Oval Definition:	oval:org.opensuse.security:def:53420
Revision Date: 2020-12-01 Version: 1 Title: Security update for tomcat (Moderate) Description: This update for tomcat to version 9.0.21 fixes the following issues: Security issues fixed: - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames (bsc#1131055). - CVE-2019-0221: Fixed a cross site scripting vulnerability with the SSI printenv command (bsc#1136085). Non-security issues fixed: - Increase maximum number of threads and open files for tomcat (bsc#1111966). Family: unix Class: patch Status: Reference(s): 1022703 1026978 1026979 1026980 1026981 1026982 1026983 1026984 1026985 1026986 1026987 1026988 1028655 1029827 1030144 1034843 1034844 1034994 1035204 1036146 1046856 1050244 1051510 1051858 1058115 1061840 1065600 1065729 1071995 1085030 1086301 1086313 1086314 1089895 1109911 1111966 1114279 1118338 1120386 1131055 1134973 1136085 1143959 1144333 1151910 1151927 1153917 1154243 1154824 1156286 1157155 1157157 1157692 1158013 1158021 1158026 1158265 1158819 1159028 1159198 1159271 1159285 1159394 1159483 1159484 1159569 1159588 1159841 1159908 1159909 1159910 1159911 1159955 1160195 1160210 1160211 1160218 1160433 1160442 1160476 1160560 1160755 1160756 1160784 1160787 1160802 1160803 1160804 1160917 1160966 1161087 1161514 1161518 1161522 1161523 1161549 1161552 1161555 1161674 1161931 1161933 1161934 1161935 1161936 1161937 1161951 1162067 1162109 1162139 1162928 1162929 1162931 1163971 1164051 1164069 1164078 1164705 1164712 1164727 1164728 1164729 1164730 1164731 1164732 1164733 1164734 1164735 1164871 1165111 1165741 1165873 1165881 1165984 1165985 1166969 1167421 1167423 1167629 1168075 1168276 1168295 1168424 1168670 1168829 1168854 1169390 1169514 1169625 1170056 1170345 1170617 1170618 1170621 1170778 1170901 1171098 1171189 1171191 1171195 1171202 1171205 1171217 1171218 1171219 1171220 1171689 1171982 1171983 1172221 1172317 1172453 1172458 729190 902709 912889 932483 933922 935119 939246 943816 945484 945493 947458 948902 949399 950114 954864 956829 957162 960414 961368 962313 965576 970632 975865 CVE-2011-0461 CVE-2012-1571 CVE-2014-2892 CVE-2014-3710 CVE-2014-4877 CVE-2014-8116 CVE-2014-8117 CVE-2015-3218 CVE-2015-3255 CVE-2015-3256 CVE-2015-4625 CVE-2015-7512 CVE-2015-7747 CVE-2015-8325 CVE-2015-8345 CVE-2016-1908 CVE-2016-2347 CVE-2016-3115 CVE-2016-9082 CVE-2016-9603 CVE-2017-1000083 CVE-2017-5436 CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838 CVE-2017-6839 CVE-2017-7467 CVE-2017-7475 CVE-2017-7718 CVE-2018-1000199 CVE-2019-0199 CVE-2019-0221 CVE-2019-14615 CVE-2019-14896 CVE-2019-14897 CVE-2019-16994 CVE-2019-19036 CVE-2019-19045 CVE-2019-19054 CVE-2019-19318 CVE-2019-19319 CVE-2019-19447 CVE-2019-19462 CVE-2019-19768 CVE-2019-19770 CVE-2019-19965 CVE-2019-19966 CVE-2019-20054 CVE-2019-20095 CVE-2019-20096 CVE-2019-20810 CVE-2019-20812 CVE-2019-3701 CVE-2019-9455 CVE-2019-9458 CVE-2020-0543 CVE-2020-10690 CVE-2020-10711 CVE-2020-10720 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-10942 CVE-2020-11494 CVE-2020-11608 CVE-2020-11609 CVE-2020-11669 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12655 CVE-2020-12656 CVE-2020-12657 CVE-2020-12769 CVE-2020-13143 CVE-2020-2732 CVE-2020-7053 CVE-2020-8428 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-8834 CVE-2020-8992 CVE-2020-9383 SUSE-SU-2015:1838-1 SUSE-SU-2016:0459-1 SUSE-SU-2016:1386-1 SUSE-SU-2017:0940-1 SUSE-SU-2017:1143-1 SUSE-SU-2017:1149-1 SUSE-SU-2017:1893-1 SUSE-SU-2019:1895-1 SUSE-SU-2020:1663-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information avahi-0.6.32-lp150.3 is installed OR avahi-lang-0.6.32-lp150.3 is installed OR libavahi-client3-0.6.32-lp150.3 is installed OR libavahi-common3-0.6.32-lp150.3 is installed OR libavahi-core7-0.6.32-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-74.0.3729.157-lp151.2.3 is installed OR chromium-74.0.3729.157-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information freetype2-2.3.7-25.32 is installed OR freetype2-32bit-2.3.7-25.32 is installed OR freetype2-devel-2.3.7-25.32 is installed OR ft2demos-2.3.7-25.32 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND a2ps-4.13-1326.37 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.508-0.14 is installed OR flash-player-gnome-11.2.202.508-0.14 is installed OR flash-player-kde4-11.2.202.508-0.14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND wget-1.14-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information qemu-2.3.1-7 is installed OR qemu-block-curl-2.3.1-7 is installed OR qemu-ipxe-1.0.0-7 is installed OR qemu-kvm-2.3.1-7 is installed OR qemu-seabios-1.8.1-7 is installed OR qemu-sgabios-8-7 is installed OR qemu-tools-2.3.1-7 is installed OR qemu-vgabios-1.8.1-7 is installed OR qemu-x86-2.3.1-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information evince-3.20.1-6.14 is installed OR evince-browser-plugin-3.20.1-6.14 is installed OR evince-lang-3.20.1-6.14 is installed OR evince-plugin-djvudocument-3.20.1-6.14 is installed OR evince-plugin-dvidocument-3.20.1-6.14 is installed OR evince-plugin-pdfdocument-3.20.1-6.14 is installed OR evince-plugin-psdocument-3.20.1-6.14 is installed OR evince-plugin-tiffdocument-3.20.1-6.14 is installed OR evince-plugin-xpsdocument-3.20.1-6.14 is installed OR libevdocument3-4-3.20.1-6.14 is installed OR libevview3-3-3.20.1-6.14 is installed OR nautilus-evince-3.20.1-6.14 is installed OR typelib-1_0-EvinceDocument-3_0-3.20.1-6.14 is installed OR typelib-1_0-EvinceView-3_0-3.20.1-6.14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information file-5.19-9 is installed OR file-magic-5.19-9 is installed OR libmagic1-5.19-9 is installed OR libmagic1-32bit-5.19-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.8 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.21-4.5 is installed OR tomcat-admin-webapps-9.0.21-4.5 is installed OR tomcat-el-3_0-api-9.0.21-4.5 is installed OR tomcat-jsp-2_3-api-9.0.21-4.5 is installed OR tomcat-lib-9.0.21-4.5 is installed OR tomcat-servlet-4_0-api-9.0.21-4.5 is installed OR tomcat-webapps-9.0.21-4.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-branding-SLE-52-31 is installed OR MozillaFirefox-devel-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND wget-1.14-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_104-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_28-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information crash-7.2.1-2 is installed OR crash-kmp-default-7.2.1_k4.12.14_94.41-2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information kernel-default-4.12.14-150.52 is installed OR kernel-default-base-4.12.14-150.52 is installed OR kernel-default-devel-4.12.14-150.52 is installed OR kernel-default-man-4.12.14-150.52 is installed OR kernel-devel-4.12.14-150.52 is installed OR kernel-docs-4.12.14-150.52 is installed OR kernel-macros-4.12.14-150.52 is installed OR kernel-obs-build-4.12.14-150.52 is installed OR kernel-source-4.12.14-150.52 is installed OR kernel-syms-4.12.14-150.52 is installed OR kernel-vanilla-4.12.14-150.52 is installed OR kernel-vanilla-base-4.12.14-150.52 is installed OR kernel-zfcpdump-4.12.14-150.52 is installed OR reiserfs-kmp-default-4.12.14-150.52 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-cinder-7.0.2~a0~dev1-1 is installed OR openstack-cinder-api-7.0.2~a0~dev1-1 is installed OR openstack-cinder-backup-7.0.2~a0~dev1-1 is installed OR openstack-cinder-scheduler-7.0.2~a0~dev1-1 is installed OR openstack-cinder-volume-7.0.2~a0~dev1-1 is installed OR python-cinder-7.0.2~a0~dev1-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND memcached-1.4.39-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.6.0-109.110 is installed OR MozillaFirefox-translations-common-68.6.0-109.110 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND slf4j-1.7.12-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.6 is installed
BACK