OVAL Reference oval:org.opensuse.security:def:52103

Oval Definition:

oval:org.opensuse.security:def:52103

Revision Date:	2020-12-01	Version:	1
Title:	Security update for tomcat (Important)
Description:	This update for tomcat fixes the following issues: - Update to Tomcat 9.0.35. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) CVE-2020-9484 (bsc#1171928) Apache Tomcat Remote Code Execution via session persistence If an attacker was able to control the contents and name of a file on a server configured to use the PersistenceManager, then the attacker could have triggered a remote code execution via deserialization of the file under their control.
Family:	unix	Class:	patch
Status:		Reference(s):	1153163 1153164 1159819 1162117 1163102 1163103 1163104 1166844 1166916 1169746 1171928 1171978 1172442 1172443 1174628 1175070 1175071 1175193 1175194 1178074 CVE-2007-5970 CVE-2008-7247 CVE-2009-1273 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2010-0750 CVE-2010-4651 CVE-2010-5298 CVE-2011-1485 CVE-2012-5615 CVE-2013-1976 CVE-2013-4288 CVE-2014-0011 CVE-2014-0107 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-2494 CVE-2014-3470 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6474 CVE-2014-6478 CVE-2014-6484 CVE-2014-6489 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 CVE-2014-6568 CVE-2014-8964 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-1196 CVE-2015-1395 CVE-2015-1396 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-2590 CVE-2015-2597 CVE-2015-2601 CVE-2015-2613 CVE-2015-2619 CVE-2015-2621 CVE-2015-2625 CVE-2015-2627 CVE-2015-2628 CVE-2015-2632 CVE-2015-2637 CVE-2015-2638 CVE-2015-2659 CVE-2015-2664 CVE-2015-2808 CVE-2015-3152 CVE-2015-3218 CVE-2015-3255 CVE-2015-3256 CVE-2015-4000 CVE-2015-4625 CVE-2015-4729 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4736 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-4792 CVE-2015-4802 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4807 CVE-2015-4810 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4835 CVE-2015-4836 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4858 CVE-2015-4860 CVE-2015-4861 CVE-2015-4868 CVE-2015-4870 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4901 CVE-2015-4902 CVE-2015-4903 CVE-2015-4906 CVE-2015-4908 CVE-2015-4911 CVE-2015-4913 CVE-2015-4916 CVE-2015-5969 CVE-2015-7575 CVE-2015-7995 CVE-2015-8126 CVE-2015-9019 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616 CVE-2016-0636 CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0651 CVE-2016-0655 CVE-2016-0666 CVE-2016-0668 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-2047 CVE-2016-2183 CVE-2016-3425 CVE-2016-3426 CVE-2016-3427 CVE-2016-3458 CVE-2016-3477 CVE-2016-3485 CVE-2016-3498 CVE-2016-3500 CVE-2016-3503 CVE-2016-3508 CVE-2016-3511 CVE-2016-3521 CVE-2016-3550 CVE-2016-3552 CVE-2016-3587 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610 CVE-2016-3615 CVE-2016-4738 CVE-2016-5440 CVE-2016-5542 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-6662 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2017-5029 CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-17006 CVE-2019-17177 CVE-2019-17178 CVE-2020-10531 CVE-2020-11080 CVE-2020-11993 CVE-2020-12399 CVE-2020-14344 CVE-2020-14349 CVE-2020-14350 CVE-2020-7598 CVE-2020-8174 CVE-2020-9484 CVE-2020-9490 SUSE-SU-2019:3079-1 SUSE-SU-2020:0454-1 SUSE-SU-2020:1568-1 SUSE-SU-2020:1677-1 SUSE-SU-2020:2264-1 SUSE-SU-2020:3067-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND liblzo2-2-2.10-lp150.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libgcrypt-1.5.0-0.19 is installed OR libgcrypt11-1.5.0-0.19 is installed OR libgcrypt11-32bit-1.5.0-0.19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information strongswan-4.4.0-6.32 is installed OR strongswan-doc-4.4.0-6.32 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information tigervnc-1.3.0-17 is installed OR xorg-x11-Xvnc-1.3.0-17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libpolkit0-0.113-4 is installed OR libpolkit0-32bit-0.113-4 is installed OR polkit-0.113-4 is installed OR typelib-1_0-Polkit-1_0-0.113-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libmysqlclient18-10.0.27-12 is installed OR libmysqlclient18-32bit-10.0.27-12 is installed OR libmysqlclient_r18-10.0.27-12 is installed OR libmysqlclient_r18-32bit-10.0.27-12 is installed OR mariadb-10.0.27-12 is installed OR mariadb-client-10.0.27-12 is installed OR mariadb-errormessages-10.0.27-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information java-1_8_0-openjdk-1.8.0.131-26 is installed OR java-1_8_0-openjdk-headless-1.8.0.131-26 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gpgme-1.5.1-1 is installed OR libgpgme11-1.5.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information tomcat-9.0.35-4.30 is installed OR tomcat-docs-webapp-9.0.35-4.30 is installed OR tomcat-embed-9.0.35-4.30 is installed OR tomcat-javadoc-9.0.35-4.30 is installed OR tomcat-jsvc-9.0.35-4.30 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed AND Package Information nodejs10-10.21.0-1.21 is installed OR nodejs10-devel-10.21.0-1.21 is installed OR nodejs10-docs-10.21.0-1.21 is installed OR npm10-10.21.0-1.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libtiff5-4.0.6-31 is installed OR libtiff5-32bit-4.0.6-31 is installed OR tiff-4.0.6-31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_63-default-7-2 is installed OR kgraft-patch-3_12_74-60_64_63-xen-7-2 is installed OR kgraft-patch-SLE12-SP1_Update_22-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR gcc48-locale-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND shadow-4.2.1-27.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information cups-filters-1.0.58-15.2 is installed OR cups-filters-cups-browsed-1.0.58-15.2 is installed OR cups-filters-foomatic-rip-1.0.58-15.2 is installed OR cups-filters-ghostscript-1.0.58-15.2 is installed OR libqpdf18-7.1.1-3.3 is installed OR qpdf-7.1.1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bzip2-1.0.6-29 is installed OR bzip2-doc-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_64-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ovmf-2017+git1492060560.b6d11d7c46-4.12 is installed OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.12 is installed OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libecpg6-10.14-4.25 is installed OR libpq5-10.14-4.25 is installed OR libpq5-32bit-10.14-4.25 is installed OR postgresql10-10.14-4.25 is installed OR postgresql10-contrib-10.14-4.25 is installed OR postgresql10-devel-10.14-4.25 is installed OR postgresql10-docs-10.14-4.25 is installed OR postgresql10-plperl-10.14-4.25 is installed OR postgresql10-plpython-10.14-4.25 is installed OR postgresql10-pltcl-10.14-4.25 is installed OR postgresql10-server-10.14-4.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libfreebl3-3.53-3.40 is installed OR libfreebl3-32bit-3.53-3.40 is installed OR libfreebl3-hmac-3.53-3.40 is installed OR libfreebl3-hmac-32bit-3.53-3.40 is installed OR libsoftokn3-3.53-3.40 is installed OR libsoftokn3-32bit-3.53-3.40 is installed OR libsoftokn3-hmac-3.53-3.40 is installed OR libsoftokn3-hmac-32bit-3.53-3.40 is installed OR mozilla-nspr-4.25-3.12 is installed OR mozilla-nspr-32bit-4.25-3.12 is installed OR mozilla-nspr-devel-4.25-3.12 is installed OR mozilla-nss-3.53-3.40 is installed OR mozilla-nss-32bit-3.53-3.40 is installed OR mozilla-nss-certs-3.53-3.40 is installed OR mozilla-nss-certs-32bit-3.53-3.40 is installed OR mozilla-nss-devel-3.53-3.40 is installed OR mozilla-nss-sysinit-3.53-3.40 is installed OR mozilla-nss-tools-3.53-3.40 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information freerdp-2.0.0~rc4-10.4 is installed OR freerdp-devel-2.0.0~rc4-10.4 is installed OR libfreerdp2-2.0.0~rc4-10.4 is installed OR libwinpr2-2.0.0~rc4-10.4 is installed OR winpr2-devel-2.0.0~rc4-10.4 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND python-Jinja2-2.7.3-15 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information curl-7.37.0-37.34 is installed OR libcurl4-7.37.0-37.34 is installed OR libcurl4-32bit-7.37.0-37.34 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information mariadb-10.2.29-3.22 is installed OR mariadb-galera-10.2.29-3.22 is installed

BACK