662641d5-5.22 is installed
OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.22 is installed
OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.22 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
AND Package Information
subversion-1.10.6-3.6 is installed
OR subversion-server-1.10.6-3.6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Web Scripting 12 is installed
AND apache2-mod_wsgi-4.4.13-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Web Scripting 15 is installed
AND Package Information
apache2-mod_php7-7.2.5-4.3 is installed
OR php7-7.2.5-4.3 is installed
OR php7-bcmath-7.2.5-4.3 is installed
OR php7-bz2-7.2.5-4.3 is installed
OR php7-calendar-7.2.5-4.3 is installed
OR php7-ctype-7.2.5-4.3 is installed
OR php7-curl-7.2.5-4.3 is installed
OR php7-dba-7.2.5-4.3 is installed
OR php7-devel-7.2.5-4.3 is installed
OR php7-dom-7.2.5-4.3 is installed
OR php7-enchant-7.2.5-4.3 is installed
OR php7-exif-7.2.5-4.3 is installed
OR php7-fastcgi-7.2.5-4.3 is installed
OR php7-fileinfo-7.2.5-4.3 is installed
OR php7-fpm-7.2.5-4.3 is installed
OR php7-ftp-7.2.5-4.3 is installed
OR php7-gd-7.2.5-4.3 is installed
OR php7-gettext-7.2.5-4.3 is installed
OR php7-gmp-7.2.5-4.3 is installed
OR php7-iconv-7.2.5-4.3 is installed
OR php7-intl-7.2.5-4.3 is installed
OR php7-json-7.2.5-4.3 is installed
OR php7-ldap-7.2.5-4.3 is installed
OR php7-mbstring-7.2.5-4.3 is installed
OR php7-mysql-7.2.5-4.3 is installed
OR php7-odbc-7.2.5-4.3 is installed
OR php7-opcache-7.2.5-4.3 is installed
OR php7-openssl-7.2.5-4.3 is installed
OR php7-pcntl-7.2.5-4.3 is installed
OR php7-pdo-7.2.5-4.3 is installed
OR php7-pear-7.2.5-4.3 is installed
OR php7-pear-Archive_Tar-7.2.5-4.3 is installed
OR php7-pgsql-7.2.5-4.3 is installed
OR php7-phar-7.2.5-4.3 is installed
OR php7-posix-7.2.5-4.3 is installed
OR php7-shmop-7.2.5-4.3 is installed
OR php7-snmp-7.2.5-4.3 is installed
OR php7-soap-7.2.5-4.3 is installed
OR php7-sockets-7.2.5-4.3 is installed
OR php7-sqlite-7.2.5-4.3 is installed
OR php7-sysvmsg-7.2.5-4.3 is installed
OR php7-sysvsem-7.2.5-4.3 is installed
OR php7-sysvshm-7.2.5-4.3 is installed
OR php7-tokenizer-7.2.5-4.3 is installed
OR php7-wddx-7.2.5-4.3 is installed
OR php7-xmlreader-7.2.5-4.3 is installed
OR php7-xmlrpc-7.2.5-4.3 is installed
OR php7-xmlwriter-7.2.5-4.3 is installed
OR php7-xsl-7.2.5-4.3 is installed
OR php7-zip-7.2.5-4.3 is installed
OR php7-zlib-7.2.5-4.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 is installed
AND Package Information
alsa-1.0.27.2-11 is installed
OR alsa-docs-1.0.27.2-11 is installed
OR libasound2-1.0.27.2-11 is installed
OR libasound2-32bit-1.0.27.2-11 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
elfutils-0.158-6 is installed
OR libasm1-0.158-6 is installed
OR libasm1-32bit-0.158-6 is installed
OR libdw1-0.158-6 is installed
OR libdw1-32bit-0.158-6 is installed
OR libebl1-0.158-6 is installed
OR libebl1-32bit-0.158-6 is installed
OR libelf1-0.158-6 is installed
OR libelf1-32bit-0.158-6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3 is installed
AND Package Information
MozillaFirefox-52.2.0esr-108 is installed
OR MozillaFirefox-translations-52.2.0esr-108 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
AND libzip2-0.11.1-12 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 is installed
AND Package Information
icu-52.1-7.1 is installed
OR libicu-devel-52.1-7.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
AND libksba-devel-1.3.0-9.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 is installed
AND Package Information
pulseaudio-module-bluetooth-5.0-2.7 is installed
OR pulseaudio-module-gconf-5.0-2.7 is installed
OR pulseaudio-module-jack-5.0-2.7 is installed
OR pulseaudio-module-lirc-5.0-2.7 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 is installed
AND Package Information
ffmpeg-3.4.2-4.5 is installed
OR libavcodec-devel-3.4.2-4.5 is installed
OR libavformat-devel-3.4.2-4.5 is installed
OR libavformat57-3.4.2-4.5 is installed
OR libavresample-devel-3.4.2-4.5 is installed
OR libavresample3-3.4.2-4.5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
AND Package Information
evolution-3.26.6-4.3 is installed
OR evolution-devel-3.26.6-4.3 is installed
OR evolution-lang-3.26.6-4.3 is installed
OR evolution-plugin-bogofilter-3.26.6-4.3 is installed
OR evolution-plugin-pst-import-3.26.6-4.3 is installed
OR evolution-plugin-spamassassin-3.26.6-4.3 is installed
|
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 12 is installed
AND Package Information
chromedriver-54.0.2840.59-109 is installed
OR chromium-54.0.2840.59-109 is installed
OR chromium-ffmpegsumo-54.0.2840.59-109 is installed
|