Oval Definition:	oval:org.opensuse.security:def:45844
Revision Date: 2020-12-01 Version: 1 Title: Security update for apache2 (Moderate) Description: This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request (bsc#1175071). - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite (bsc#1175072). - CVE-2020-11993: When trace/debug was enabled for the HTTP/2 module logging statements were made on the wrong connection (bsc#1175070). Family: unix Class: patch Status: Reference(s): 1068716 1086162 1089343 1092885 1094725 1096223 1096480 1096728 1097104 1098735 1103186 1105348 1106913 1110785 1111331 1111647 1112178 1119019 1131416 1131427 1131587 1131830 1132828 1133188 1134550 1135273 1141780 1141782 1141783 1141785 1141789 1142439 1144504 1147021 1149458 1151839 1154036 1154037 1159819 1159856 1159858 1159860 1160249 1160250 1160251 1160937 1165680 1168669 1169659 1169746 1169952 1170313 1170423 1170715 1170908 1171978 1172698 1172704 1173022 1173027 1175070 1175071 1175072 1177943 981825 CVE-2017-16808 CVE-2018-1000204 CVE-2018-10754 CVE-2018-10853 CVE-2018-11806 CVE-2018-12086 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-12617 CVE-2018-15594 CVE-2018-17972 CVE-2018-18227 CVE-2018-3639 CVE-2018-5814 CVE-2018-8822 CVE-2019-1010220 CVE-2019-11091 CVE-2019-11486 CVE-2019-11771 CVE-2019-11771 CVE-2019-11775 CVE-2019-11775 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12524 CVE-2019-12625 CVE-2019-12900 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-17006 CVE-2019-17594 CVE-2019-17595 CVE-2019-2762 CVE-2019-2762 CVE-2019-2766 CVE-2019-2766 CVE-2019-2769 CVE-2019-2769 CVE-2019-2816 CVE-2019-2816 CVE-2019-3882 CVE-2019-4473 CVE-2019-4473 CVE-2019-7317 CVE-2019-7317 CVE-2019-9503 CVE-2020-11945 CVE-2020-11985 CVE-2020-11993 CVE-2020-12399 CVE-2020-12402 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-8023 CVE-2020-8177 CVE-2020-9490 SUSE-SU-2018:3590-2 SUSE-SU-2019:2088-1 SUSE-SU-2019:2336-1 SUSE-SU-2019:3094-1 SUSE-SU-2020:1734-1 SUSE-SU-2020:1749-1 SUSE-SU-2020:1839-1 SUSE-SU-2020:1859-1 SUSE-SU-2020:2450-1 SUSE-SU-2020:3310-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information pdns-4.1.7-17 is installed OR pdns-backend-geoip-4.1.2-lp150.3.10 is installed OR pdns-backend-godbc-4.1.7-17 is installed OR pdns-backend-ldap-4.1.7-17 is installed OR pdns-backend-lua-4.1.7-17 is installed OR pdns-backend-mydns-4.1.7-17 is installed OR pdns-backend-mysql-4.1.7-17 is installed OR pdns-backend-postgresql-4.1.7-17 is installed OR pdns-backend-remote-4.1.7-17 is installed OR pdns-backend-sqlite3-4.1.7-17 is installed Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information aria2-1.24.0-3 is installed OR aria2-lang-1.24.0-3 is installed OR libaria2-0-1.24.0-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information glibc-2.11.3-17.45.49 is installed OR glibc-32bit-2.11.3-17.45.49 is installed OR glibc-devel-2.11.3-17.45.49 is installed OR glibc-devel-32bit-2.11.3-17.45.49 is installed OR glibc-i18ndata-2.11.3-17.45.49 is installed OR glibc-locale-2.11.3-17.45.49 is installed OR glibc-locale-32bit-2.11.3-17.45.49 is installed OR nscd-2.11.3-17.45.49 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13 is installed OR MozillaFirefox-translations-31.8.0esr-0.13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND libmms0-0.6.2-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXRes1-1.0.7-3 is installed OR libXRes1-32bit-1.0.7-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information lhasa-0.2.0-5 is installed OR liblhasa0-0.2.0-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gnome-shell-3.20.4-76 is installed OR gnome-shell-browser-plugin-3.20.4-76 is installed OR gnome-shell-calendar-3.20.4-76 is installed OR gnome-shell-lang-3.20.4-76 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information NetworkManager-1.0.12-13.6 is installed OR NetworkManager-lang-1.0.12-13.6 is installed OR libnm-glib-vpn1-1.0.12-13.6 is installed OR libnm-glib4-1.0.12-13.6 is installed OR libnm-util2-1.0.12-13.6 is installed OR libnm0-1.0.12-13.6 is installed OR typelib-1_0-NM-1_0-1.0.12-13.6 is installed OR typelib-1_0-NMClient-1_0-1.0.12-13.6 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-13.6 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information php7-7.2.5-4.49 is installed OR php7-embed-7.2.5-4.49 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information bzip2-1.0.6-3 is installed OR libbz2-1-1.0.6-3 is installed OR libbz2-1-32bit-1.0.6-3 is installed OR libbz2-devel-1.0.6-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND autofs-5.1.3-7.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information podman-1.0.1-2 is installed OR podman-cni-config-1.0.1-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 15 SP2 is installed AND cni-plugins-0.8.6-3.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information conky-1.10.6-1 is installed OR conky-doc-1.10.6-1 is installed OR vim-plugin-conky-1.10.6-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND libXi6-32bit-1.7.9-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 is installed AND checkbashisms-2.15.1-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.201-3.16 is installed OR java-1_8_0-openjdk-demo-1.8.0.201-3.16 is installed OR java-1_8_0-openjdk-devel-1.8.0.201-3.16 is installed OR java-1_8_0-openjdk-headless-1.8.0.201-3.16 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_25-default-7-2 is installed OR kernel-livepatch-SLE15_Update_7-7-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_15-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_4-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information libopenssl1_0_0-hmac-1.0.2p-3.11 is installed OR libopenssl1_0_0-steam-1.0.2p-3.11 is installed OR openssl-1_0_0-1.0.2p-3.11 is installed OR openssl-1_0_0-cavs-1.0.2p-3.11 is installed OR openssl-1_0_0-doc-1.0.2p-3.11 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information elfutils-0.168-4.5 is installed OR libasm1-32bit-0.168-4.5 is installed OR libelf-devel-32bit-0.168-4.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information libecpg6-10.3-2 is installed OR postgresql10-contrib-10.3-2 is installed OR postgresql10-devel-10.3-2 is installed OR postgresql10-docs-10.3-2 is installed OR postgresql10-plperl-10.3-2 is installed OR postgresql10-plpython-10.3-2 is installed OR postgresql10-pltcl-10.3-2 is installed OR postgresql10-server-10.3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information apache2-2.4.33-3.15 is installed OR apache2-devel-2.4.33-3.15 is installed OR apache2-doc-2.4.33-3.15 is installed OR apache2-prefork-2.4.33-3.15 is installed OR apache2-utils-2.4.33-3.15 is installed OR apache2-worker-2.4.33-3.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information krb5-appl-clients-1.0.3-1 is installed OR krb5-appl-servers-1.0.3-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.27 is installed OR apache2-doc-2.4.23-29.27 is installed OR apache2-example-pages-2.4.23-29.27 is installed OR apache2-prefork-2.4.23-29.27 is installed OR apache2-utils-2.4.23-29.27 is installed OR apache2-worker-2.4.23-29.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_50-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_15-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.17 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND apache2-2.4.23-29.63 is installed OR apache2-doc-2.4.23-29.63 is installed OR apache2-example-pages-2.4.23-29.63 is installed OR apache2-prefork-2.4.23-29.63 is installed OR apache2-utils-2.4.23-29.63 is installed OR apache2-worker-2.4.23-29.63 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS is installed AND apache2-2.4.23-29.63 is installed OR apache2-doc-2.4.23-29.63 is installed OR apache2-example-pages-2.4.23-29.63 is installed OR apache2-prefork-2.4.23-29.63 is installed OR apache2-utils-2.4.23-29.63 is installed OR apache2-worker-2.4.23-29.63 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND qemu-2.9.1-6.19 is installed OR qemu-block-curl-2.9.1-6.19 is installed OR qemu-block-iscsi-2.9.1-6.19 is installed OR qemu-block-rbd-2.9.1-6.19 is installed OR qemu-block-ssh-2.9.1-6.19 is installed OR qemu-guest-agent-2.9.1-6.19 is installed OR qemu-ipxe-1.0.0-6.19 is installed OR qemu-kvm-2.9.1-6.19 is installed OR qemu-lang-2.9.1-6.19 is installed OR qemu-seabios-1.10.2-6.19 is installed OR qemu-sgabios-8-6.19 is installed OR qemu-tools-2.9.1-6.19 is installed OR qemu-vgabios-1.10.2-6.19 is installed OR qemu-x86-2.9.1-6.19 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND qemu-2.9.1-6.19 is installed OR qemu-block-curl-2.9.1-6.19 is installed OR qemu-block-iscsi-2.9.1-6.19 is installed OR qemu-block-rbd-2.9.1-6.19 is installed OR qemu-block-ssh-2.9.1-6.19 is installed OR qemu-guest-agent-2.9.1-6.19 is installed OR qemu-ipxe-1.0.0-6.19 is installed OR qemu-kvm-2.9.1-6.19 is installed OR qemu-lang-2.9.1-6.19 is installed OR qemu-seabios-1.10.2-6.19 is installed OR qemu-sgabios-8-6.19 is installed OR qemu-tools-2.9.1-6.19 is installed OR qemu-vgabios-1.10.2-6.19 is installed OR qemu-x86-2.9.1-6.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.12-48.39 is installed OR libwiretap7-2.4.12-48.39 is installed OR libwscodecs1-2.4.12-48.39 is installed OR libwsutil8-2.4.12-48.39 is installed OR wireshark-2.4.12-48.39 is installed OR wireshark-gtk-2.4.12-48.39 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND libwireshark9-2.4.10-48.32 is installed OR libwiretap7-2.4.10-48.32 is installed OR libwscodecs1-2.4.10-48.32 is installed OR libwsutil8-2.4.10-48.32 is installed OR wireshark-2.4.10-48.32 is installed OR wireshark-gtk-2.4.10-48.32 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND libwireshark9-2.4.10-48.32 is installed OR libwiretap7-2.4.10-48.32 is installed OR libwscodecs1-2.4.10-48.32 is installed OR libwsutil8-2.4.10-48.32 is installed OR wireshark-2.4.10-48.32 is installed OR wireshark-gtk-2.4.10-48.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bind-9.11.2-1 is installed OR bind-chrootenv-9.11.2-1 is installed OR bind-doc-9.11.2-1 is installed OR bind-utils-9.11.2-1 is installed OR libbind9-160-9.11.2-1 is installed OR libdns169-9.11.2-1 is installed OR libirs160-9.11.2-1 is installed OR libisc166-9.11.2-1 is installed OR libisc166-32bit-9.11.2-1 is installed OR libisccc160-9.11.2-1 is installed OR libisccfg160-9.11.2-1 is installed OR liblwres160-9.11.2-1 is installed OR python-bind-9.11.2-1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information ghostscript-9.52-3.27 is installed OR ghostscript-devel-9.52-3.27 is installed OR ghostscript-x11-9.52-3.27 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information tomcat-9.0.35-3.52 is installed OR tomcat-admin-webapps-9.0.35-3.52 is installed OR tomcat-el-3_0-api-9.0.35-3.52 is installed OR tomcat-jsp-2_3-api-9.0.35-3.52 is installed OR tomcat-lib-9.0.35-3.52 is installed OR tomcat-servlet-4_0-api-9.0.35-3.52 is installed OR tomcat-webapps-9.0.35-3.52 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information kernel-default-3.12.38-44 is installed OR kernel-default-extra-3.12.38-44 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gimp-2.8.10-7 is installed OR gimp-lang-2.8.10-7 is installed OR gimp-plugins-python-2.8.10-7 is installed OR libgimp-2_0-0-2.8.10-7 is installed OR libgimpui-2_0-0-2.8.10-7 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information libmysqlclient_r18-10.0.31-29.3 is installed OR libmysqlclient_r18-32bit-10.0.31-29.3 is installed OR mariadb-10.0.31-29.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information gcc48-gij-4.8.5-31.3 is installed OR gcc48-gij-32bit-4.8.5-31.3 is installed OR libgcj48-4.8.5-31.3 is installed OR libgcj48-32bit-4.8.5-31.3 is installed OR libgcj48-jar-4.8.5-31.3 is installed OR libgcj_bc1-4.8.5-31.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information libwebkit2gtk3-lang-2.24.1-2.41 is installed OR webkit2gtk3-2.24.1-2.41 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND Package Information kernel-default-4.12.14-122.7 is installed OR kernel-default-extra-4.12.14-122.7 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.13 is installed OR kernel-default-extra-4.12.14-25.13 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information dnsmasq-2.78-18.6 is installed OR dnsmasq-utils-2.78-18.6 is installed
BACK