Oval Definition:	oval:org.opensuse.security:def:53274
Revision Date: 2020-12-01 Version: 1 Title: Security update for apache2 (Important) Description: This update for apache2 fixes the following issues: Security issues fixed: - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1145575). - CVE-2019-10081: Fixed mod_http2 that is vulnerable to memory corruption on early pushes (bsc#1145742). - CVE-2019-10082: Fixed mod_http2 that is vulnerable to read-after-free in h2 connection shutdown (bsc#1145741). - CVE-2019-10092: Fixed limited cross-site scripting in mod_proxy (bsc#1145740). - CVE-2019-10097: Fixed mod_remoteip stack buffer overflow and NULL pointer dereference (bsc#1145739). - CVE-2019-10098: Fixed mod_rewrite configuration vulnerablility to open redirect (bsc#1145738). Family: unix Class: patch Status: Reference(s): 1020048 1024938 1034173 1038078 1038337 1043398 1043652 1048914 1052311 1052365 1052916 1145575 1145738 1145739 1145740 1145741 1145742 1175596 1177472 1178428 916847 916856 916857 916858 916859 916860 916861 916862 916863 916864 916865 916867 916868 916870 916871 916872 916873 916874 916879 916881 940806 943557 943558 943608 953516 953519 953521 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-1146 CVE-2010-1205 CVE-2010-1436 CVE-2010-1641 CVE-2010-2066 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2011-0712 CVE-2011-1020 CVE-2011-1577 CVE-2011-2203 CVE-2011-2501 CVE-2011-3026 CVE-2011-3045 CVE-2011-3048 CVE-2011-4182 CVE-2012-0056 CVE-2012-2150 CVE-2012-3386 CVE-2013-0160 CVE-2013-0231 CVE-2013-0913 CVE-2013-2064 CVE-2013-2850 CVE-2013-4312 CVE-2013-7353 CVE-2013-7354 CVE-2014-0038 CVE-2014-00691 CVE-2014-0196 CVE-2014-2240 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2014-9756 CVE-2015-1350 CVE-2015-4473 CVE-2015-4474 CVE-2015-4475 CVE-2015-4478 CVE-2015-4479 CVE-2015-4484 CVE-2015-4485 CVE-2015-4486 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4491 CVE-2015-4492 CVE-2015-4495 CVE-2015-4497 CVE-2015-4498 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-7805 CVE-2015-7833 CVE-2015-7884 CVE-2015-7885 CVE-2015-7981 CVE-2015-8075 CVE-2015-8126 CVE-2015-8540 CVE-2015-8709 CVE-2015-8812 CVE-2015-8964 CVE-2016-0617 CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-10087 CVE-2016-10200 CVE-2016-1237 CVE-2016-1583 CVE-2016-2117 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2847 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3672 CVE-2016-3689 CVE-2016-3713 CVE-2016-3951 CVE-2016-4470 CVE-2016-4482 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4569 CVE-2016-4578 CVE-2016-4794 CVE-2016-4805 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998 CVE-2016-5195 CVE-2016-5244 CVE-2016-5412 CVE-2016-5696 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197 CVE-2016-6318 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039 CVE-2016-7042 CVE-2016-7097 CVE-2016-7117 CVE-2016-7425 CVE-2016-7913 CVE-2016-7917 CVE-2016-8632 CVE-2016-8636 CVE-2016-8645 CVE-2016-8655 CVE-2016-8658 CVE-2016-8666 CVE-2016-9083 CVE-2016-9084 CVE-2016-9191 CVE-2016-9555 CVE-2016-9576 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806 CVE-2016-9919 CVE-2017-1000111 CVE-2017-1000112 CVE-2017-1000364 CVE-2017-1000365 CVE-2017-1000380 CVE-2017-2583 CVE-2017-2584 CVE-2017-2596 CVE-2017-2636 CVE-2017-2671 CVE-2017-2885 CVE-2017-5551 CVE-2017-5576 CVE-2017-5577 CVE-2017-5897 CVE-2017-5970 CVE-2017-5970 CVE-2017-5986 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6353 CVE-2017-7184 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7346 CVE-2017-7374 CVE-2017-7487 CVE-2017-7507 CVE-2017-7518 CVE-2017-7616 CVE-2017-7618 CVE-2017-7869 CVE-2017-8890 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9150 CVE-2017-9242 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-15180 SUSE-SU-2015:0455-1 SUSE-SU-2015:1476-1 SUSE-SU-2015:2000-2 SUSE-SU-2017:0517-1 SUSE-SU-2017:1838-1 SUSE-SU-2017:2129-1 SUSE-SU-2017:2131-1 SUSE-SU-2019:2237-1 SUSE-SU-2020:3500-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cron-4.2-lp150.2 is installed OR cronie-1.5.1-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information irssi-1.1.3-33 is installed OR irssi-devel-1.1.3-33 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libQtWebKit4-4.6.3-5.20.23 is installed OR libQtWebKit4-32bit-4.6.3-5.20.23 is installed OR libqt4-4.6.3-5.20.23 is installed OR libqt4-32bit-4.6.3-5.20.23 is installed OR libqt4-qt3support-4.6.3-5.20.23 is installed OR libqt4-qt3support-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-4.6.3-5.20.23 is installed OR libqt4-sql-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-mysql-4.6.3-5.20.23 is installed OR libqt4-sql-mysql-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-postgresql-4.6.3-5.20.23 is installed OR libqt4-sql-postgresql-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-sqlite-4.6.3-5.20.23 is installed OR libqt4-sql-sqlite-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-unixODBC-4.6.3-5.20.23 is installed OR libqt4-sql-unixODBC-32bit-4.6.3-5.20.23 is installed OR libqt4-x11-4.6.3-5.20.23 is installed OR libqt4-x11-32bit-4.6.3-5.20.23 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.559-0.32 is installed OR flash-player-gnome-11.2.202.559-0.32 is installed OR flash-player-kde4-11.2.202.559-0.32 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.85-0.11 is installed OR java-1_7_0-openjdk-demo-1.7.0.85-0.11 is installed OR java-1_7_0-openjdk-devel-1.7.0.85-0.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information freetype2-2.5.3-5 is installed OR ft2demos-2.5.3-5 is installed OR libfreetype6-2.5.3-5 is installed OR libfreetype6-32bit-2.5.3-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libsndfile-1.0.25-25 is installed OR libsndfile1-1.0.25-25 is installed OR libsndfile1-32bit-1.0.25-25 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libxcb-dri2-0-1.10-3 is installed OR libxcb-dri2-0-32bit-1.10-3 is installed OR libxcb-dri3-0-1.10-3 is installed OR libxcb-dri3-0-32bit-1.10-3 is installed OR libxcb-glx0-1.10-3 is installed OR libxcb-glx0-32bit-1.10-3 is installed OR libxcb-present0-1.10-3 is installed OR libxcb-present0-32bit-1.10-3 is installed OR libxcb-randr0-1.10-3 is installed OR libxcb-render0-1.10-3 is installed OR libxcb-render0-32bit-1.10-3 is installed OR libxcb-shape0-1.10-3 is installed OR libxcb-shm0-1.10-3 is installed OR libxcb-shm0-32bit-1.10-3 is installed OR libxcb-sync1-1.10-3 is installed OR libxcb-sync1-32bit-1.10-3 is installed OR libxcb-xf86dri0-1.10-3 is installed OR libxcb-xfixes0-1.10-3 is installed OR libxcb-xfixes0-32bit-1.10-3 is installed OR libxcb-xinerama0-1.10-3 is installed OR libxcb-xkb1-1.10-3 is installed OR libxcb-xkb1-32bit-1.10-3 is installed OR libxcb-xv0-1.10-3 is installed OR libxcb1-1.10-3 is installed OR libxcb1-32bit-1.10-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libvdpau1-1.1.1-6 is installed OR libvdpau1-32bit-1.1.1-6 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information apache2-2.4.33-3.21 is installed OR apache2-devel-2.4.33-3.21 is installed OR apache2-doc-2.4.33-3.21 is installed OR apache2-prefork-2.4.33-3.21 is installed OR apache2-utils-2.4.33-3.21 is installed OR apache2-worker-2.4.33-3.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_63-default-7-2 is installed OR kgraft-patch-3_12_74-60_64_63-xen-7-2 is installed OR kgraft-patch-SLE12-SP1_Update_22-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libidn-tools-1.28-4 is installed OR libidn11-1.28-4 is installed OR libidn11-32bit-1.28-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libsystemd0-228-150.66 is installed OR libsystemd0-32bit-228-150.66 is installed OR libudev-devel-228-150.66 is installed OR libudev1-228-150.66 is installed OR libudev1-32bit-228-150.66 is installed OR systemd-228-150.66 is installed OR systemd-32bit-228-150.66 is installed OR systemd-bash-completion-228-150.66 is installed OR systemd-sysvinit-228-150.66 is installed OR udev-228-150.66 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ft2demos-2.6.3-7.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND libcares2-1.9.1-9.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND python-PyYAML-3.10-15 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
BACK