OVAL Reference oval:org.opensuse.security:def:5010

Oval Definition:

oval:org.opensuse.security:def:5010

Revision Date:	2020-12-02	Version:	1
Title:	Security update for tomcat (Important)
Description:	This update for tomcat to version 9.0.30 fixes the following issues: Security issue fixed: - CVE-2019-12418: Fixed a local privilege escalation through by manipulating the RMI registry and performing a man-in-the-middle attack (bsc#1159723). - CVE-2019-17563: Fixed a session fixation attack when using FORM authentication (bsc#1159729).
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1051979 1055014 1061843 1065600 1065729 1066110 1066382 1073627 1077428 1077761 1086274 1086314 1087081 1089343 1099811 1099813 1099844 1099845 1099846 1099849 1099858 1099863 1099864 1100132 1101116 1101331 1101669 1101828 1101832 1101833 1101837 1101839 1101841 1101843 1101844 1101845 1101847 1101852 1101853 1101867 1101872 1101874 1101875 1101882 1101883 1101885 1101887 1101890 1101891 1101893 1101895 1101896 1101900 1101902 1101903 1102633 1102658 1103097 1103356 1103421 1103517 1103723 1103724 1103725 1103726 1103727 1103728 1103729 1103730 1103917 1103920 1103948 1103949 1104066 1104111 1104174 1104211 1104319 1112178 1131277 1134760 1139924 1159723 1159729 1170415 1170452 1171558 1173432 1174230 1174538 1174748 1176354 1176384 1176485 1176560 1176713 1176723 1176756 1176899 1177086 1177101 1177271 1177281 1177410 1177411 1177470 1177687 1177719 1177740 1177749 1177750 1177753 1177754 1177755 1177766 1177855 1177856 1177861 1177977 1178003 1178027 1178166 1178185 1178187 1178188 1178202 1178234 1178330 CVE-2007-6720 CVE-2009-0179 CVE-2009-0946 CVE-2009-3995 CVE-2009-3996 CVE-2010-2497 CVE-2010-2546 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-3855 CVE-2011-0226 CVE-2011-0461 CVE-2011-3256 CVE-2011-3439 CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2013-2062 CVE-2014-0011 CVE-2014-1545 CVE-2014-2240 CVE-2014-2241 CVE-2014-2524 CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738 CVE-2017-17789 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-10879 CVE-2018-10880 CVE-2018-10881 CVE-2018-10882 CVE-2018-10883 CVE-2018-3620 CVE-2018-3646 CVE-2018-5391 CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2020-0430 CVE-2020-12105 CVE-2020-14351 CVE-2020-15652 CVE-2020-15659 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-15683 CVE-2020-15969 CVE-2020-16120 CVE-2020-25285 CVE-2020-25656 CVE-2020-27673 CVE-2020-27675 CVE-2020-6463 CVE-2020-6514 CVE-2020-8694 SUSE-SU-2018:2380-1 SUSE-SU-2020:0029-1 SUSE-SU-2020:1337-1 SUSE-SU-2020:2179-1 SUSE-SU-2020:2604-1 SUSE-SU-2020:3091-1 SUSE-SU-2020:3272-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information dbus-1-1.2.10-3.25.1 is installed OR dbus-1-32bit-1.2.10-3.25.1 is installed OR dbus-1-x11-1.2.10-3.25.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information krb5-1.6.3-133.49.97.1 is installed OR krb5-32bit-1.6.3-133.49.97.1 is installed OR krb5-client-1.6.3-133.49.97.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR bash-lang-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information expat-2.1.0-21.3 is installed OR libexpat1-2.1.0-21.3 is installed OR libexpat1-32bit-2.1.0-21.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information ctdb-4.2.4-18.30.1 is installed OR samba-4.2.4-18.30.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-26.2 is installed OR samba-4.2.4-26.2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information libpacemaker3-1.1.16-4 is installed OR pacemaker-1.1.16-4 is installed OR pacemaker-cli-1.1.16-4 is installed OR pacemaker-cts-1.1.16-4 is installed OR pacemaker-remote-1.1.16-4 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND libpcreposix0-8.39-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND haproxy-1.6.11-10 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.13 is installed OR dlm-kmp-default-4.12.14-25.13 is installed OR gfs2-kmp-default-4.12.14-25.13 is installed OR kernel-default-4.12.14-25.13 is installed OR ocfs2-kmp-default-4.12.14-25.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information ImageMagick-config-6-SUSE-6.8.8.1-71.126 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.126 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.126 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.126 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-1-2.2 is installed OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed OR kgraft-patch-SLE12_Update_3-1-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND python-setuptools-1.1.7-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-73.2 is installed OR libopenssl0_9_8-0.9.8j-73.2 is installed OR libopenssl0_9_8-32bit-0.9.8j-73.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-requests-2.8.1-6.9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-22.1 is installed OR php5-5.5.14-22.1 is installed OR php5-bcmath-5.5.14-22.1 is installed OR php5-bz2-5.5.14-22.1 is installed OR php5-calendar-5.5.14-22.1 is installed OR php5-ctype-5.5.14-22.1 is installed OR php5-curl-5.5.14-22.1 is installed OR php5-dba-5.5.14-22.1 is installed OR php5-dom-5.5.14-22.1 is installed OR php5-enchant-5.5.14-22.1 is installed OR php5-exif-5.5.14-22.1 is installed OR php5-fastcgi-5.5.14-22.1 is installed OR php5-fileinfo-5.5.14-22.1 is installed OR php5-fpm-5.5.14-22.1 is installed OR php5-ftp-5.5.14-22.1 is installed OR php5-gd-5.5.14-22.1 is installed OR php5-gettext-5.5.14-22.1 is installed OR php5-gmp-5.5.14-22.1 is installed OR php5-iconv-5.5.14-22.1 is installed OR php5-intl-5.5.14-22.1 is installed OR php5-json-5.5.14-22.1 is installed OR php5-ldap-5.5.14-22.1 is installed OR php5-mbstring-5.5.14-22.1 is installed OR php5-mcrypt-5.5.14-22.1 is installed OR php5-mysql-5.5.14-22.1 is installed OR php5-odbc-5.5.14-22.1 is installed OR php5-openssl-5.5.14-22.1 is installed OR php5-pcntl-5.5.14-22.1 is installed OR php5-pdo-5.5.14-22.1 is installed OR php5-pear-5.5.14-22.1 is installed OR php5-pgsql-5.5.14-22.1 is installed OR php5-pspell-5.5.14-22.1 is installed OR php5-shmop-5.5.14-22.1 is installed OR php5-snmp-5.5.14-22.1 is installed OR php5-soap-5.5.14-22.1 is installed OR php5-sockets-5.5.14-22.1 is installed OR php5-sqlite-5.5.14-22.1 is installed OR php5-suhosin-5.5.14-22.1 is installed OR php5-sysvmsg-5.5.14-22.1 is installed OR php5-sysvsem-5.5.14-22.1 is installed OR php5-sysvshm-5.5.14-22.1 is installed OR php5-tokenizer-5.5.14-22.1 is installed OR php5-wddx-5.5.14-22.1 is installed OR php5-xmlreader-5.5.14-22.1 is installed OR php5-xmlrpc-5.5.14-22.1 is installed OR php5-xmlwriter-5.5.14-22.1 is installed OR php5-xsl-5.5.14-22.1 is installed OR php5-zip-5.5.14-22.1 is installed OR php5-zlib-5.5.14-22.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.30-4.10 is installed OR tomcat-admin-webapps-9.0.30-4.10 is installed OR tomcat-el-3_0-api-9.0.30-4.10 is installed OR tomcat-jsp-2_3-api-9.0.30-4.10 is installed OR tomcat-lib-9.0.30-4.10 is installed OR tomcat-servlet-4_0-api-9.0.30-4.10 is installed OR tomcat-webapps-9.0.30-4.10 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND ldapsmb-1.34b-64.1 is installed OR libldb1-3.6.3-64.1 is installed OR libsmbclient0-3.6.3-64.1 is installed OR libsmbclient0-32bit-3.6.3-64.1 is installed OR libsmbclient0-x86-3.6.3-64.1 is installed OR libtalloc2-3.6.3-64.1 is installed OR libtalloc2-32bit-3.6.3-64.1 is installed OR libtalloc2-x86-3.6.3-64.1 is installed OR libtdb1-3.6.3-64.1 is installed OR libtdb1-32bit-3.6.3-64.1 is installed OR libtdb1-x86-3.6.3-64.1 is installed OR libtevent0-3.6.3-64.1 is installed OR libtevent0-32bit-3.6.3-64.1 is installed OR libwbclient0-3.6.3-64.1 is installed OR libwbclient0-32bit-3.6.3-64.1 is installed OR libwbclient0-x86-3.6.3-64.1 is installed OR samba-3.6.3-64.1 is installed OR samba-32bit-3.6.3-64.1 is installed OR samba-client-3.6.3-64.1 is installed OR samba-client-32bit-3.6.3-64.1 is installed OR samba-client-x86-3.6.3-64.1 is installed OR samba-doc-3.6.3-64.1 is installed OR samba-krb-printing-3.6.3-64.1 is installed OR samba-winbind-3.6.3-64.1 is installed OR samba-winbind-32bit-3.6.3-64.1 is installed OR samba-winbind-x86-3.6.3-64.1 is installed OR samba-x86-3.6.3-64.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND ldapsmb-1.34b-64.1 is installed OR libldb1-3.6.3-64.1 is installed OR libsmbclient0-3.6.3-64.1 is installed OR libsmbclient0-32bit-3.6.3-64.1 is installed OR libsmbclient0-x86-3.6.3-64.1 is installed OR libtalloc2-3.6.3-64.1 is installed OR libtalloc2-32bit-3.6.3-64.1 is installed OR libtalloc2-x86-3.6.3-64.1 is installed OR libtdb1-3.6.3-64.1 is installed OR libtdb1-32bit-3.6.3-64.1 is installed OR libtdb1-x86-3.6.3-64.1 is installed OR libtevent0-3.6.3-64.1 is installed OR libtevent0-32bit-3.6.3-64.1 is installed OR libwbclient0-3.6.3-64.1 is installed OR libwbclient0-32bit-3.6.3-64.1 is installed OR libwbclient0-x86-3.6.3-64.1 is installed OR samba-3.6.3-64.1 is installed OR samba-32bit-3.6.3-64.1 is installed OR samba-client-3.6.3-64.1 is installed OR samba-client-32bit-3.6.3-64.1 is installed OR samba-client-x86-3.6.3-64.1 is installed OR samba-doc-3.6.3-64.1 is installed OR samba-krb-printing-3.6.3-64.1 is installed OR samba-winbind-3.6.3-64.1 is installed OR samba-winbind-32bit-3.6.3-64.1 is installed OR samba-winbind-x86-3.6.3-64.1 is installed OR samba-x86-3.6.3-64.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information gnome-screensaver-2.28.3-0.32.1 is installed OR gnome-screensaver-lang-2.28.3-0.32.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information boost-license-1.36.0-12.6.49 is installed OR boost-license1_49_0-1.49.0-0.13.3 is installed OR libboost_program_options1_36_0-1.36.0-12.6.49 is installed OR libboost_regex1_36_0-1.36.0-12.6.49 is installed OR libboost_signals1_36_0-1.36.0-12.6.49 is installed OR libboost_system1_49_0-1.49.0-0.13.3 is installed OR libboost_thread1_36_0-1.36.0-12.6.49 is installed OR libboost_thread1_49_0-1.49.0-0.13.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bind-9.9.6P1-32.1 is installed OR bind-chrootenv-9.9.6P1-32.1 is installed OR bind-doc-9.9.6P1-32.1 is installed OR bind-libs-9.9.6P1-32.1 is installed OR bind-libs-32bit-9.9.6P1-32.1 is installed OR bind-utils-9.9.6P1-32.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information java-1_7_0-openjdk-1.7.0.111-33 is installed OR java-1_7_0-openjdk-demo-1.7.0.111-33 is installed OR java-1_7_0-openjdk-devel-1.7.0.111-33 is installed OR java-1_7_0-openjdk-headless-1.7.0.111-33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bluez-5.13-5.4 is installed OR libbluetooth3-5.13-5.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_49-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_49-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_14-2-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information strongswan-5.1.3-26.5 is installed OR strongswan-doc-5.1.3-26.5 is installed OR strongswan-hmac-5.1.3-26.5 is installed OR strongswan-ipsec-5.1.3-26.5 is installed OR strongswan-libs0-5.1.3-26.5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information krb5-1.6.3-133.49.103.1 is installed OR krb5-devel-1.6.3-133.49.103.1 is installed OR krb5-devel-32bit-1.6.3-133.49.103.1 is installed OR krb5-server-1.6.3-133.49.103.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information libid3tag-devel-0.15.1b-182 is installed OR libid3tag0-0.15.1b-182 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND alsa-devel-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information NetworkManager-1.0.12-12 is installed OR NetworkManager-devel-1.0.12-12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information kernel-default-3.12.39-47.1 is installed OR kernel-default-extra-3.12.39-47.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information flash-player-11.2.202.632-137.1 is installed OR flash-player-gnome-11.2.202.632-137.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information openconnect-7.08-6.6 is installed OR openconnect-devel-7.08-6.6 is installed OR openconnect-lang-7.08-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information MozillaThunderbird-78.4.0-3.99 is installed OR MozillaThunderbird-translations-common-78.4.0-3.99 is installed OR MozillaThunderbird-translations-other-78.4.0-3.99 is installed

BACK