Oval Definition:	oval:org.opensuse.security:def:53296
Revision Date: 2020-12-01 Version: 1 Title: Security update for apache2 (Important) Description: This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404). - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect (bsc#1168407). - CVE-2020-1938: mod_proxy_ajp: Add 'secret' parameter to proxy workers to implement legacy AJP13 authentication (bsc#1169066). Family: unix Class: patch Status: Reference(s): 1003898 1017646 1017902 1018556 1052916 1161883 1168404 1168407 1169066 1174458 921070 940191 946204 958791 984990 985609 985665 985669 985673 985675 985679 985682 985685 985688 985689 985697 985698 985700 985703 985704 985706 985826 985832 985835 CVE-2010-4651 CVE-2012-0786 CVE-2012-2150 CVE-2013-1987 CVE-2013-7447 CVE-2014-8119 CVE-2015-1196 CVE-2015-1395 CVE-2015-1396 CVE-2015-1782 CVE-2015-7236 CVE-2015-8540 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-10087 CVE-2016-10109 CVE-2016-4300 CVE-2016-4301 CVE-2016-4302 CVE-2016-4809 CVE-2016-6153 CVE-2016-6855 CVE-2016-7949 CVE-2016-7950 CVE-2017-2885 CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5977 CVE-2017-5978 CVE-2017-5979 CVE-2017-5981 CVE-2018-17828 CVE-2018-6381 CVE-2018-6484 CVE-2018-6540 CVE-2018-6542 CVE-2018-7725 CVE-2018-7726 CVE-2020-14339 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 SUSE-SU-2015:0669-1 SUSE-SU-2015:1705-2 SUSE-SU-2016:1909-1 SUSE-SU-2017:0286-1 SUSE-SU-2017:0292-1 SUSE-SU-2017:0860-1 SUSE-SU-2017:2129-1 SUSE-SU-2020:1126-1 SUSE-SU-2020:2269-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information fuse-2.9.7-lp150.1 is installed OR libfuse2-2.9.7-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information containerd-1.2.5-lp151.2.3 is installed OR containerd-ctr-1.2.5-lp151.2.3 is installed OR containerd-test-1.2.5-lp151.2.3 is installed OR docker-18.09.6_ce-lp151.2.3 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.3 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed OR docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed OR docker-test-18.09.6_ce-lp151.2.3 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.3 is installed OR go-1.12-lp151.2.3 is installed OR go-doc-1.12-lp151.2.3 is installed OR go-race-1.12-lp151.2.3 is installed OR go1.11-1.11.9-lp151.2.3 is installed OR go1.11-doc-1.11.9-lp151.2.3 is installed OR go1.11-race-1.11.9-lp151.2.3 is installed OR go1.12-1.12.4-lp151.2.3 is installed OR go1.12-doc-1.12.4-lp151.2.3 is installed OR go1.12-race-1.12.4-lp151.2.3 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.5esr-0.4 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.5esr-0.4 is installed OR libfreebl3-3.14.3-0.4.3 is installed OR libfreebl3-32bit-3.14.3-0.4.3 is installed OR mozilla-nspr-4.9.6-0.3 is installed OR mozilla-nspr-32bit-4.9.6-0.3 is installed OR mozilla-nss-3.14.3-0.4.3 is installed OR mozilla-nss-32bit-3.14.3-0.4.3 is installed OR mozilla-nss-tools-3.14.3-0.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information icu-4.0-7.28 is installed OR libicu-4.0-7.28 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libssh2-1-1.4.3-11 is installed OR libssh2-1-32bit-1.4.3-11 is installed OR libssh2_org-1.4.3-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libarchive-3.1.2-22 is installed OR libarchive13-3.1.2-22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND patch-2.7.5-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information augeas-1.2.0-15 is installed OR augeas-lenses-1.2.0-15 is installed OR libaugeas0-1.2.0-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND libzzip-0-13-0.13.67-10.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libvirt-6.0.0-13.3 is installed OR libvirt-admin-6.0.0-13.3 is installed OR libvirt-bash-completion-6.0.0-13.3 is installed OR libvirt-client-6.0.0-13.3 is installed OR libvirt-daemon-6.0.0-13.3 is installed OR libvirt-daemon-config-network-6.0.0-13.3 is installed OR libvirt-daemon-config-nwfilter-6.0.0-13.3 is installed OR libvirt-daemon-driver-interface-6.0.0-13.3 is installed OR libvirt-daemon-driver-libxl-6.0.0-13.3 is installed OR libvirt-daemon-driver-lxc-6.0.0-13.3 is installed OR libvirt-daemon-driver-network-6.0.0-13.3 is installed OR libvirt-daemon-driver-nodedev-6.0.0-13.3 is installed OR libvirt-daemon-driver-nwfilter-6.0.0-13.3 is installed OR libvirt-daemon-driver-qemu-6.0.0-13.3 is installed OR libvirt-daemon-driver-secret-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-core-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-disk-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-iscsi-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-logical-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-mpath-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-rbd-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-scsi-6.0.0-13.3 is installed OR libvirt-daemon-hooks-6.0.0-13.3 is installed OR libvirt-daemon-lxc-6.0.0-13.3 is installed OR libvirt-daemon-qemu-6.0.0-13.3 is installed OR libvirt-daemon-xen-6.0.0-13.3 is installed OR libvirt-devel-6.0.0-13.3 is installed OR libvirt-doc-6.0.0-13.3 is installed OR libvirt-lock-sanlock-6.0.0-13.3 is installed OR libvirt-nss-6.0.0-13.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_40-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_40-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_15-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libmysqlclient18-10.0.27-12 is installed OR libmysqlclient18-32bit-10.0.27-12 is installed OR mariadb-10.0.27-12 is installed OR mariadb-client-10.0.27-12 is installed OR mariadb-errormessages-10.0.27-12 is installed OR mariadb-tools-10.0.27-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information gstreamer-plugins-base-1.8.3-13.3 is installed OR gstreamer-plugins-base-lang-1.8.3-13.3 is installed OR libgstallocators-1_0-0-1.8.3-13.3 is installed OR libgstapp-1_0-0-1.8.3-13.3 is installed OR libgstapp-1_0-0-32bit-1.8.3-13.3 is installed OR libgstaudio-1_0-0-1.8.3-13.3 is installed OR libgstaudio-1_0-0-32bit-1.8.3-13.3 is installed OR libgstfft-1_0-0-1.8.3-13.3 is installed OR libgstpbutils-1_0-0-1.8.3-13.3 is installed OR libgstpbutils-1_0-0-32bit-1.8.3-13.3 is installed OR libgstriff-1_0-0-1.8.3-13.3 is installed OR libgstrtp-1_0-0-1.8.3-13.3 is installed OR libgstrtsp-1_0-0-1.8.3-13.3 is installed OR libgstsdp-1_0-0-1.8.3-13.3 is installed OR libgsttag-1_0-0-1.8.3-13.3 is installed OR libgsttag-1_0-0-32bit-1.8.3-13.3 is installed OR libgstvideo-1_0-0-1.8.3-13.3 is installed OR libgstvideo-1_0-0-32bit-1.8.3-13.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtiff5-4.0.9-44.21 is installed OR libtiff5-32bit-4.0.9-44.21 is installed OR tiff-4.0.9-44.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-designate-1.0.3~a0~dev10-6 is installed OR openstack-designate-agent-1.0.3~a0~dev10-6 is installed OR openstack-designate-api-1.0.3~a0~dev10-6 is installed OR openstack-designate-central-1.0.3~a0~dev10-6 is installed OR openstack-designate-doc-1.0.3~a0~dev10-6 is installed OR openstack-designate-sink-1.0.3~a0~dev10-6 is installed OR openstack-ironic-4.2.5-6 is installed OR openstack-ironic-api-4.2.5-6 is installed OR openstack-ironic-conductor-4.2.5-6 is installed OR openstack-ironic-doc-4.2.5-6 is installed OR openstack-neutron-vpn-agent-7.0.5~a0~dev3-6 is installed OR openstack-neutron-vpnaas-7.0.5~a0~dev3-6 is installed OR openstack-neutron-vpnaas-doc-7.0.5~a0~dev3-6 is installed OR openstack-nova-docker-0.0.1~a0~dev238-4 is installed OR openstack-sahara-3.0.3~a0~dev1-6 is installed OR openstack-sahara-api-3.0.3~a0~dev1-6 is installed OR openstack-sahara-doc-3.0.3~a0~dev1-6 is installed OR openstack-sahara-engine-3.0.3~a0~dev1-6 is installed OR openstack-tempest-7.0.0-9 is installed OR openstack-tempest-test-7.0.0-9 is installed OR openstack-trove-4.0.1~a0~dev19-8 is installed OR openstack-trove-api-4.0.1~a0~dev19-8 is installed OR openstack-trove-conductor-4.0.1~a0~dev19-8 is installed OR openstack-trove-doc-4.0.1~a0~dev19-8 is installed OR openstack-trove-guestagent-4.0.1~a0~dev19-8 is installed OR openstack-trove-taskmanager-4.0.1~a0~dev19-8 is installed OR python-designate-1.0.3~a0~dev10-6 is installed OR python-ironic-4.2.5-6 is installed OR python-neutron-vpnaas-7.0.5~a0~dev3-6 is installed OR python-sahara-3.0.3~a0~dev1-6 is installed OR python-tempest-7.0.0-9 is installed OR python-trove-4.0.1~a0~dev19-8 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.27 is installed OR apache2-doc-2.4.23-29.27 is installed OR apache2-example-pages-2.4.23-29.27 is installed OR apache2-prefork-2.4.23-29.27 is installed OR apache2-utils-2.4.23-29.27 is installed OR apache2-worker-2.4.23-29.27 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-ecdsa-0.13.3-5.10 is installed
BACK