OVAL Reference oval:org.opensuse.security:def:53400

Oval Definition:

oval:org.opensuse.security:def:53400

Revision Date:	2020-12-01	Version:	1
Title:	Security update for tomcat (Moderate)
Description:	This update for tomcat to version 9.0.20 fixes the following issues: Security issues fixed: - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames (bsc#1131055). - CVE-2019-0221: Fixed a cross site scripting vulnerability with the SSI printenv command (bsc#1136085). Non-security issues fixed: - Increase maximum number of threads and open files for tomcat (bsc#1111966).
Family:	unix	Class:	patch
Status:		Reference(s):	1000092 1000619 1003077 1005410 1005918 1006118 1006469 1006472 1007729 1007925 1008340 1008648 1008742 1009434 1009546 1009674 1009718 1009911 1010612 1010690 1010933 1011176 1011377 1011390 1011395 1011398 1011404 1011406 1011411 1011417 1011602 1011660 1011913 1012382 1012422 1012829 1012910 1013000 1013001 1013273 1013540 1013792 1013994 1014120 1014410 1015038 1015367 1015840 1016250 1016403 1016517 1016884 1016979 1017141 1017164 1017170 1017410 1017646 1017695 1018100 1018316 1018358 1018446 1018813 1018870 1018913 1019061 1019148 1019168 1019260 1019351 1019594 1019630 1019631 1019784 1019851 1019938 1020048 1020063 1020214 1020488 1020602 1020685 1020817 1020945 1020975 1021082 1021248 1021251 1021258 1021260 1021294 1021455 1021474 1021687 1022304 1022429 1022476 1022547 1022559 1022971 1023101 1023175 1023762 1023884 1023888 1024081 1024234 1024508 1024724 1024938 1025235 1027053 1027057 1111966 1131055 1136085 1170771 902375 921494 930361 930362 943216 947003 956365 958791 959709 964944 969476 969477 969479 971975 974215 974657 981252 981709 982783 985561 987192 987576 988028 989056 991273 992038 992606 998106 CVE-2009-2624 CVE-2010-0001 CVE-2011-2709 CVE-2012-0804 CVE-2013-1982 CVE-2014-0107 CVE-2014-10070 CVE-2014-10071 CVE-2014-10072 CVE-2014-9720 CVE-2015-4500 CVE-2015-4501 CVE-2015-4506 CVE-2015-4509 CVE-2015-4511 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-5219 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 CVE-2015-8540 CVE-2015-8709 CVE-2016-10087 CVE-2016-10714 CVE-2016-7117 CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-8637 CVE-2016-9310 CVE-2016-9311 CVE-2016-9806 CVE-2017-18205 CVE-2017-2583 CVE-2017-2584 CVE-2017-5551 CVE-2017-5576 CVE-2017-5577 CVE-2017-5897 CVE-2017-5953 CVE-2017-5970 CVE-2017-5986 CVE-2017-6349 CVE-2017-6350 CVE-2018-1071 CVE-2018-1083 CVE-2018-7549 CVE-2019-0199 CVE-2019-0221 CVE-2020-12243 SUSE-SU-2015:1680-1 SUSE-SU-2016:1195-1 SUSE-SU-2016:3195-1 SUSE-SU-2017:0575-1 SUSE-SU-2017:0950-1 SUSE-SU-2017:0951-1 SUSE-SU-2017:1712-1 SUSE-SU-2019:1693-1 SUSE-SU-2020:1219-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gnome-settings-daemon-3.26.2-lp150.5 is installed OR gnome-settings-daemon-lang-3.26.2-lp150.5 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.142-7 is installed OR chromium-75.0.3770.142-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information bytefx-data-mysql-2.6.7-0.9 is installed OR ibm-data-db2-2.6.7-0.9 is installed OR mono-core-2.6.7-0.9 is installed OR mono-data-2.6.7-0.9 is installed OR mono-data-firebird-2.6.7-0.9 is installed OR mono-data-oracle-2.6.7-0.9 is installed OR mono-data-postgresql-2.6.7-0.9 is installed OR mono-data-sqlite-2.6.7-0.9 is installed OR mono-data-sybase-2.6.7-0.9 is installed OR mono-devel-2.6.7-0.9 is installed OR mono-extras-2.6.7-0.9 is installed OR mono-jscript-2.6.7-0.9 is installed OR mono-locale-extras-2.6.7-0.9 is installed OR mono-nunit-2.6.7-0.9 is installed OR mono-wcf-2.6.7-0.9 is installed OR mono-web-2.6.7-0.9 is installed OR mono-winforms-2.6.7-0.9 is installed OR monodoc-core-2.6.7-0.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information dbus-1-1.2.10-3.31 is installed OR dbus-1-32bit-1.2.10-3.31 is installed OR dbus-1-x11-1.2.10-3.31 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information augeas-0.9.0-3.17 is installed OR libaugeas0-0.9.0-3.17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-38.3.0esr-48 is installed OR MozillaFirefox-translations-38.3.0esr-48 is installed OR mozilla-nspr-4.10.9-6 is installed OR mozilla-nspr-32bit-4.10.9-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information ntp-4.2.8p9-55 is installed OR ntp-doc-4.2.8p9-55 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gvim-7.4.326-16 is installed OR vim-7.4.326-16 is installed OR vim-data-7.4.326-16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND cvs-1.12.12-181 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND gzip-1.6-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information tomcat-9.0.20-3.24 is installed OR tomcat-admin-webapps-9.0.20-3.24 is installed OR tomcat-el-3_0-api-9.0.20-3.24 is installed OR tomcat-jsp-2_3-api-9.0.20-3.24 is installed OR tomcat-lib-9.0.20-3.24 is installed OR tomcat-servlet-4_0-api-9.0.20-3.24 is installed OR tomcat-webapps-9.0.20-3.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND gd-2.1.0-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libecpg6-9.6.4-3.6 is installed OR libpq5-9.6.4-3.6 is installed OR libpq5-32bit-9.6.4-3.6 is installed OR postgresql96-9.6.4-3.6 is installed OR postgresql96-contrib-9.6.4-3.6 is installed OR postgresql96-docs-9.6.4-3.6 is installed OR postgresql96-libs-9.6.4-3.6 is installed OR postgresql96-server-9.6.4-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information squidGuard-1.4-23 is installed OR squidGuard-doc-1.4-23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-2-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND busybox-1.21.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND sudo-1.8.20p2-3.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND autofs-5.0.9-28.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libldap-2_4-2-2.4.46-9.28 is installed OR libldap-2_4-2-32bit-2.4.46-9.28 is installed OR libldap-data-2.4.46-9.28 is installed OR openldap2-2.4.46-9.28 is installed OR openldap2-back-meta-2.4.46-9.28 is installed OR openldap2-back-perl-2.4.46-9.28 is installed OR openldap2-client-2.4.46-9.28 is installed OR openldap2-devel-2.4.46-9.28 is installed OR openldap2-devel-32bit-2.4.46-9.28 is installed OR openldap2-devel-static-2.4.46-9.28 is installed OR openldap2-ppolicy-check-password-1.2-9.28 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information ntp-4.2.8p12-64.8 is installed OR ntp-doc-4.2.8p12-64.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libexif-0.6.21-8.6 is installed OR libexif12-0.6.21-8.6 is installed OR libexif12-32bit-0.6.21-8.6 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-requests-2.20.1-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information kafka-0.10.2.2-5.6 is installed OR openstack-monasca-api-2.2.1~dev24-3.6 is installed OR python-monasca-api-2.2.1~dev24-3.6 is installed

BACK