Oval Definition:	oval:org.opensuse.security:def:4787
Revision Date: 2020-12-02 Version: 1 Title: Security update for apache2 (Important) Description: This update for apache2 fixes the following issues: Security issues fixed: - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1145575). - CVE-2019-10081: Fixed mod_http2 that is vulnerable to memory corruption on early pushes (bsc#1145742). - CVE-2019-10082: Fixed mod_http2 that is vulnerable to read-after-free in h2 connection shutdown (bsc#1145741). - CVE-2019-10092: Fixed limited cross-site scripting in mod_proxy (bsc#1145740). - CVE-2019-10097: Fixed mod_remoteip stack buffer overflow and NULL pointer dereference (bsc#1145739). - CVE-2019-10098: Fixed mod_rewrite configuration vulnerablility to open redirect (bsc#1145738). Family: unix Class: patch Status: Reference(s): 1051510 1055117 1071995 1083647 1083710 1102247 1119222 1119850 1123022 1123080 1124356 1124493 1127034 1127315 1129770 1130972 1133021 1134097 1134390 1134399 1135335 1135642 1137458 1137534 1137535 1137584 1137609 1137827 1139358 1140133 1140322 1140652 1140903 1140945 1141401 1141402 1141452 1141453 1141454 1141478 1142023 1142112 1142220 1142221 1142254 1142350 1142351 1142354 1142359 1142450 1142701 1142868 1143003 1143045 1143105 1143185 1143189 1143191 1143507 1145575 1145738 1145739 1145740 1145741 1145742 1157268 1158194 1160968 1168994 1169511 1171352 1171889 1172225 1172277 1172760 1173376 1173377 1173378 1173380 1173902 1173994 1174538 1175155 1175626 1175656 1177613 CVE-2009-0696 CVE-2009-4022 CVE-2010-0624 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2011-0414 CVE-2011-1907 CVE-2011-1910 CVE-2011-2464 CVE-2011-4313 CVE-2012-1667 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-2266 CVE-2013-4854 CVE-2014-0591 CVE-2018-20855 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-1125 CVE-2019-11810 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-18934 CVE-2019-19451 CVE-2019-20807 CVE-2019-2949 CVE-2019-3814 CVE-2019-3820 CVE-2019-9517 CVE-2020-10713 CVE-2020-12662 CVE-2020-12663 CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 CVE-2020-15652 CVE-2020-15659 CVE-2020-17489 CVE-2020-2654 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-6463 CVE-2020-6514 SUSE-SU-2019:0414-1 SUSE-SU-2019:1459-1 SUSE-SU-2019:2237-1 SUSE-SU-2019:3391-1 SUSE-SU-2020:1551-1 SUSE-SU-2020:1684-1 SUSE-SU-2020:1819-1 SUSE-SU-2020:1888-1 SUSE-SU-2020:2179-1 SUSE-SU-2020:2626-1 SUSE-SU-2020:3087-1 SUSE-SU-2020:3132-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information bind-libs-9.9.5P1-1 is installed OR bind-libs-32bit-9.9.5P1-1 is installed OR bind-utils-9.9.5P1-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information empathy-3.12.12-7 is installed OR empathy-lang-3.12.12-7 is installed OR telepathy-mission-control-plugin-goa-3.12.12-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5.2 is installed OR libnetfilter_cthelper-1.0.0-7.1 is installed OR libnetfilter_cthelper0-1.0.0-7.1 is installed OR libnetfilter_cttimeout-1.0.0-9.1 is installed OR libnetfilter_cttimeout1-1.0.0-9.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information libpacemaker3-1.1.13-20.1 is installed OR pacemaker-1.1.13-20.1 is installed OR pacemaker-cli-1.1.13-20.1 is installed OR pacemaker-cts-1.1.13-20.1 is installed OR pacemaker-remote-1.1.13-20.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.59-92.24.2 is installed OR cluster-network-kmp-default-4.4.59-92.24.2 is installed OR dlm-kmp-default-4.4.59-92.24.2 is installed OR gfs2-kmp-default-4.4.59-92.24.2 is installed OR kernel-default-4.4.59-92.24.2 is installed OR ocfs2-kmp-default-4.4.59-92.24.2 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND haproxy-1.6.11-10 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information PackageKit-1.1.3-24.9 is installed OR PackageKit-backend-zypp-1.1.3-24.9 is installed OR PackageKit-lang-1.1.3-24.9 is installed OR libpackagekit-glib2-18-1.1.3-24.9 is installed OR typelib-1_0-PackageKitGlib-1_0-1.1.3-24.9 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_44-52_10-default-1-2.1 is installed OR kgraft-patch-3_12_44-52_10-xen-1-2.1 is installed OR kgraft-patch-SLE12_Update_6-1-2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information apache2-2.4.33-3.21 is installed OR apache2-devel-2.4.33-3.21 is installed OR apache2-doc-2.4.33-3.21 is installed OR apache2-prefork-2.4.33-3.21 is installed OR apache2-utils-2.4.33-3.21 is installed OR apache2-worker-2.4.33-3.21 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information krb5-1.12.5-40.31 is installed OR krb5-32bit-1.12.5-40.31 is installed OR krb5-client-1.12.5-40.31 is installed OR krb5-doc-1.12.5-40.31 is installed OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed OR krb5-server-1.12.5-40.31 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information dbus-1-glib-0.76-34.22.1 is installed OR dbus-1-glib-32bit-0.76-34.22.1 is installed OR dbus-1-glib-x86-0.76-34.22.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND bind-9.9.6P1-0.19.1 is installed OR bind-chrootenv-9.9.6P1-0.19.1 is installed OR bind-doc-9.9.6P1-0.19.1 is installed OR bind-libs-9.9.6P1-0.19.1 is installed OR bind-libs-32bit-9.9.6P1-0.19.1 is installed OR bind-libs-x86-9.9.6P1-0.19.1 is installed OR bind-utils-9.9.6P1-0.19.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND bind-9.9.6P1-0.19.1 is installed OR bind-chrootenv-9.9.6P1-0.19.1 is installed OR bind-doc-9.9.6P1-0.19.1 is installed OR bind-libs-9.9.6P1-0.19.1 is installed OR bind-libs-32bit-9.9.6P1-0.19.1 is installed OR bind-libs-x86-9.9.6P1-0.19.1 is installed OR bind-utils-9.9.6P1-0.19.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information boost-license-1.36.0-12.3.1 is installed OR libboost_program_options1_36_0-1.36.0-12.3.1 is installed OR libboost_regex1_36_0-1.36.0-12.3.1 is installed OR libboost_signals1_36_0-1.36.0-12.3.1 is installed OR libboost_thread1_36_0-1.36.0-12.3.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11-SECURITY is installed AND Package Information libldap-openssl1-2_4-2-2.4.26-0.62.3 is installed OR libldap-openssl1-2_4-2-32bit-2.4.26-0.62.3 is installed OR libldap-openssl1-2_4-2-x86-2.4.26-0.62.3 is installed OR openldap2-client-openssl1-2.4.26-0.62.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information rsyslog-8.4.0-5.1 is installed OR rsyslog-diag-tools-8.4.0-5.1 is installed OR rsyslog-doc-8.4.0-5.1 is installed OR rsyslog-module-gssapi-8.4.0-5.1 is installed OR rsyslog-module-gtls-8.4.0-5.1 is installed OR rsyslog-module-mysql-8.4.0-5.1 is installed OR rsyslog-module-pgsql-8.4.0-5.1 is installed OR rsyslog-module-relp-8.4.0-5.1 is installed OR rsyslog-module-snmp-8.4.0-5.1 is installed OR rsyslog-module-udpspoof-8.4.0-5.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND libmspack0-0.4-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND ant-1.9.4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information openssh-6.6p1-52.1 is installed OR openssh-askpass-gnome-6.6p1-52.1 is installed OR openssh-fips-6.6p1-52.1 is installed OR openssh-helpers-6.6p1-52.1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information vim-8.0.1568-5.6 is installed OR vim-data-8.0.1568-5.6 is installed OR vim-data-common-8.0.1568-5.6 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND libevent-devel-1.4.5-24.24.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information ImageMagick-6.4.3.6-7.34.1 is installed OR ImageMagick-devel-6.4.3.6-7.34.1 is installed OR libMagick++-devel-6.4.3.6-7.34.1 is installed OR libMagick++1-6.4.3.6-7.34.1 is installed OR libMagickWand1-6.4.3.6-7.34.1 is installed OR libMagickWand1-32bit-6.4.3.6-7.34.1 is installed OR perl-PerlMagick-6.4.3.6-7.34.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND lib3ds-1-3-1.3.0-25 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR ImageMagick-devel-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagick++-devel-6.8.8.1-8 is installed OR perl-PerlMagick-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND LibVNCServer-devel-0.9.9-16 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-150.32 is installed OR kernel-default-extra-4.12.14-150.32 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information gnome-shell-3.26.2+20180130.0d9c74212-4.19 is installed OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-4.19 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information gnome-shell-3.34.5-3.13 is installed OR gnome-shell-calendar-3.34.5-3.13 is installed
BACK