OVAL Reference oval:org.opensuse.security:def:5000

Oval Definition:

oval:org.opensuse.security:def:5000

Revision Date:	2020-12-02	Version:	1
Title:	Security update for tomcat (Important)
Description:	This update for tomcat fixes the following issues: - Update to Tomcat 9.0.35. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) CVE-2020-9484 (bsc#1171928) Apache Tomcat Remote Code Execution via session persistence If an attacker was able to control the contents and name of a file on a server configured to use the PersistenceManager, then the attacker could have triggered a remote code execution via deserialization of the file under their control.
Family:	unix	Class:	patch
Status:		Reference(s):	1144348 1144352 1149742 1154091 1166916 1171928 1172402 1172442 1172443 1172686 1172728 1173674 1173937 1174321 1174910 1174913 CVE-2010-2947 CVE-2011-2709 CVE-2012-0247 CVE-2012-0248 CVE-2012-0786 CVE-2012-1185 CVE-2012-1186 CVE-2012-2738 CVE-2013-2132 CVE-2013-3571 CVE-2013-4143 CVE-2014-0019 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2019-14491 CVE-2019-14492 CVE-2019-15939 CVE-2020-11080 CVE-2020-12398 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14361 CVE-2020-14362 CVE-2020-15095 CVE-2020-15103 CVE-2020-15503 CVE-2020-7598 CVE-2020-8174 CVE-2020-9484 SUSE-SU-2019:3192-1 SUSE-SU-2020:1363-1 SUSE-SU-2020:1591-1 SUSE-SU-2020:2029-1 SUSE-SU-2020:2408-1 SUSE-SU-2020:2481-1 SUSE-SU-2020:2800-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-pymongo-2.6.3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information bind-libs-9.9.4P2-0.6.1 is installed OR bind-libs-32bit-9.9.4P2-0.6.1 is installed OR bind-utils-9.9.4P2-0.6.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information kde4-kgreeter-plugins-4.3.5-0.12.18.1 is installed OR kdebase4-wallpapers-4.3.5-0.11.18.1 is installed OR kdebase4-workspace-4.3.5-0.12.18.1 is installed OR kdebase4-workspace-ksysguardd-4.3.5-0.12.18.1 is installed OR kdm-4.3.5-0.12.18.1 is installed OR kwin-4.3.5-0.12.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libHX28-3.18-1 is installed OR libHX28-32bit-3.18-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND bogofilter-1.2.4-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND dnsmasq-2.78-18.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5.2 is installed OR libnetfilter_cthelper-1.0.0-7.1 is installed OR libnetfilter_cthelper0-1.0.0-7.1 is installed OR libnetfilter_cttimeout-1.0.0-9.1 is installed OR libnetfilter_cttimeout1-1.0.0-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information libpacemaker3-1.1.13-20.1 is installed OR pacemaker-1.1.13-20.1 is installed OR pacemaker-cli-1.1.13-20.1 is installed OR pacemaker-cts-1.1.13-20.1 is installed OR pacemaker-remote-1.1.13-20.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information libpacemaker3-1.1.15-19 is installed OR pacemaker-1.1.15-19 is installed OR pacemaker-cli-1.1.15-19 is installed OR pacemaker-cts-1.1.15-19 is installed OR pacemaker-remote-1.1.15-19 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND lighttpd-1.4.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information cluster-md-kmp-default-4.12.14-94.41 is installed OR dlm-kmp-default-4.12.14-94.41 is installed OR gfs2-kmp-default-4.12.14-94.41 is installed OR ocfs2-kmp-default-4.12.14-94.41 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND ctdb-4.10.5+git.129.35f7bb6e177-1 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_32-33-default-2-3.1 is installed OR kgraft-patch-3_12_32-33-xen-2-3.1 is installed OR kgraft-patch-3_12_36-38-default-2-3.1 is installed OR kgraft-patch-3_12_36-38-xen-2-3.1 is installed OR kgraft-patch-SLE12_Update_1-2-3.1 is installed OR kgraft-patch-SLE12_Update_2-2-3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.8.5-15.3.3 is installed OR puppet-server-3.8.5-15.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.8.3-49.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.2-8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.60-52.57.1 is installed OR kernel-ec2-devel-3.12.60-52.57.1 is installed OR kernel-ec2-extra-3.12.60-52.57.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9.1 is installed OR gcc5-5.3.1+r233831-9.1 is installed OR gcc5-32bit-5.3.1+r233831-9.1 is installed OR gcc5-ada-5.3.1+r233831-9.1 is installed OR gcc5-ada-32bit-5.3.1+r233831-9.1 is installed OR gcc5-c++-5.3.1+r233831-9.1 is installed OR gcc5-c++-32bit-5.3.1+r233831-9.1 is installed OR gcc5-fortran-5.3.1+r233831-9.1 is installed OR gcc5-fortran-32bit-5.3.1+r233831-9.1 is installed OR gcc5-info-5.3.1+r233831-9.1 is installed OR gcc5-locale-5.3.1+r233831-9.1 is installed OR libada5-5.3.1+r233831-9.1 is installed OR libada5-32bit-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed OR libffi-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND apache2-mod_wsgi-4.4.13-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.35-4.30 is installed OR tomcat-admin-webapps-9.0.35-4.30 is installed OR tomcat-el-3_0-api-9.0.35-4.30 is installed OR tomcat-jsp-2_3-api-9.0.35-4.30 is installed OR tomcat-lib-9.0.35-4.30 is installed OR tomcat-servlet-4_0-api-9.0.35-4.30 is installed OR tomcat-webapps-9.0.35-4.30 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed AND Package Information nodejs8-8.17.0-10.3 is installed OR nodejs8-devel-8.17.0-10.3 is installed OR nodejs8-docs-8.17.0-10.3 is installed OR npm8-8.17.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND python-lxml-2.3.6-0.13.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND python-lxml-2.3.6-0.13.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information freeradius-server-2.1.1-7.16.7 is installed OR freeradius-server-dialupadmin-2.1.1-7.16.7 is installed OR freeradius-server-doc-2.1.1-7.16.7 is installed OR freeradius-server-libs-2.1.1-7.16.7 is installed OR freeradius-server-utils-2.1.1-7.16.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND apache2-mod_perl-2.0.4-40.24.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information grub2-2.02~beta2-56.9.4 is installed OR grub2-i386-pc-2.02~beta2-56.9.4 is installed OR grub2-powerpc-ieee1275-2.02~beta2-56.9.4 is installed OR grub2-s390x-emu-2.02~beta2-56.9.4 is installed OR grub2-snapper-plugin-2.02~beta2-56.9.4 is installed OR grub2-x86_64-efi-2.02~beta2-56.9.4 is installed OR grub2-x86_64-xen-2.02~beta2-56.9.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information grub2-2.02~beta2-73.3 is installed OR grub2-i386-pc-2.02~beta2-73.3 is installed OR grub2-powerpc-ieee1275-2.02~beta2-73.3 is installed OR grub2-s390x-emu-2.02~beta2-73.3 is installed OR grub2-snapper-plugin-2.02~beta2-73.3 is installed OR grub2-x86_64-efi-2.02~beta2-73.3 is installed OR grub2-x86_64-xen-2.02~beta2-73.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gv-3.7.4-1 is installed OR wdiff-1.2.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information at-3.1.14-8.6 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libpoppler44-0.24.4-14.6 is installed OR poppler-0.24.4-14.6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.50-16.1 is installed OR java-1_7_1-ibm-devel-1.7.1_sr3.50-16.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information libgadu-devel-1.11.4-1 is installed OR libgadu3-1.11.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information FastCGI-2.4.0-168 is installed OR FastCGI-devel-2.4.0-168 is installed OR perl-FastCGI-2.4.0-168 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.411-4.1 is installed OR flash-player-gnome-11.2.202.411-4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information flash-player-11.2.202.554-114.1 is installed OR flash-player-gnome-11.2.202.554-114.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information libopencv3_3-3.3.1-6.6 is installed OR opencv-3.3.1-6.6 is installed OR opencv-devel-3.3.1-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information freerdp-2.1.2-15.10 is installed OR freerdp-devel-2.1.2-15.10 is installed OR libfreerdp2-2.1.2-15.10 is installed OR libwinpr2-2.1.2-15.10 is installed OR winpr2-devel-2.1.2-15.10 is installed

BACK