OVAL Reference oval:org.opensuse.security:def:4845

Oval Definition:

oval:org.opensuse.security:def:4845

Revision Date:	2020-12-02	Version:	1
Title:	Security update for nginx (Important)
Description:	This update for nginx fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization (bsc#1145579). - CVE-2019-9513: Fixed a denial of service caused by resource loops (bsc#1145580). - CVE-2019-9516: Fixed a denial of service caused by header leaks (bsc#1145582). - CVE-2018-16845: Fixed denial of service and memory disclosure via mp4 module (bsc#1115015). - CVE-2018-16843: Fixed excessive memory consumption in HTTP/2 implementation (bsc#1115022). - CVE-2018-16844: Fixed excessive CPU usage via flaw in HTTP/2 implementation (bsc#1115025).
Family:	unix	Class:	patch
Status:		Reference(s):	1100369 1101888 1101889 1109160 1115015 1115022 1115025 1118367 1118368 1128220 1145579 1145580 1145582 1156205 1157051 1158328 1160790 1161088 1161089 1161168 1161670 1168930 1169679 1169748 1170595 1170667 1170713 1171313 1171441 1171443 1171444 1171445 1171446 1171447 1171474 1171740 1172958 1173247 1173307 1173311 1173605 1173983 1174200 1175443 1175476 1175674 1176092 1176674 1177409 1177412 1177413 1177414 1177895 906079 CVE-2008-4936 CVE-2011-2513 CVE-2011-2514 CVE-2011-3377 CVE-2012-3422 CVE-2012-3423 CVE-2012-4540 CVE-2013-1926 CVE-2013-1927 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004 CVE-2013-4349 CVE-2014-1829 CVE-2014-1830 CVE-2017-3136 CVE-2018-14394 CVE-2018-14395 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2018-5741 CVE-2019-11745 CVE-2019-13722 CVE-2019-14562 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-6477 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11043 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-11651 CVE-2020-11652 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 CVE-2020-27153 CVE-2020-27670 CVE-2020-27671 CVE-2020-27672 CVE-2020-27673 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-5260 CVE-2020-8616 CVE-2020-8617 CVE-2020-8618 CVE-2020-8619 CVE-2020-8620 CVE-2020-8621 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 SUSE-SU-2019:1299-1 SUSE-SU-2019:2309-1 SUSE-SU-2019:3339-1 SUSE-SU-2020:0991-1 SUSE-SU-2020:1150-1 SUSE-SU-2020:2032-1 SUSE-SU-2020:2713-1 SUSE-SU-2020:2914-1 SUSE-SU-2020:3052-1 SUSE-SU-2020:3165-1 SUSE-SU-2020:3269-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-requests-2.3.0-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libopenssl0_9_8-0.9.8j-0.50.1 is installed OR libopenssl0_9_8-32bit-0.9.8j-0.50.1 is installed OR openssl-0.9.8j-0.50.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information g3utils-1.1.36-54 is installed OR mgetty-1.1.36-54 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cups-filters-1.0.58-8 is installed OR cups-filters-cups-browsed-1.0.58-8 is installed OR cups-filters-foomatic-rip-1.0.58-8 is installed OR cups-filters-ghostscript-1.0.58-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND autofs-5.0.9-21 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND clamav-0.99.2-32 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5.2 is installed OR libnetfilter_cthelper-1.0.0-7.1 is installed OR libnetfilter_cthelper0-1.0.0-7.1 is installed OR libnetfilter_cttimeout-1.0.0-9.1 is installed OR libnetfilter_cttimeout1-1.0.0-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information libpcreposix0-8.39-7.1 is installed OR pcre-8.39-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND lighttpd-1.4.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND python-requests-2.11.1-6.28 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information cluster-md-kmp-default-4.12.14-120 is installed OR dlm-kmp-default-4.12.14-120 is installed OR gfs2-kmp-default-4.12.14-120 is installed OR ocfs2-kmp-default-4.12.14-120 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_39-47-default-1-2.1 is installed OR kgraft-patch-3_12_39-47-xen-1-2.1 is installed OR kgraft-patch-SLE12_Update_4-1-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information nginx-1.14.2-6.3 is installed OR nginx-source-1.14.2-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information kernel-default-4.4.121-92.120 is installed OR kernel-default-base-4.4.121-92.120 is installed OR kernel-default-devel-4.4.121-92.120 is installed OR kernel-devel-4.4.121-92.120 is installed OR kernel-macros-4.4.121-92.120 is installed OR kernel-source-4.4.121-92.120 is installed OR kernel-syms-4.4.121-92.120 is installed OR kgraft-patch-4_4_121-92_120-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_32-1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND libcgroup1-0.34-2.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND gnutls-2.4.1-24.39.60.1 is installed OR libgnutls-extra26-2.4.1-24.39.60.1 is installed OR libgnutls26-2.4.1-24.39.60.1 is installed OR libgnutls26-32bit-2.4.1-24.39.60.1 is installed OR libgnutls26-x86-2.4.1-24.39.60.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND gnutls-2.4.1-24.39.60.1 is installed OR libgnutls-extra26-2.4.1-24.39.60.1 is installed OR libgnutls26-2.4.1-24.39.60.1 is installed OR libgnutls26-32bit-2.4.1-24.39.60.1 is installed OR libgnutls26-x86-2.4.1-24.39.60.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information OpenEXR-1.6.1-83.17.1 is installed OR OpenEXR-32bit-1.6.1-83.17.1 is installed OR OpenEXR-x86-1.6.1-83.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information tigervnc-1.3.0-22.3 is installed OR xorg-x11-Xvnc-1.3.0-22.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information pam-modules-12.1-23 is installed OR pam-modules-32bit-12.1-23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information openssh-6.6p1-52.1 is installed OR openssh-askpass-gnome-6.6p1-52.1 is installed OR openssh-fips-6.6p1-52.1 is installed OR openssh-helpers-6.6p1-52.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information gc-7.2d-5 is installed OR libgc1-7.2d-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.35 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.35 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information openldap2-2.4.26-0.62.2 is installed OR openldap2-back-perl-2.4.26-0.62.2 is installed OR openldap2-client-2.4.26-0.62.2 is installed OR openldap2-devel-2.4.26-0.62.2 is installed OR openldap2-devel-32bit-2.4.26-0.62.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information gnutls-2.4.1-24.39.60.1 is installed OR libgnutls-devel-2.4.1-24.39.60.1 is installed OR libgnutls-extra-devel-2.4.1-24.39.60.1 is installed OR libgnutls-extra26-2.4.1-24.39.60.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information libpng12-compat-devel-1.2.50-8 is installed OR libpng12-devel-1.2.50-8 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND augeas-devel-1.2.0-3 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information ffmpeg-3.4.2-4.17 is installed OR libavcodec-devel-3.4.2-4.17 is installed OR libavformat-devel-3.4.2-4.17 is installed OR libavformat57-3.4.2-4.17 is installed OR libavresample-devel-3.4.2-4.17 is installed OR libavresample3-3.4.2-4.17 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.3.0-3.61 is installed OR MozillaThunderbird-translations-common-68.3.0-3.61 is installed OR MozillaThunderbird-translations-other-68.3.0-3.61 is installed

BACK