Oval Definition:oval:org.opensuse.security:def:4969
Revision Date:2020-12-02Version:1
Title:Security update for tomcat (Moderate)
Description:

This update for tomcat to version 9.0.20 fixes the following issues:

Security issues fixed:

- CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames (bsc#1131055). - CVE-2019-0221: Fixed a cross site scripting vulnerability with the SSI printenv command (bsc#1136085).

Non-security issues fixed:

- Increase maximum number of threads and open files for tomcat (bsc#1111966).
Family:unixClass:patch
Status:Reference(s):1015173
1111966
1131055
1133534
1134208
1136085
1137595
1138872
1140290
1141025
1141861
1141862
1146098
1146105
1146107
1149943
1149944
1151317
1173674
1175686
CVE-2009-2473
CVE-2009-2474
CVE-2009-2624
CVE-2010-0001
CVE-2013-1988
CVE-2013-6418
CVE-2014-0250
CVE-2014-0791
CVE-2014-2653
CVE-2014-3675
CVE-2014-3676
CVE-2014-3677
CVE-2016-9918
CVE-2019-0199
CVE-2019-0221
CVE-2019-11703
CVE-2019-11704
CVE-2019-11705
CVE-2019-11706
CVE-2019-11707
CVE-2019-11708
CVE-2019-13173
CVE-2019-9848
CVE-2019-9849
CVE-2019-9850
CVE-2019-9851
CVE-2019-9852
CVE-2019-9854
CVE-2019-9855
CVE-2020-15503
CVE-2020-15663
CVE-2020-15664
CVE-2020-15669
SUSE-SU-2019:0841-1
SUSE-SU-2019:1683-1
SUSE-SU-2019:1693-1
SUSE-SU-2019:2081-1
SUSE-SU-2019:2402-1
SUSE-SU-2019:2982-1
SUSE-SU-2020:2029-1
SUSE-SU-2020:2552-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for Rasperry Pi 12 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.540-0.23.1 is installed
  • OR flash-player-gnome-11.2.202.540-0.23.1 is installed
  • OR flash-player-kde4-11.2.202.540-0.23.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • freerdp-1.0.2-7 is installed
  • OR libfreerdp-1_0-1.0.2-7 is installed
  • OR libfreerdp-1_0-plugins-1.0.2-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • coreutils-8.22-9 is installed
  • OR coreutils-lang-8.22-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND cifs-utils-6.5-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gnutls-3.3.27-1 is installed
  • OR libgnutls28-3.3.27-1 is installed
  • OR libgnutls28-32bit-3.3.27-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • augeas-1.2.0-17.3 is installed
  • OR augeas-lenses-1.2.0-17.3 is installed
  • OR libaugeas0-1.2.0-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 is installed
  • AND python-PyYAML-3.10-15.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP1 is installed
  • AND hawk2-1.0.1+git.1456406635.49e230d-12.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND Package Information
  • ctdb-4.6.7+git.38.90b2cdb4f22-3.7.1 is installed
  • OR ldirectord-4.0.1+git.1495055229.643177f1-2.4.2 is installed
  • OR monitoring-plugins-metadata-4.0.1+git.1495055229.643177f1-2.4.2 is installed
  • OR resource-agents-4.0.1+git.1495055229.643177f1-2.4.2 is installed
  • OR samba-4.6.7+git.38.90b2cdb4f22-3.7.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND Package Information
  • corosync-2.3.6-9.13 is installed
  • OR libcorosync4-2.3.6-9.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-120 is installed
  • OR dlm-kmp-default-4.12.14-120 is installed
  • OR gfs2-kmp-default-4.12.14-120 is installed
  • OR ocfs2-kmp-default-4.12.14-120 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND Package Information
  • apache2-2.4.23-29.43 is installed
  • OR apache2-doc-2.4.23-29.43 is installed
  • OR apache2-example-pages-2.4.23-29.43 is installed
  • OR apache2-prefork-2.4.23-29.43 is installed
  • OR apache2-utils-2.4.23-29.43 is installed
  • OR apache2-worker-2.4.23-29.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_43-52_6-default-1-2.3 is installed
  • OR kgraft-patch-3_12_43-52_6-xen-1-2.3 is installed
  • OR kgraft-patch-SLE12_Update_5-1-2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_82-6_6-default-1-2.1 is installed
  • OR kgraft-patch-SLE12-SP3_Update_2-1-2.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • java-1_6_0-ibm-1.6.0_sr16.35-43.2 is installed
  • OR java-1_6_0-ibm-fonts-1.6.0_sr16.35-43.2 is installed
  • OR java-1_6_0-ibm-jdbc-1.6.0_sr16.35-43.2 is installed
  • OR java-1_6_0-ibm-plugin-1.6.0_sr16.35-43.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND Package Information
  • kernel-ec2-3.12.32-33.1 is installed
  • OR kernel-ec2-devel-3.12.32-33.1 is installed
  • OR kernel-ec2-extra-3.12.32-33.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php7-7.0.7-15.1 is installed
  • OR php7-7.0.7-15.1 is installed
  • OR php7-bcmath-7.0.7-15.1 is installed
  • OR php7-bz2-7.0.7-15.1 is installed
  • OR php7-calendar-7.0.7-15.1 is installed
  • OR php7-ctype-7.0.7-15.1 is installed
  • OR php7-curl-7.0.7-15.1 is installed
  • OR php7-dba-7.0.7-15.1 is installed
  • OR php7-dom-7.0.7-15.1 is installed
  • OR php7-enchant-7.0.7-15.1 is installed
  • OR php7-exif-7.0.7-15.1 is installed
  • OR php7-fastcgi-7.0.7-15.1 is installed
  • OR php7-fileinfo-7.0.7-15.1 is installed
  • OR php7-fpm-7.0.7-15.1 is installed
  • OR php7-ftp-7.0.7-15.1 is installed
  • OR php7-gd-7.0.7-15.1 is installed
  • OR php7-gettext-7.0.7-15.1 is installed
  • OR php7-gmp-7.0.7-15.1 is installed
  • OR php7-iconv-7.0.7-15.1 is installed
  • OR php7-imap-7.0.7-15.1 is installed
  • OR php7-intl-7.0.7-15.1 is installed
  • OR php7-json-7.0.7-15.1 is installed
  • OR php7-ldap-7.0.7-15.1 is installed
  • OR php7-mbstring-7.0.7-15.1 is installed
  • OR php7-mcrypt-7.0.7-15.1 is installed
  • OR php7-mysql-7.0.7-15.1 is installed
  • OR php7-odbc-7.0.7-15.1 is installed
  • OR php7-opcache-7.0.7-15.1 is installed
  • OR php7-openssl-7.0.7-15.1 is installed
  • OR php7-pcntl-7.0.7-15.1 is installed
  • OR php7-pdo-7.0.7-15.1 is installed
  • OR php7-pear-7.0.7-15.1 is installed
  • OR php7-pear-Archive_Tar-7.0.7-15.1 is installed
  • OR php7-pgsql-7.0.7-15.1 is installed
  • OR php7-phar-7.0.7-15.1 is installed
  • OR php7-posix-7.0.7-15.1 is installed
  • OR php7-pspell-7.0.7-15.1 is installed
  • OR php7-shmop-7.0.7-15.1 is installed
  • OR php7-snmp-7.0.7-15.1 is installed
  • OR php7-soap-7.0.7-15.1 is installed
  • OR php7-sockets-7.0.7-15.1 is installed
  • OR php7-sqlite-7.0.7-15.1 is installed
  • OR php7-sysvmsg-7.0.7-15.1 is installed
  • OR php7-sysvsem-7.0.7-15.1 is installed
  • OR php7-sysvshm-7.0.7-15.1 is installed
  • OR php7-tokenizer-7.0.7-15.1 is installed
  • OR php7-wddx-7.0.7-15.1 is installed
  • OR php7-xmlreader-7.0.7-15.1 is installed
  • OR php7-xmlrpc-7.0.7-15.1 is installed
  • OR php7-xmlwriter-7.0.7-15.1 is installed
  • OR php7-xsl-7.0.7-15.1 is installed
  • OR php7-zip-7.0.7-15.1 is installed
  • OR php7-zlib-7.0.7-15.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • tomcat-9.0.20-3.24 is installed
  • OR tomcat-admin-webapps-9.0.20-3.24 is installed
  • OR tomcat-el-3_0-api-9.0.20-3.24 is installed
  • OR tomcat-jsp-2_3-api-9.0.20-3.24 is installed
  • OR tomcat-lib-9.0.20-3.24 is installed
  • OR tomcat-servlet-4_0-api-9.0.20-3.24 is installed
  • OR tomcat-webapps-9.0.20-3.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs10-10.16.0-1.9 is installed
  • OR nodejs10-devel-10.16.0-1.9 is installed
  • OR nodejs10-docs-10.16.0-1.9 is installed
  • OR npm10-10.16.0-1.9 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • openssh-6.2p2-0.24.1 is installed
  • OR openssh-askpass-6.2p2-0.24.1 is installed
  • OR openssh-askpass-gnome-6.2p2-0.24.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • openssh-6.2p2-0.24.1 is installed
  • OR openssh-askpass-6.2p2-0.24.1 is installed
  • OR openssh-askpass-gnome-6.2p2-0.24.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND apache2-mod_security2-2.7.1-0.2.12.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • Mesa-9.0.3-0.28.29.2 is installed
  • OR Mesa-32bit-9.0.3-0.28.29.2 is installed
  • OR Mesa-x86-9.0.3-0.28.29.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • cpio-2.11-29.1 is installed
  • OR cpio-lang-2.11-29.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • kernel-default-3.12.59-60.41.2 is installed
  • OR kernel-default-base-3.12.59-60.41.2 is installed
  • OR kernel-default-devel-3.12.59-60.41.2 is installed
  • OR kernel-default-man-3.12.59-60.41.2 is installed
  • OR kernel-devel-3.12.59-60.41.2 is installed
  • OR kernel-macros-3.12.59-60.41.2 is installed
  • OR kernel-source-3.12.59-60.41.2 is installed
  • OR kernel-syms-3.12.59-60.41.1 is installed
  • OR kernel-xen-3.12.59-60.41.2 is installed
  • OR kernel-xen-base-3.12.59-60.41.2 is installed
  • OR kernel-xen-devel-3.12.59-60.41.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • ecryptfs-utils-103-7 is installed
  • OR ecryptfs-utils-32bit-103-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache2-mod_nss-1.0.14-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_55-52_42-default-2-2.2 is installed
  • OR kgraft-patch-3_12_55-52_42-xen-2-2.2 is installed
  • OR kgraft-patch-SLE12_Update_12-2-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-branding-SLE-52-31 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • MozillaFirefox-38.4.0esr-25.6 is installed
  • OR MozillaFirefox-devel-38.4.0esr-25.6 is installed
  • OR mozilla-nspr-4.10.10-16.1 is installed
  • OR mozilla-nspr-devel-4.10.10-16.1 is installed
  • OR mozilla-nss-3.19.2.1-19.3 is installed
  • OR mozilla-nss-devel-3.19.2.1-19.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND libX11-devel-1.6.2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • ant-1.9.4-1 is installed
  • OR ant-jmf-1.9.4-1 is installed
  • OR ant-scripts-1.9.4-1 is installed
  • OR ant-swing-1.9.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND file-devel-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • libreoffice-4.3.3.2-6.1 is installed
  • OR libreoffice-base-4.3.3.2-6.1 is installed
  • OR libreoffice-base-drivers-mysql-4.3.3.2-6.1 is installed
  • OR libreoffice-base-drivers-postgresql-4.3.3.2-6.1 is installed
  • OR libreoffice-calc-4.3.3.2-6.1 is installed
  • OR libreoffice-calc-extensions-4.3.3.2-6.1 is installed
  • OR libreoffice-draw-4.3.3.2-6.1 is installed
  • OR libreoffice-filters-optional-4.3.3.2-6.1 is installed
  • OR libreoffice-gnome-4.3.3.2-6.1 is installed
  • OR libreoffice-icon-theme-tango-4.3.3.2-6.1 is installed
  • OR libreoffice-impress-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-af-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-ar-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-ca-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-cs-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-da-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-de-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-en-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-es-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-fi-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-fr-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-gu-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-hi-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-hu-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-it-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-ja-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-ko-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-nb-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-nl-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-nn-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-pl-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-pt-BR-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-pt-PT-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-ru-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-sk-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-sv-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-xh-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-zh-Hans-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-zh-Hant-4.3.3.2-6.1 is installed
  • OR libreoffice-l10n-zu-4.3.3.2-6.1 is installed
  • OR libreoffice-mailmerge-4.3.3.2-6.1 is installed
  • OR libreoffice-math-4.3.3.2-6.1 is installed
  • OR libreoffice-officebean-4.3.3.2-6.1 is installed
  • OR libreoffice-pyuno-4.3.3.2-6.1 is installed
  • OR libreoffice-writer-4.3.3.2-6.1 is installed
  • OR libreoffice-writer-extensions-4.3.3.2-6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • bluez-5.48-5.13 is installed
  • OR bluez-cups-5.48-5.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.2-3.43 is installed
  • OR MozillaThunderbird-translations-common-60.7.2-3.43 is installed
  • OR MozillaThunderbird-translations-other-60.7.2-3.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libraw-0.18.9-3.11 is installed
  • OR libraw-devel-0.18.9-3.11 is installed
  • OR libraw16-0.18.9-3.11 is installed
    • BACK