OVAL Reference oval:org.opensuse.security:def:45322

Oval Definition:

oval:org.opensuse.security:def:45322

Revision Date:	2020-12-01	Version:	1
Title:	Security update for apache2 (Moderate)
Description:	This update for apache2 fixes the following issues: Security issues fixed: - CVE-2016-8743: Fixed liberal whitespace interpretation accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. (bsc#1016715) - CVE-2016-4975: Fixed possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes which prohibit CR or LF injection into the 'Location' or other outbound header key or value. (bsc#1104826)
Family:	unix	Class:	patch
Status:		Reference(s):	1016715 1024288 1024291 1032089 1037008 1037009 1057514 1059100 1059134 1059139 1085295 1085297 1085583 1085584 1085585 1085589 1086777 1089524 1104826 1106171 1106172 1106173 1106195 1107410 1107411 1107412 1107413 1107420 1107421 1107422 1107423 1107426 1107581 1108027 1109105 1109663 1109847 1115375 1134078 1136572 1136936 1138459 1139083 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 1144903 1153108 1153158 1153161 1158328 1163985 1169511 1172277 1172402 1174120 1174316 1174415 1176579 985657 CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2016-3189 CVE-2016-4975 CVE-2016-8743 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 CVE-2017-18233 CVE-2017-18234 CVE-2017-18236 CVE-2017-18238 CVE-2017-2579 CVE-2017-2580 CVE-2018-1000802 CVE-2018-14647 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16510 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16543 CVE-2018-16585 CVE-2018-16802 CVE-2018-17183 CVE-2018-7728 CVE-2018-7730 CVE-2018-8975 CVE-2019-10160 CVE-2019-10220 CVE-2019-11745 CVE-2019-12900 CVE-2019-13722 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-17133 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-6470 CVE-2019-7317 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-1472 CVE-2020-15900 CVE-2020-1720 CVE-2020-2654 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 SUSE-SU-2018:2815-1 SUSE-SU-2018:3389-1 SUSE-SU-2018:3640-2 SUSE-SU-2019:1955-1 SUSE-SU-2019:2036-1 SUSE-SU-2019:2053-1 SUSE-SU-2019:3347-1 SUSE-SU-2020:0715-1 SUSE-SU-2020:2097-1 SUSE-SU-2020:2721-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Realtime packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libmad0-0.15.1b-lp150.3 is installed
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information cyradm-2.4.18-5 is installed OR cyrus-imapd-2.4.18-5 is installed OR perl-Cyrus-IMAP-2.4.18-5 is installed OR perl-Cyrus-SIEVE-managesieve-2.4.18-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information gpg2-2.0.9-25.33.37 is installed OR gpg2-lang-2.0.9-25.33.37 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information java-1_7_0-openjdk-1.7.0.65-3 is installed OR java-1_7_0-openjdk-headless-1.7.0.65-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libidn11-1.28-4 is installed OR libidn11-32bit-1.28-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information dhcp-4.3.5-4 is installed OR dhcp-client-4.3.5-4 is installed OR dhcp-devel-4.3.5-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information avahi-0.7-1 is installed OR avahi-compat-howl-devel-0.7-1 is installed OR avahi-compat-mDNSResponder-devel-0.7-1 is installed OR avahi-lang-0.7-1 is installed OR avahi-utils-0.7-1 is installed OR libavahi-client3-0.7-1 is installed OR libavahi-client3-32bit-0.7-1 is installed OR libavahi-common3-0.7-1 is installed OR libavahi-common3-32bit-0.7-1 is installed OR libavahi-core7-0.7-1 is installed OR libavahi-devel-0.7-1 is installed OR libdns_sd-0.7-1 is installed OR libhowl0-0.7-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND fetchmailconf-6.3.26-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information ImageMagick-7.0.7.34-3.49 is installed OR perl-PerlMagick-7.0.7.34-3.49 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information glibc-2.26-13.45 is installed OR glibc-devel-32bit-2.26-13.45 is installed OR glibc-devel-static-2.26-13.45 is installed OR glibc-utils-2.26-13.45 is installed OR glibc-utils-src-2.26-13.45 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 is installed AND Package Information python-numpy_1_16_1-gnu-hpc-1.16.1-4.8 is installed OR python2-numpy-gnu-hpc-1.16.1-4.8 is installed OR python2-numpy-gnu-hpc-devel-1.16.1-4.8 is installed OR python3-numpy-gnu-hpc-1.16.1-4.8 is installed OR python3-numpy-gnu-hpc-devel-1.16.1-4.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND reiserfs-kmp-default-4.12.14-195 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_6-default-3-2 is installed OR kernel-livepatch-SLE15_Update_2-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-195-default-3-7 is installed OR kernel-livepatch-SLE15-SP1_Update_0-3-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information python-Jinja2-2.10.1-3.5 is installed OR python-Jinja2-emacs-2.10.1-3.5 is installed OR python-Jinja2-vim-2.10.1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information bzip2-1.0.6-5.3 is installed OR bzip2-doc-1.0.6-5.3 is installed OR libbz2-devel-32bit-1.0.6-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed AND Package Information cluster-md-kmp-rt-4.12.14-14.23 is installed OR dlm-kmp-rt-4.12.14-14.23 is installed OR gfs2-kmp-rt-4.12.14-14.23 is installed OR kernel-devel-rt-4.12.14-14.23 is installed OR kernel-rt-4.12.14-14.23 is installed OR kernel-rt-base-4.12.14-14.23 is installed OR kernel-rt-devel-4.12.14-14.23 is installed OR kernel-rt_debug-4.12.14-14.23 is installed OR kernel-rt_debug-devel-4.12.14-14.23 is installed OR kernel-source-rt-4.12.14-14.23 is installed OR kernel-syms-rt-4.12.14-14.23 is installed OR ocfs2-kmp-rt-4.12.14-14.23 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.3 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.3 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.18.0-1.15 is installed OR nodejs10-devel-10.18.0-1.15 is installed OR nodejs10-docs-10.18.0-1.15 is installed OR npm10-10.18.0-1.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information xen-4.7.1_04-28 is installed OR xen-doc-html-4.7.1_04-28 is installed OR xen-libs-4.7.1_04-28 is installed OR xen-libs-32bit-4.7.1_04-28 is installed OR xen-tools-4.7.1_04-28 is installed OR xen-tools-domU-4.7.1_04-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180807-13.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-6-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-BCL is installed AND MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL is installed AND MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND kgraft-patch-4_4_156-94_64-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-8-2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS is installed AND kgraft-patch-4_4_156-94_64-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_61-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_19-7-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libnetpbm11-10.66.3-8.7 is installed OR libnetpbm11-32bit-10.66.3-8.7 is installed OR netpbm-10.66.3-8.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND libarchive-3.1.2-26.3 is installed OR libarchive13-3.1.2-26.3 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND libarchive-3.1.2-26.3 is installed OR libarchive13-3.1.2-26.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND MozillaFirefox-78.3.0-112.22 is installed OR MozillaFirefox-devel-78.3.0-112.22 is installed OR MozillaFirefox-translations-common-78.3.0-112.22 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4-ESPOS is installed AND MozillaFirefox-78.3.0-112.22 is installed OR MozillaFirefox-devel-78.3.0-112.22 is installed OR MozillaFirefox-translations-common-78.3.0-112.22 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS is installed AND LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.242-3.30 is installed OR java-1_8_0-openjdk-demo-1.8.0.242-3.30 is installed OR java-1_8_0-openjdk-devel-1.8.0.242-3.30 is installed OR java-1_8_0-openjdk-headless-1.8.0.242-3.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.5-3.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.5-3.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.5-3.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.5-3.33 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information libqt4-4.8.6-4 is installed OR libqt4-sql-mysql-32bit-4.8.6-4 is installed OR libqt4-sql-plugins-4.8.6-4 is installed OR libqt4-sql-postgresql-4.8.6-4 is installed OR libqt4-sql-postgresql-32bit-4.8.6-4 is installed OR libqt4-sql-sqlite-32bit-4.8.6-4 is installed OR libqt4-sql-unixODBC-4.8.6-4 is installed OR libqt4-sql-unixODBC-32bit-4.8.6-4 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gd-2.1.0-12 is installed OR gd-32bit-2.1.0-12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information libvirt-2.0.0-27.29 is installed OR libvirt-client-32bit-2.0.0-27.29 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information libpolkit0-32bit-0.113-5.9 is installed OR polkit-0.113-5.9 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information PackageKit-1.1.3-24.9 is installed OR PackageKit-gstreamer-plugin-1.1.3-24.9 is installed OR PackageKit-gtk3-module-1.1.3-24.9 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND Package Information libzzip-0-13-0.13.67-10.25 is installed OR zziplib-0.13.67-10.25 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.13 is installed OR kernel-default-extra-4.12.14-25.13 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND ansible-2.4.6.0-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-Werkzeug-0.12.2-3.3 is installed

BACK