OVAL Reference oval:org.opensuse.security:def:53396

Oval Definition:

oval:org.opensuse.security:def:53396

Revision Date:	2020-12-01	Version:	1
Title:	Security update for tomcat (Moderate)
Description:	This update for tomcat to 9.0.12 fixes the following issues: See the full changelog at: http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) Security issues fixed: - CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. (bsc#1110850)
Family:	unix	Class:	patch
Status:		Reference(s):	1010977 1010979 1011830 1012530 1015379 1015993 1018699 1018700 1018701 1018702 1027565 1028372 1030573 1040170 1042803 1110850 1150711 1155690 1156202 1160682 946880 972468 CVE-2009-0163 CVE-2009-2285 CVE-2009-2347 CVE-2009-2820 CVE-2009-3553 CVE-2010-0393 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2065 CVE-2010-2067 CVE-2010-2074 CVE-2010-2233 CVE-2010-2941 CVE-2010-4665 CVE-2011-0192 CVE-2011-1167 CVE-2011-2483 CVE-2011-3177 CVE-2012-1173 CVE-2012-2113 CVE-2012-3401 CVE-2012-4564 CVE-2012-4929 CVE-2012-5519 CVE-2012-6094 CVE-2013-1960 CVE-2013-1961 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2013-7447 CVE-2014-2856 CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9655 CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 CVE-2015-1547 CVE-2015-5567 CVE-2015-5568 CVE-2015-5570 CVE-2015-5571 CVE-2015-5572 CVE-2015-5573 CVE-2015-5574 CVE-2015-5575 CVE-2015-5576 CVE-2015-5577 CVE-2015-5578 CVE-2015-5579 CVE-2015-5580 CVE-2015-5581 CVE-2015-5582 CVE-2015-5584 CVE-2015-5587 CVE-2015-5588 CVE-2015-6676 CVE-2015-6677 CVE-2015-6678 CVE-2015-6679 CVE-2015-6682 CVE-2015-7554 CVE-2015-7555 CVE-2015-8079 CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2016-0636 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-3186 CVE-2016-3622 CVE-2016-3623 CVE-2016-3658 CVE-2016-3945 CVE-2016-3977 CVE-2016-3990 CVE-2016-3991 CVE-2016-5314 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5875 CVE-2016-7867 CVE-2016-7868 CVE-2016-7869 CVE-2016-7870 CVE-2016-7871 CVE-2016-7872 CVE-2016-7873 CVE-2016-7874 CVE-2016-7875 CVE-2016-7876 CVE-2016-7877 CVE-2016-7878 CVE-2016-7879 CVE-2016-7880 CVE-2016-7881 CVE-2016-7890 CVE-2016-7892 CVE-2016-8654 CVE-2016-9131 CVE-2016-9147 CVE-2016-9273 CVE-2016-9297 CVE-2016-9395 CVE-2016-9398 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443 CVE-2016-9444 CVE-2016-9448 CVE-2016-9453 CVE-2016-9560 CVE-2016-9591 CVE-2016-9621 CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633 CVE-2017-2636 CVE-2017-5225 CVE-2017-7184 CVE-2017-9083 CVE-2017-9406 CVE-2018-11784 CVE-2019-20372 SUSE-SU-2015:1618-1 SUSE-SU-2016:0959-1 SUSE-SU-2016:3148-1 SUSE-SU-2017:0084-1 SUSE-SU-2017:0111-1 SUSE-SU-2017:0864-1 SUSE-SU-2017:1672-1 SUSE-SU-2018:3968-1 SUSE-SU-2020:1171-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information glibc-2.26-lp150.10 is installed OR glibc-32bit-2.26-lp150.10 is installed OR glibc-extra-2.26-lp150.10 is installed OR glibc-locale-2.26-lp150.10 is installed OR glibc-locale-32bit-2.26-lp150.10 is installed OR nscd-2.26-lp150.10 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information tomcat-9.0.21-lp151.3.3 is installed OR tomcat-admin-webapps-9.0.21-lp151.3.3 is installed OR tomcat-docs-webapp-9.0.21-lp151.3.3 is installed OR tomcat-el-3_0-api-9.0.21-lp151.3.3 is installed OR tomcat-embed-9.0.21-lp151.3.3 is installed OR tomcat-javadoc-9.0.21-lp151.3.3 is installed OR tomcat-jsp-2_3-api-9.0.21-lp151.3.3 is installed OR tomcat-jsvc-9.0.21-lp151.3.3 is installed OR tomcat-lib-9.0.21-lp151.3.3 is installed OR tomcat-servlet-4_0-api-9.0.21-lp151.3.3 is installed OR tomcat-webapps-9.0.21-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.9esr-0.3 is installed OR MozillaFirefox-translations-17.0.9esr-0.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information cups-1.3.9-8.46.52 is installed OR cups-client-1.3.9-8.46.52 is installed OR cups-libs-1.3.9-8.46.52 is installed OR cups-libs-32bit-1.3.9-8.46.52 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.6.1esr-34 is installed OR MozillaFirefox-translations-38.6.1esr-34 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.521-102 is installed OR flash-player-gnome-11.2.202.521-102 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information flash-player-24.0.0.186-152 is installed OR flash-player-gnome-24.0.0.186-152 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libpoppler44-0.24.4-14.3 is installed OR poppler-0.24.4-14.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cups-1.7.5-19 is installed OR cups-client-1.7.5-19 is installed OR cups-libs-1.7.5-19 is installed OR cups-libs-32bit-1.7.5-19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gtk2-data-2.24.31-7 is installed OR gtk2-lang-2.24.31-7 is installed OR gtk2-tools-2.24.31-7 is installed OR gtk2-tools-32bit-2.24.31-7 is installed OR libgtk-2_0-0-2.24.31-7 is installed OR libgtk-2_0-0-32bit-2.24.31-7 is installed OR typelib-1_0-Gtk-2_0-2.24.31-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information tomcat-9.0.12-3.8 is installed OR tomcat-admin-webapps-9.0.12-3.8 is installed OR tomcat-el-3_0-api-9.0.12-3.8 is installed OR tomcat-jsp-2_3-api-9.0.12-3.8 is installed OR tomcat-lib-9.0.12-3.8 is installed OR tomcat-servlet-4_0-api-9.0.12-3.8 is installed OR tomcat-webapps-9.0.12-3.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information file-5.19-9 is installed OR file-magic-5.19-9 is installed OR libmagic1-5.19-9 is installed OR libmagic1-32bit-5.19-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND shim-0.9-20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.6_06-43.51 is installed OR xen-doc-html-4.7.6_06-43.51 is installed OR xen-libs-4.7.6_06-43.51 is installed OR xen-libs-32bit-4.7.6_06-43.51 is installed OR xen-tools-4.7.6_06-43.51 is installed OR xen-tools-domU-4.7.6_06-43.51 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gdm-3.10.0.1-54.6 is installed OR gdm-lang-3.10.0.1-54.6 is installed OR gdmflexiserver-3.10.0.1-54.6 is installed OR libgdm1-3.10.0.1-54.6 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-54.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-mod_perl-2.0.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND nginx-1.16.1-3.12 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information MozillaFirefox-52.8.0esr-109.31 is installed OR MozillaFirefox-devel-52.8.0esr-109.31 is installed OR MozillaFirefox-translations-52.8.0esr-109.31 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libecpg6-10.5-1.3 is installed OR libpq5-10.5-1.3 is installed OR libpq5-32bit-10.5-1.3 is installed OR postgresql-init-10-17.20 is installed OR postgresql10-10.5-1.3 is installed OR postgresql10-contrib-10.5-1.3 is installed OR postgresql10-docs-10.5-1.3 is installed OR postgresql10-libs-10.5-1.3 is installed OR postgresql10-server-10.5-1.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND sudo-1.8.20p2-3.17 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.29-3.22 is installed OR mariadb-galera-10.2.29-3.22 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND couchdb-1.7.2-3.3 is installed

BACK