Oval Definition:oval:org.opensuse.security:def:4965
Revision Date:2020-12-02Version:1
Title:Security update for tomcat (Moderate)
Description:



This update for tomcat to 9.0.12 fixes the following issues:

See the full changelog at: http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt)

Security issues fixed:

- CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. (bsc#1110850)
Family:unixClass:patch
Status:Reference(s):1051510
1054914
1055117
1061840
1062631
1065600
1065729
1071995
1082555
1089811
1097975
1103200
1103206
1104967
1109158
1110850
1111666
1113722
1114279
1116451
1119086
1121874
1123034
1123131
1123455
1124062
1124493
1124869
1127760
1127857
1127988
1128829
1128845
1128963
1131304
1135189
1135228
1137069
1137865
1137959
1137982
1140155
1141013
1142076
1142635
1144348
1144352
1146025
1146042
1146519
1146540
1146664
1148133
1148712
1148868
1149313
1149446
1149555
1149651
1149742
1150305
1150381
1150423
1150846
1151067
1151192
1151350
1151610
1151661
1151662
1151667
1151680
1151891
1151955
1152024
1152025
1152026
1152161
1152187
1152243
1152325
1152457
1152460
1152466
1152525
1152972
1152974
1152975
1154091
1157627
1165849
1172053
1172189
1172795
1172796
CVE-2009-0793
CVE-2009-2666
CVE-2010-1167
CVE-2010-2547
CVE-2011-1097
CVE-2011-1761
CVE-2011-1947
CVE-2011-3389
CVE-2011-4405
CVE-2012-3482
CVE-2013-4233
CVE-2013-4234
CVE-2013-4276
CVE-2013-4351
CVE-2013-4402
CVE-2014-0467
CVE-2014-2855
CVE-2014-4617
CVE-2016-1000031
CVE-2017-18595
CVE-2018-11784
CVE-2018-16858
CVE-2018-5804
CVE-2018-5813
CVE-2018-5815
CVE-2018-5816
CVE-2019-14491
CVE-2019-14492
CVE-2019-14821
CVE-2019-15291
CVE-2019-15939
CVE-2019-3820
CVE-2019-9506
CVE-2020-12802
CVE-2020-12803
SUSE-SU-2018:3968-1
SUSE-SU-2019:0005-1
SUSE-SU-2019:1212-2
SUSE-SU-2019:1459-1
SUSE-SU-2019:1894-1
SUSE-SU-2019:2710-1
SUSE-SU-2019:3192-2
SUSE-SU-2020:2217-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for Rasperry Pi 12 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.491-0.11.1 is installed
  • OR flash-player-gnome-11.2.202.491-0.11.1 is installed
  • OR flash-player-kde4-11.2.202.491-0.11.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND fetchmail-6.3.26-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND cifs-utils-6.4-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND binutils-2.26.1-9.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gnome-keyring-3.20.0-27 is installed
  • OR gnome-keyring-32bit-3.20.0-27 is installed
  • OR gnome-keyring-lang-3.20.0-27 is installed
  • OR gnome-keyring-pam-3.20.0-27 is installed
  • OR gnome-keyring-pam-32bit-3.20.0-27 is installed
  • OR libgck-modules-gnome-keyring-3.20.0-27 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • apparmor-docs-2.8.2-49 is installed
  • OR apparmor-parser-2.8.2-49 is installed
  • OR apparmor-profiles-2.8.2-49 is installed
  • OR apparmor-utils-2.8.2-49 is installed
  • OR libapparmor1-2.8.2-49 is installed
  • OR libapparmor1-32bit-2.8.2-49 is installed
  • OR pam_apparmor-2.8.2-49 is installed
  • OR pam_apparmor-32bit-2.8.2-49 is installed
  • OR perl-apparmor-2.8.2-49 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 is installed
  • AND haproxy-1.5.4-2.4.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP1 is installed
  • AND hawk2-1.0.1+git.1456406635.49e230d-12.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND haproxy-1.6.5-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND python-requests-2.8.1-6.16 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND conntrack-tools-1.4.2-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND ant-1.9.4-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_43-52_6-default-1-2.3 is installed
  • OR kgraft-patch-3_12_43-52_6-xen-1-2.3 is installed
  • OR kgraft-patch-SLE12_Update_5-1-2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • java-1_6_0-ibm-1.6.0_sr16.15-27.1 is installed
  • OR java-1_6_0-ibm-fonts-1.6.0_sr16.15-27.1 is installed
  • OR java-1_6_0-ibm-jdbc-1.6.0_sr16.15-27.1 is installed
  • OR java-1_6_0-ibm-plugin-1.6.0_sr16.15-27.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND Package Information
  • kernel-ec2-3.12.32-33.1 is installed
  • OR kernel-ec2-devel-3.12.32-33.1 is installed
  • OR kernel-ec2-extra-3.12.32-33.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php5-5.5.14-36.1 is installed
  • OR php5-5.5.14-36.1 is installed
  • OR php5-bcmath-5.5.14-36.1 is installed
  • OR php5-bz2-5.5.14-36.1 is installed
  • OR php5-calendar-5.5.14-36.1 is installed
  • OR php5-ctype-5.5.14-36.1 is installed
  • OR php5-curl-5.5.14-36.1 is installed
  • OR php5-dba-5.5.14-36.1 is installed
  • OR php5-dom-5.5.14-36.1 is installed
  • OR php5-enchant-5.5.14-36.1 is installed
  • OR php5-exif-5.5.14-36.1 is installed
  • OR php5-fastcgi-5.5.14-36.1 is installed
  • OR php5-fileinfo-5.5.14-36.1 is installed
  • OR php5-fpm-5.5.14-36.1 is installed
  • OR php5-ftp-5.5.14-36.1 is installed
  • OR php5-gd-5.5.14-36.1 is installed
  • OR php5-gettext-5.5.14-36.1 is installed
  • OR php5-gmp-5.5.14-36.1 is installed
  • OR php5-iconv-5.5.14-36.1 is installed
  • OR php5-intl-5.5.14-36.1 is installed
  • OR php5-json-5.5.14-36.1 is installed
  • OR php5-ldap-5.5.14-36.1 is installed
  • OR php5-mbstring-5.5.14-36.1 is installed
  • OR php5-mcrypt-5.5.14-36.1 is installed
  • OR php5-mysql-5.5.14-36.1 is installed
  • OR php5-odbc-5.5.14-36.1 is installed
  • OR php5-opcache-5.5.14-36.1 is installed
  • OR php5-openssl-5.5.14-36.1 is installed
  • OR php5-pcntl-5.5.14-36.1 is installed
  • OR php5-pdo-5.5.14-36.1 is installed
  • OR php5-pear-5.5.14-36.1 is installed
  • OR php5-pgsql-5.5.14-36.1 is installed
  • OR php5-posix-5.5.14-36.1 is installed
  • OR php5-pspell-5.5.14-36.1 is installed
  • OR php5-shmop-5.5.14-36.1 is installed
  • OR php5-snmp-5.5.14-36.1 is installed
  • OR php5-soap-5.5.14-36.1 is installed
  • OR php5-sockets-5.5.14-36.1 is installed
  • OR php5-sqlite-5.5.14-36.1 is installed
  • OR php5-suhosin-5.5.14-36.1 is installed
  • OR php5-sysvmsg-5.5.14-36.1 is installed
  • OR php5-sysvsem-5.5.14-36.1 is installed
  • OR php5-sysvshm-5.5.14-36.1 is installed
  • OR php5-tokenizer-5.5.14-36.1 is installed
  • OR php5-wddx-5.5.14-36.1 is installed
  • OR php5-xmlreader-5.5.14-36.1 is installed
  • OR php5-xmlrpc-5.5.14-36.1 is installed
  • OR php5-xmlwriter-5.5.14-36.1 is installed
  • OR php5-xsl-5.5.14-36.1 is installed
  • OR php5-zip-5.5.14-36.1 is installed
  • OR php5-zlib-5.5.14-36.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • tomcat-9.0.12-3.8 is installed
  • OR tomcat-admin-webapps-9.0.12-3.8 is installed
  • OR tomcat-el-3_0-api-9.0.12-3.8 is installed
  • OR tomcat-jsp-2_3-api-9.0.12-3.8 is installed
  • OR tomcat-lib-9.0.12-3.8 is installed
  • OR tomcat-servlet-4_0-api-9.0.12-3.8 is installed
  • OR tomcat-webapps-9.0.12-3.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND jakarta-commons-fileupload-1.1.1-4.3 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • openslp-1.2.0-172.24.1 is installed
  • OR openslp-32bit-1.2.0-172.24.1 is installed
  • OR openslp-server-1.2.0-172.24.1 is installed
  • OR openslp-x86-1.2.0-172.24.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • openslp-1.2.0-172.24.1 is installed
  • OR openslp-32bit-1.2.0-172.24.1 is installed
  • OR openslp-server-1.2.0-172.24.1 is installed
  • OR openslp-x86-1.2.0-172.24.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • apache2-2.2.12-1.38.2 is installed
  • OR apache2-doc-2.2.12-1.38.2 is installed
  • OR apache2-example-pages-2.2.12-1.38.2 is installed
  • OR apache2-prefork-2.2.12-1.38.2 is installed
  • OR apache2-utils-2.2.12-1.38.2 is installed
  • OR apache2-worker-2.2.12-1.38.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • apache2-mod_php53-5.3.17-0.41.1 is installed
  • OR php53-5.3.17-0.41.1 is installed
  • OR php53-bcmath-5.3.17-0.41.1 is installed
  • OR php53-bz2-5.3.17-0.41.1 is installed
  • OR php53-calendar-5.3.17-0.41.1 is installed
  • OR php53-ctype-5.3.17-0.41.1 is installed
  • OR php53-curl-5.3.17-0.41.1 is installed
  • OR php53-dba-5.3.17-0.41.1 is installed
  • OR php53-dom-5.3.17-0.41.1 is installed
  • OR php53-exif-5.3.17-0.41.1 is installed
  • OR php53-fastcgi-5.3.17-0.41.1 is installed
  • OR php53-fileinfo-5.3.17-0.41.1 is installed
  • OR php53-ftp-5.3.17-0.41.1 is installed
  • OR php53-gd-5.3.17-0.41.1 is installed
  • OR php53-gettext-5.3.17-0.41.1 is installed
  • OR php53-gmp-5.3.17-0.41.1 is installed
  • OR php53-iconv-5.3.17-0.41.1 is installed
  • OR php53-intl-5.3.17-0.41.1 is installed
  • OR php53-json-5.3.17-0.41.1 is installed
  • OR php53-ldap-5.3.17-0.41.1 is installed
  • OR php53-mbstring-5.3.17-0.41.1 is installed
  • OR php53-mcrypt-5.3.17-0.41.1 is installed
  • OR php53-mysql-5.3.17-0.41.1 is installed
  • OR php53-odbc-5.3.17-0.41.1 is installed
  • OR php53-openssl-5.3.17-0.41.1 is installed
  • OR php53-pcntl-5.3.17-0.41.1 is installed
  • OR php53-pdo-5.3.17-0.41.1 is installed
  • OR php53-pear-5.3.17-0.41.1 is installed
  • OR php53-pgsql-5.3.17-0.41.1 is installed
  • OR php53-pspell-5.3.17-0.41.1 is installed
  • OR php53-shmop-5.3.17-0.41.1 is installed
  • OR php53-snmp-5.3.17-0.41.1 is installed
  • OR php53-soap-5.3.17-0.41.1 is installed
  • OR php53-suhosin-5.3.17-0.41.1 is installed
  • OR php53-sysvmsg-5.3.17-0.41.1 is installed
  • OR php53-sysvsem-5.3.17-0.41.1 is installed
  • OR php53-sysvshm-5.3.17-0.41.1 is installed
  • OR php53-tokenizer-5.3.17-0.41.1 is installed
  • OR php53-wddx-5.3.17-0.41.1 is installed
  • OR php53-xmlreader-5.3.17-0.41.1 is installed
  • OR php53-xmlrpc-5.3.17-0.41.1 is installed
  • OR php53-xmlwriter-5.3.17-0.41.1 is installed
  • OR php53-xsl-5.3.17-0.41.1 is installed
  • OR php53-zip-5.3.17-0.41.1 is installed
  • OR php53-zlib-5.3.17-0.41.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • tigervnc-1.3.0-22.3 is installed
  • OR xorg-x11-Xvnc-1.3.0-22.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • krb5-1.12.1-22.5 is installed
  • OR krb5-32bit-1.12.1-22.5 is installed
  • OR krb5-client-1.12.1-22.5 is installed
  • OR krb5-doc-1.12.1-22.5 is installed
  • OR krb5-plugin-kdb-ldap-1.12.1-22.5 is installed
  • OR krb5-plugin-preauth-otp-1.12.1-22.5 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.1-22.5 is installed
  • OR krb5-server-1.12.1-22.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • dovecot22-2.2.13-2 is installed
  • OR dovecot22-backend-mysql-2.2.13-2 is installed
  • OR dovecot22-backend-pgsql-2.2.13-2 is installed
  • OR dovecot22-backend-sqlite-2.2.13-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache-commons-httpclient-3.1-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_jk-1.2.40-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • libmysqlclient-devel-10.0.26-20.10.2 is installed
  • OR libmysqlclient18-10.0.26-20.10.2 is installed
  • OR libmysqlclient18-32bit-10.0.26-20.10.2 is installed
  • OR libmysqlclient_r18-10.0.26-20.10.2 is installed
  • OR libmysqld-devel-10.0.26-20.10.2 is installed
  • OR libmysqld18-10.0.26-20.10.2 is installed
  • OR mariadb-10.0.26-20.10.2 is installed
  • OR mariadb-client-10.0.26-20.10.2 is installed
  • OR mariadb-errormessages-10.0.26-20.10.2 is installed
  • OR mariadb-tools-10.0.26-20.10.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • openvpn-2.3.8-16.17 is installed
  • OR openvpn-auth-pam-plugin-2.3.8-16.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • dhcp-4.2.4.P2-0.27.1 is installed
  • OR dhcp-devel-4.2.4.P2-0.27.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND krb5-devel-1.12.1-19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND NetworkManager-devel-1.0.12-8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND dovecot22-devel-2.2.30.2-14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • libssh-0.6.3-4.1 is installed
  • OR libssh4-0.6.3-4.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • libraw-0.18.9-3.5 is installed
  • OR libraw-devel-0.18.9-3.5 is installed
  • OR libraw16-0.18.9-3.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • gnome-shell-3.26.2+20180130.0d9c74212-4.19 is installed
  • OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-4.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libopencv3_3-3.3.1-6.6 is installed
  • OR opencv-3.3.1-6.6 is installed
  • OR opencv-devel-3.3.1-6.6 is installed
  • BACK