Oval Definition:oval:org.opensuse.security:def:50957
Revision Date:2020-12-01Version:1
Title:Security update for apache2 (Moderate)
Description:

This update for apache2 fixes the following issues:

- CVE-2020-9490: Fixed a crash caused by a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request (bsc#1175071). - CVE-2020-11984: Fixed an information disclosure bug in mod_proxy_uwsgi (bsc#1175074). - CVE-2020-11993: When trace/debug was enabled for the HTTP/2 module logging statements were made on the wrong connection (bsc#1175070).

- Solve a crash in mod_proxy_uwsgi for empty values of environment variables. (bsc#1174052)
Family:unixClass:patch
Status:Reference(s):1013708
1013712
1013893
1015171
1046305
1046306
1046307
1051510
1055186
1058115
1065600
1065729
1081917
1083647
1086288
1086315
1086317
1086327
1086331
1086906
1087092
1090888
1094244
1097104
1097577
1097583
1097584
1097585
1097586
1097587
1097588
1097808
1100132
1101480
1101669
1101822
1101888
1101889
1102517
1102715
1103269
1103277
1103363
1103445
1103886
1104353
1104365
1104427
1104482
1104494
1104495
1104683
1104708
1104777
1104890
1104897
1105026
1105292
1105296
1105322
1105355
1105378
1105396
1105467
1105731
1107806
1117722
1118745
1125770
1128858
1129271
1129392
1132160
1132690
1134190
1134428
1135222
1135350
1148742
1149126
1149429
1151186
1152472
1152489
1152778
1153274
1153879
1154353
1154738
1155518
1156395
1159329
1159913
1161719
1163809
1165631
1167527
1170774
1171068
1171433
1171688
1171742
1171863
1171864
1171866
1172177
1172182
1172184
1172186
1172348
1172757
1173017
1173115
1173157
1173351
1173746
1174052
1174139
1174358
1174538
1174899
1174955
1175070
1175071
1175074
1175465
1175749
1175882
1176019
1176038
1176137
1176235
1176236
1176237
1176242
1176278
1176357
1176358
1176359
1176360
1176361
1176362
1176363
1176364
1176365
1176366
1176367
1176381
1176423
1176430
1176449
1176482
1176486
1176507
1176536
1176537
1176538
1176539
1176540
1176541
1176542
1176544
1176545
1176546
1176548
1176558
1176559
1176587
1176659
1176698
1176699
1176700
1176721
1176722
1176725
1176732
1176763
1176775
1176788
1176789
1176833
1176869
1176877
1176925
1176962
1176980
1176990
1177021
1177030
1177155
1178512
802154
971975
CVE-2016-9797
CVE-2016-9798
CVE-2016-9802
CVE-2016-9917
CVE-2017-18594
CVE-2018-10853
CVE-2018-10902
CVE-2018-14394
CVE-2018-14395
CVE-2018-15173
CVE-2018-15471
CVE-2018-15572
CVE-2018-9363
CVE-2019-11068
CVE-2019-11757
CVE-2019-11758
CVE-2019-11759
CVE-2019-11760
CVE-2019-11761
CVE-2019-11762
CVE-2019-11763
CVE-2019-11764
CVE-2019-15903
CVE-2019-16770
CVE-2019-5108
CVE-2019-5418
CVE-2019-5419
CVE-2019-5420
CVE-2019-8835
CVE-2019-8844
CVE-2019-8846
CVE-2020-0404
CVE-2020-0427
CVE-2020-0431
CVE-2020-0432
CVE-2020-10543
CVE-2020-10878
CVE-2020-11076
CVE-2020-11077
CVE-2020-11984
CVE-2020-11993
CVE-2020-12723
CVE-2020-14385
CVE-2020-14390
CVE-2020-15169
CVE-2020-15652
CVE-2020-15653
CVE-2020-15654
CVE-2020-15655
CVE-2020-15656
CVE-2020-15657
CVE-2020-15658
CVE-2020-15659
CVE-2020-15708
CVE-2020-1749
CVE-2020-25212
CVE-2020-25284
CVE-2020-25637
CVE-2020-26088
CVE-2020-28196
CVE-2020-3862
CVE-2020-3864
CVE-2020-3865
CVE-2020-3867
CVE-2020-3868
CVE-2020-5247
CVE-2020-5249
CVE-2020-5267
CVE-2020-6463
CVE-2020-6514
CVE-2020-8164
CVE-2020-8165
CVE-2020-8166
CVE-2020-8167
CVE-2020-8184
CVE-2020-8185
CVE-2020-9490
SUSE-SU-2018:2539-1
SUSE-SU-2018:2677-1
SUSE-SU-2019:1299-2
SUSE-SU-2019:1353-2
SUSE-SU-2019:1381-1
SUSE-SU-2019:2912-1
SUSE-SU-2020:0468-1
SUSE-SU-2020:1682-1
SUSE-SU-2020:2311-1
SUSE-SU-2020:2970-1
SUSE-SU-2020:3160-1
SUSE-SU-2020:3377-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libsndfile-1.0.20-2.10 is installed
  • OR libsndfile-32bit-1.0.20-2.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND hardlink-1.0-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libjpeg-turbo-1.3.1-30 is installed
  • OR libjpeg62-62.1.0-30 is installed
  • OR libjpeg62-32bit-62.1.0-30 is installed
  • OR libjpeg62-turbo-1.3.1-30 is installed
  • OR libjpeg8-8.0.2-30 is installed
  • OR libjpeg8-32bit-8.0.2-30 is installed
  • OR libturbojpeg0-8.0.2-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libXi6-1.7.4-9 is installed
  • OR libXi6-32bit-1.7.4-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • dhcp-4.3.3-9 is installed
  • OR dhcp-client-4.3.3-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • empathy-3.12.13-8.3 is installed
  • OR empathy-lang-3.12.13-8.3 is installed
  • OR telepathy-mission-control-plugin-goa-3.12.13-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • apache2-2.4.43-3.5 is installed
  • OR apache2-prefork-2.4.43-3.5 is installed
  • OR apache2-utils-2.4.43-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.16 is installed
  • OR reiserfs-kmp-default-4.12.14-25.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_3-default-3-2 is installed
  • OR kernel-livepatch-SLE15_Update_1-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_10-default-6-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_3-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-32bit-2.26.4-3.43 is installed
  • OR libwebkit2gtk-4_0-37-32bit-2.26.4-3.43 is installed
  • OR webkit-jsc-4-2.26.4-3.43 is installed
  • OR webkit2gtk3-2.26.4-3.43 is installed
  • OR webkit2gtk3-minibrowser-2.26.4-3.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • ncat-7.70-3.12 is installed
  • OR ndiff-7.70-3.12 is installed
  • OR nmap-7.70-3.12 is installed
  • OR nping-7.70-3.12 is installed
  • OR zenmap-7.70-3.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • rmt-server-2.6.5-3.18 is installed
  • OR rmt-server-pubcloud-2.6.5-3.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND rmt-server-2.1.4-3.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • libvirt-6.0.0-13.8 is installed
  • OR libvirt-admin-6.0.0-13.8 is installed
  • OR libvirt-bash-completion-6.0.0-13.8 is installed
  • OR libvirt-client-6.0.0-13.8 is installed
  • OR libvirt-daemon-6.0.0-13.8 is installed
  • OR libvirt-daemon-config-network-6.0.0-13.8 is installed
  • OR libvirt-daemon-config-nwfilter-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-interface-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-libxl-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-lxc-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-network-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-nodedev-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-nwfilter-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-qemu-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-secret-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-core-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-disk-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-iscsi-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-logical-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-mpath-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-rbd-6.0.0-13.8 is installed
  • OR libvirt-daemon-driver-storage-scsi-6.0.0-13.8 is installed
  • OR libvirt-daemon-hooks-6.0.0-13.8 is installed
  • OR libvirt-daemon-lxc-6.0.0-13.8 is installed
  • OR libvirt-daemon-qemu-6.0.0-13.8 is installed
  • OR libvirt-daemon-xen-6.0.0-13.8 is installed
  • OR libvirt-devel-6.0.0-13.8 is installed
  • OR libvirt-doc-6.0.0-13.8 is installed
  • OR libvirt-lock-sanlock-6.0.0-13.8 is installed
  • OR libvirt-nss-6.0.0-13.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libudisks2-0-2.1.3-1 is installed
  • OR udisks2-2.1.3-1 is installed
  • OR udisks2-lang-2.1.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.54 is installed
  • OR kernel-default-base-3.12.74-60.64.54 is installed
  • OR kernel-default-devel-3.12.74-60.64.54 is installed
  • OR kernel-default-man-3.12.74-60.64.54 is installed
  • OR kernel-devel-3.12.74-60.64.54 is installed
  • OR kernel-macros-3.12.74-60.64.54 is installed
  • OR kernel-source-3.12.74-60.64.54 is installed
  • OR kernel-syms-3.12.74-60.64.54 is installed
  • OR kernel-xen-3.12.74-60.64.54 is installed
  • OR kernel-xen-base-3.12.74-60.64.54 is installed
  • OR kernel-xen-devel-3.12.74-60.64.54 is installed
  • OR kgraft-patch-3_12_74-60_64_54-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_54-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_19-1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libpoppler44-0.24.4-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.52 is installed
  • OR openssl-1.0.2j-60.52 is installed
  • OR openssl-doc-1.0.2j-60.52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • openssh-7.2p2-74.25 is installed
  • OR openssh-askpass-gnome-7.2p2-74.25 is installed
  • OR openssh-fips-7.2p2-74.25 is installed
  • OR openssh-helpers-7.2p2-74.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.121-92.85 is installed
  • OR kernel-default-base-4.4.121-92.85 is installed
  • OR kernel-default-devel-4.4.121-92.85 is installed
  • OR kernel-default-man-4.4.121-92.85 is installed
  • OR kernel-devel-4.4.121-92.85 is installed
  • OR kernel-macros-4.4.121-92.85 is installed
  • OR kernel-source-4.4.121-92.85 is installed
  • OR kernel-syms-4.4.121-92.85 is installed
  • OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND binutils-2.26.1-9.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.15 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed
  • OR sqlite3-3.8.10.2-9.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.6 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.6 is installed
  • OR sqlite3-3.8.10.2-9.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • colord-gtk-lang-0.1.26-6 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-12 is installed
  • OR libcolord2-32bit-1.3.3-12 is installed
  • OR libcolorhug2-1.3.3-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • perl-5.26.1-7.12 is installed
  • OR perl-base-5.26.1-7.12 is installed
  • OR perl-base-32bit-5.26.1-7.12 is installed
  • OR perl-doc-5.26.1-7.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • MozillaThunderbird-68.2.1-3.58 is installed
  • OR MozillaThunderbird-translations-common-68.2.1-3.58 is installed
  • OR MozillaThunderbird-translations-other-68.2.1-3.58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.17 is installed
  • OR libavcodec-devel-3.4.2-4.17 is installed
  • OR libavformat-devel-3.4.2-4.17 is installed
  • OR libavformat57-3.4.2-4.17 is installed
  • OR libavresample-devel-3.4.2-4.17 is installed
  • OR libavresample3-3.4.2-4.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ntp-4.2.8p4-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.6_05-43.42 is installed
  • OR xen-doc-html-4.7.6_05-43.42 is installed
  • OR xen-libs-4.7.6_05-43.42 is installed
  • OR xen-libs-32bit-4.7.6_05-43.42 is installed
  • OR xen-tools-4.7.6_05-43.42 is installed
  • OR xen-tools-domU-4.7.6_05-43.42 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
    • BACK