Oval Definition:oval:org.opensuse.security:def:53276
Revision Date:2020-12-01Version:1
Title:Security update for nginx (Important)
Description:

This update for nginx fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization (bsc#1145579). - CVE-2019-9513: Fixed a denial of service caused by resource loops (bsc#1145580). - CVE-2019-9516: Fixed a denial of service caused by header leaks (bsc#1145582). - CVE-2018-16845: Fixed denial of service and memory disclosure via mp4 module (bsc#1115015). - CVE-2018-16843: Fixed excessive memory consumption in HTTP/2 implementation (bsc#1115022). - CVE-2018-16844: Fixed excessive CPU usage via flaw in HTTP/2 implementation (bsc#1115025).
Family:unixClass:patch
Status:Reference(s):1010977
1010979
1011830
1012530
1015993
1046779
1051222
1115015
1115022
1115025
1145579
1145580
1145582
1151455
1156146
1157179
917799
944066
952062
979907
997857
CVE-2008-4225
CVE-2008-4226
CVE-2008-4409
CVE-2010-1205
CVE-2010-2242
CVE-2010-4494
CVE-2011-1146
CVE-2011-1526
CVE-2011-1944
CVE-2011-2483
CVE-2011-2501
CVE-2011-2511
CVE-2011-2690
CVE-2011-2691
CVE-2011-2692
CVE-2011-3328
CVE-2011-4600
CVE-2011-4862
CVE-2012-3445
CVE-2012-5134
CVE-2013-0170
CVE-2013-0338
CVE-2013-1962
CVE-2013-1969
CVE-2013-2218
CVE-2013-2230
CVE-2013-4143
CVE-2013-4153
CVE-2013-4154
CVE-2013-4239
CVE-2013-4296
CVE-2013-4297
CVE-2013-4311
CVE-2013-4399
CVE-2013-4400
CVE-2013-4401
CVE-2013-6436
CVE-2013-6456
CVE-2013-6457
CVE-2013-6458
CVE-2013-6954
CVE-2014-0028
CVE-2014-0179
CVE-2014-0191
CVE-2014-0333
CVE-2014-1447
CVE-2014-3633
CVE-2014-3657
CVE-2014-3660
CVE-2014-7204
CVE-2014-7823
CVE-2014-8131
CVE-2014-9495
CVE-2014-9679
CVE-2015-0236
CVE-2015-0973
CVE-2015-1819
CVE-2015-5247
CVE-2015-5312
CVE-2015-5313
CVE-2015-5722
CVE-2015-7497
CVE-2015-7498
CVE-2015-7499
CVE-2015-7500
CVE-2015-7941
CVE-2015-7942
CVE-2015-8025
CVE-2015-8035
CVE-2015-8126
CVE-2015-8241
CVE-2015-8242
CVE-2015-8317
CVE-2015-8710
CVE-2015-8871
CVE-2016-10087
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-3627
CVE-2016-3705
CVE-2016-4483
CVE-2016-7163
CVE-2016-8654
CVE-2016-9395
CVE-2016-9398
CVE-2016-9560
CVE-2016-9591
CVE-2017-1000256
CVE-2017-11185
CVE-2017-2635
CVE-2017-5715
CVE-2017-7506
CVE-2018-1064
CVE-2018-16843
CVE-2018-16844
CVE-2018-16845
CVE-2018-3639
CVE-2018-5748
CVE-2019-14818
CVE-2019-9511
CVE-2019-9513
CVE-2019-9516
SUSE-SU-2015:0465-1
SUSE-SU-2015:1481-1
SUSE-SU-2015:2053-2
SUSE-SU-2017:0084-1
SUSE-SU-2017:1836-1
SUSE-SU-2017:2143-1
SUSE-SU-2017:2144-1
SUSE-SU-2019:2309-1
SUSE-SU-2020:0439-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND cups-filters-1.20.3-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libu2f-host-1.1.6-lp151.2.6 is installed
  • OR libu2f-host-devel-1.1.6-lp151.2.6 is installed
  • OR libu2f-host-doc-1.1.6-lp151.2.6 is installed
  • OR libu2f-host0-1.1.6-lp151.2.6 is installed
  • OR pam_u2f-1.0.8-lp151.2.3 is installed
  • OR u2f-host-1.1.6-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • Mesa-7.11.2-0.9 is installed
  • OR Mesa-32bit-7.11.2-0.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • freetype2-2.3.7-25.34 is installed
  • OR freetype2-32bit-2.3.7-25.34 is installed
  • OR ft2demos-2.3.7-25.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.95-0.17 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.95-0.17 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.95-0.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • cups-1.7.5-5 is installed
  • OR cups-client-1.7.5-5 is installed
  • OR cups-libs-1.7.5-5 is installed
  • OR cups-libs-32bit-1.7.5-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • xscreensaver-5.22-7 is installed
  • OR xscreensaver-data-5.22-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libxml2-2-2.9.4-27 is installed
  • OR libxml2-2-32bit-2.9.4-27 is installed
  • OR libxml2-tools-2.9.4-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND ctags-5.8-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libvirt-4.0.0-6 is installed
  • OR libvirt-admin-4.0.0-6 is installed
  • OR libvirt-client-4.0.0-6 is installed
  • OR libvirt-daemon-4.0.0-6 is installed
  • OR libvirt-daemon-config-network-4.0.0-6 is installed
  • OR libvirt-daemon-config-nwfilter-4.0.0-6 is installed
  • OR libvirt-daemon-driver-interface-4.0.0-6 is installed
  • OR libvirt-daemon-driver-libxl-4.0.0-6 is installed
  • OR libvirt-daemon-driver-lxc-4.0.0-6 is installed
  • OR libvirt-daemon-driver-network-4.0.0-6 is installed
  • OR libvirt-daemon-driver-nodedev-4.0.0-6 is installed
  • OR libvirt-daemon-driver-nwfilter-4.0.0-6 is installed
  • OR libvirt-daemon-driver-qemu-4.0.0-6 is installed
  • OR libvirt-daemon-driver-secret-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-core-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-disk-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-iscsi-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-logical-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-mpath-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-rbd-4.0.0-6 is installed
  • OR libvirt-daemon-driver-storage-scsi-4.0.0-6 is installed
  • OR libvirt-daemon-lxc-4.0.0-6 is installed
  • OR libvirt-daemon-qemu-4.0.0-6 is installed
  • OR libvirt-daemon-xen-4.0.0-6 is installed
  • OR libvirt-doc-4.0.0-6 is installed
  • OR libvirt-libs-4.0.0-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • nginx-1.14.2-6.3 is installed
  • OR nginx-source-1.14.2-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND apache2-mod_jk-1.2.40-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_57-default-10-2 is installed
  • OR kgraft-patch-3_12_74-60_64_57-xen-10-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_20-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libipa_hbac0-1.13.4-18 is installed
  • OR libsss_idmap0-1.13.4-18 is installed
  • OR libsss_sudo-1.13.4-18 is installed
  • OR python-sssd-config-1.13.4-18 is installed
  • OR sssd-1.13.4-18 is installed
  • OR sssd-32bit-1.13.4-18 is installed
  • OR sssd-ad-1.13.4-18 is installed
  • OR sssd-ipa-1.13.4-18 is installed
  • OR sssd-krb5-1.13.4-18 is installed
  • OR sssd-krb5-common-1.13.4-18 is installed
  • OR sssd-ldap-1.13.4-18 is installed
  • OR sssd-proxy-1.13.4-18 is installed
  • OR sssd-tools-1.13.4-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.121-92.109 is installed
  • OR kernel-default-base-4.4.121-92.109 is installed
  • OR kernel-default-devel-4.4.121-92.109 is installed
  • OR kernel-default-man-4.4.121-92.109 is installed
  • OR kernel-devel-4.4.121-92.109 is installed
  • OR kernel-macros-4.4.121-92.109 is installed
  • OR kernel-source-4.4.121-92.109 is installed
  • OR kernel-syms-4.4.121-92.109 is installed
  • OR kgraft-patch-4_4_121-92_109-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_29-1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND sudo-1.8.20p2-3.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_64-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_20-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • liblouis-2.6.4-6.6 is installed
  • OR liblouis-data-2.6.4-6.6 is installed
  • OR liblouis9-2.6.4-6.6 is installed
  • OR python-louis-2.6.4-6.6 is installed
  • OR python3-louis-2.6.4-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND python-keystonemiddleware-2.3.1-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • BACK