OVAL Reference oval:org.opensuse.security:def:52226

Oval Definition:

oval:org.opensuse.security:def:52226

Revision Date:	2020-12-01	Version:	1
Title:	Security update for tomcat (Important)
Description:	This update for tomcat to version 9.0.30 fixes the following issues: Security issue fixed: - CVE-2019-12418: Fixed a local privilege escalation through by manipulating the RMI registry and performing a man-in-the-middle attack (bsc#1159723). - CVE-2019-17563: Fixed a session fixation attack when using FORM authentication (bsc#1159729).
Family:	unix	Class:	patch
Status:		Reference(s):	1115713 1139924 1151455 1156146 1157179 1159723 1159729 1172402 1172515 1173274 1176315 1178512 CVE-2009-1210 CVE-2009-1267 CVE-2009-1268 CVE-2009-1269 CVE-2009-3241 CVE-2009-3242 CVE-2009-3243 CVE-2010-1455 CVE-2010-2993 CVE-2010-3445 CVE-2010-4300 CVE-2010-4301 CVE-2010-4538 CVE-2011-0024 CVE-2011-0538 CVE-2011-0713 CVE-2011-1138 CVE-2011-1139 CVE-2011-1140 CVE-2011-1143 CVE-2011-1590 CVE-2011-1591 CVE-2011-1592 CVE-2011-1957 CVE-2011-1958 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 CVE-2011-2597 CVE-2011-2698 CVE-2011-3146 CVE-2011-3266 CVE-2011-3360 CVE-2011-3483 CVE-2011-3635 CVE-2012-0035 CVE-2012-0786 CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-2737 CVE-2012-3548 CVE-2012-4048 CVE-2012-4049 CVE-2012-4285 CVE-2012-4286 CVE-2012-4287 CVE-2012-4288 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 CVE-2012-4292 CVE-2012-4293 CVE-2012-4294 CVE-2012-4295 CVE-2012-4296 CVE-2012-4297 CVE-2012-4298 CVE-2012-5237 CVE-2012-5238 CVE-2012-5239 CVE-2012-5240 CVE-2012-5592 CVE-2012-5593 CVE-2012-5594 CVE-2012-5595 CVE-2012-5596 CVE-2012-5597 CVE-2012-5598 CVE-2012-5599 CVE-2012-5600 CVE-2012-5601 CVE-2012-5602 CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580 CVE-2013-1581 CVE-2013-1582 CVE-2013-1583 CVE-2013-1584 CVE-2013-1585 CVE-2013-1586 CVE-2013-1587 CVE-2013-1588 CVE-2013-1589 CVE-2013-1590 CVE-2013-1881 CVE-2013-2002 CVE-2013-2005 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 CVE-2013-3555 CVE-2013-3556 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 CVE-2013-4083 CVE-2013-4920 CVE-2013-4921 CVE-2013-4922 CVE-2013-4923 CVE-2013-4924 CVE-2013-4925 CVE-2013-4926 CVE-2013-4927 CVE-2013-4928 CVE-2013-4929 CVE-2013-4930 CVE-2013-4931 CVE-2013-4932 CVE-2013-4933 CVE-2013-4934 CVE-2013-4935 CVE-2013-4936 CVE-2013-5717 CVE-2013-5718 CVE-2013-5719 CVE-2013-5720 CVE-2013-5721 CVE-2013-5722 CVE-2013-6336 CVE-2013-6337 CVE-2013-6338 CVE-2013-6339 CVE-2013-6340 CVE-2013-7112 CVE-2013-7113 CVE-2013-7114 CVE-2014-2281 CVE-2014-2282 CVE-2014-2283 CVE-2014-2299 CVE-2014-2907 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 CVE-2014-4020 CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164 CVE-2014-5165 CVE-2014-8119 CVE-2015-0559 CVE-2015-0560 CVE-2015-0561 CVE-2015-0562 CVE-2015-0563 CVE-2015-0564 CVE-2015-2188 CVE-2015-2189 CVE-2015-2191 CVE-2015-2806 CVE-2015-3622 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-4041 CVE-2015-4042 CVE-2015-7830 CVE-2015-8711 CVE-2015-8712 CVE-2015-8713 CVE-2015-8714 CVE-2015-8715 CVE-2015-8716 CVE-2015-8717 CVE-2015-8718 CVE-2015-8719 CVE-2015-8720 CVE-2015-8721 CVE-2015-8722 CVE-2015-8723 CVE-2015-8724 CVE-2015-8725 CVE-2015-8726 CVE-2015-8727 CVE-2015-8728 CVE-2015-8729 CVE-2015-8730 CVE-2015-8731 CVE-2015-8732 CVE-2015-8733 CVE-2016-2523 CVE-2016-2530 CVE-2016-2531 CVE-2016-2532 CVE-2016-4008 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 CVE-2016-5359 CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2018-19208 CVE-2019-10072 CVE-2019-12418 CVE-2019-14818 CVE-2019-17563 CVE-2020-12398 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14422 CVE-2020-17507 CVE-2020-28196 SUSE-SU-2018:3870-1 SUSE-SU-2020:0029-1 SUSE-SU-2020:0439-1 SUSE-SU-2020:1591-1 SUSE-SU-2020:1920-1 SUSE-SU-2020:2748-1 SUSE-SU-2020:3375-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information eog-3.26.2-lp150.3 is installed OR eog-lang-3.26.2-lp150.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND clamav-0.97.8-0.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information xorg-x11-libXext-7.4-1.18 is installed OR xorg-x11-libXext-32bit-7.4-1.18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.2-1 is installed OR librsvg-2-2-2.40.2-1 is installed OR librsvg-2-2-32bit-2.40.2-1 is installed OR rsvg-view-2.40.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND libaugeas0-1.2.0-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libtasn1-4.9-1 is installed OR libtasn1-6-4.9-1 is installed OR libtasn1-6-32bit-4.9-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information coreutils-8.25-13.7 is installed OR coreutils-lang-8.25-13.7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information tomcat-9.0.30-4.10 is installed OR tomcat-docs-webapp-9.0.30-4.10 is installed OR tomcat-embed-9.0.30-4.10 is installed OR tomcat-javadoc-9.0.30-4.10 is installed OR tomcat-jsvc-9.0.30-4.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libXxf86vm1-1.1.3-3 is installed OR libXxf86vm1-32bit-1.1.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_21-default-11-2 is installed OR kgraft-patch-3_12_67-60_64_21-xen-11-2 is installed OR kgraft-patch-SLE12-SP1_Update_10-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND libXxf86dga1-1.1.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.29 is installed OR samba-4.2.4-28.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtiff5-4.0.9-44.21 is installed OR libtiff5-32bit-4.0.9-44.21 is installed OR tiff-4.0.9-44.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gstreamer-plugins-good-1.8.3-15 is installed OR gstreamer-plugins-good-lang-1.8.3-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information krb5-1.15.2-6.12 is installed OR krb5-32bit-1.15.2-6.12 is installed OR krb5-client-1.15.2-6.12 is installed OR krb5-devel-1.15.2-6.12 is installed OR krb5-plugin-kdb-ldap-1.15.2-6.12 is installed OR krb5-plugin-preauth-otp-1.15.2-6.12 is installed OR krb5-plugin-preauth-pkinit-1.15.2-6.12 is installed OR krb5-server-1.15.2-6.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND python-ipaddress-1.0.18-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information libwpd-0.10.2-3.3 is installed OR libwpd-0_10-10-0.10.2-3.3 is installed OR libwpd-devel-0.10.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.9.0-3.85 is installed OR MozillaThunderbird-translations-common-68.9.0-3.85 is installed OR MozillaThunderbird-translations-other-68.9.0-3.85 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information curl-7.37.0-37.23 is installed OR libcurl4-7.37.0-37.23 is installed OR libcurl4-32bit-7.37.0-37.23 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information grafana-4.5.1-1.8 is installed OR kafka-0.10.2.2-5 is installed OR logstash-2.4.1-5 is installed OR monasca-installer-20180608_12.47-9 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-SQLAlchemy-1.1.12-3.5 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-rack-1.6.11-3.3 is installed OR rubygem-rack-1.6.11-3.3 is installed

BACK