OVAL Reference oval:org.opensuse.security:def:53441

Oval Definition:

oval:org.opensuse.security:def:53441

Revision Date:	2020-12-01	Version:	1
Title:	Security update for tomcat (Important)
Description:	This update for tomcat to version 9.0.30 fixes the following issues: Security issue fixed: - CVE-2019-12418: Fixed a local privilege escalation through by manipulating the RMI registry and performing a man-in-the-middle attack (bsc#1159723). - CVE-2019-17563: Fixed a session fixation attack when using FORM authentication (bsc#1159729).
Family:	unix	Class:	patch
Status:		Reference(s):	1000118 1000189 1000287 1000304 1000433 1000776 1001169 1001171 1001310 1001462 1001486 1001888 1002322 1002770 1002786 1003068 1003566 1003581 1003606 1003813 1003866 1003964 1004048 1004052 1004252 1004365 1004517 1005169 1005327 1005545 1005666 1005745 1005895 1005917 1005921 1005923 1005925 1005929 1006103 1006175 1006267 1006528 1006576 1006804 1006809 1006827 1006915 1006918 1007197 1007615 1007653 1007955 1008557 1008979 1009062 1009969 1010040 1010158 1010444 1010478 1010507 1010665 1010690 1010970 1011176 1011250 1011913 1012060 1012094 1012452 1012767 1012829 1012992 1013001 1013479 1013531 1013700 1014120 1014392 1014701 1014710 1015212 1015359 1015367 1015416 1018128 1030263 1032114 1032120 1034849 1036453 1051643 1051644 1139924 1159723 1159729 1174117 1174121 799133 914939 916343 916785 922634 939342 942628 959277 963017 963609 963655 963904 964462 966170 966172 966186 966191 966316 966318 966325 966471 969474 969475 969476 969477 969756 971975 971989 972993 974313 974842 974843 978907 979378 979681 981825 983087 983152 983318 985850 986255 986987 987641 987703 987805 988524 988715 990384 992555 993739 993841 993891 994881 995278 997059 997639 997807 998054 998689 999907 999932 CVE-2007-4129 CVE-2008-2109 CVE-2010-1205 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3026 CVE-2011-3048 CVE-2011-3328 CVE-2011-3464 CVE-2012-3386 CVE-2013-1987 CVE-2014-3564 CVE-2015-0245 CVE-2015-1350 CVE-2015-3228 CVE-2015-3451 CVE-2015-5185 CVE-2015-7201 CVE-2015-7202 CVE-2015-7205 CVE-2015-7210 CVE-2015-7212 CVE-2015-7213 CVE-2015-7214 CVE-2015-7222 CVE-2015-8126 CVE-2015-8540 CVE-2015-8964 CVE-2016-10087 CVE-2016-10220 CVE-2016-7039 CVE-2016-7042 CVE-2016-7425 CVE-2016-7913 CVE-2016-7917 CVE-2016-7949 CVE-2016-7950 CVE-2016-8645 CVE-2016-8666 CVE-2016-9083 CVE-2016-9084 CVE-2016-9601 CVE-2016-9793 CVE-2016-9919 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2020-13934 CVE-2020-13935 SUSE-SU-2015:0457-1 SUSE-SU-2015:2116-1 SUSE-SU-2015:2335-1 SUSE-SU-2016:0884-1 SUSE-SU-2017:0181-1 SUSE-SU-2017:1138-1 SUSE-SU-2017:1445-1 SUSE-SU-2017:2174-1 SUSE-SU-2020:0029-1 SUSE-SU-2020:2045-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information dbus-1-glib-0.108-lp150.1 is installed OR dbus-1-glib-tool-0.108-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information MozillaThunderbird-60.7.0-lp151.2.4 is installed OR MozillaThunderbird-buildsymbols-60.7.0-lp151.2.4 is installed OR MozillaThunderbird-translations-common-60.7.0-lp151.2.4 is installed OR MozillaThunderbird-translations-other-60.7.0-lp151.2.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libopenssl0_9_8-0.9.8j-0.50 is installed OR libopenssl0_9_8-32bit-0.9.8j-0.50 is installed OR openssl-0.9.8j-0.50 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.6.0esr-0.8 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.6.0esr-0.8 is installed OR libfreebl3-3.16.1-0.8 is installed OR libfreebl3-32bit-3.16.1-0.8 is installed OR libsoftokn3-3.16.1-0.8 is installed OR libsoftokn3-32bit-3.16.1-0.8 is installed OR mozilla-nspr-4.10.6-0.3 is installed OR mozilla-nspr-32bit-4.10.6-0.3 is installed OR mozilla-nss-3.16.1-0.8 is installed OR mozilla-nss-32bit-3.16.1-0.8 is installed OR mozilla-nss-tools-3.16.1-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information icu-4.0-7.30 is installed OR libicu-4.0-7.30 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information dbus-1-1.8.16-14 is installed OR dbus-1-x11-1.8.16-14 is installed OR libdbus-1-3-1.8.16-14 is installed OR libdbus-1-3-32bit-1.8.16-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information MozillaFirefox-38.5.0esr-54 is installed OR MozillaFirefox-translations-38.5.0esr-54 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information curl-7.37.0-37.3 is installed OR libcurl4-7.37.0-37.3 is installed OR libcurl4-32bit-7.37.0-37.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gpgme-1.5.1-1 is installed OR libgpgme11-1.5.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND coolkey-1.1.0-148.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.30-4.10 is installed OR tomcat-admin-webapps-9.0.30-4.10 is installed OR tomcat-el-3_0-api-9.0.30-4.10 is installed OR tomcat-jsp-2_3-api-9.0.30-4.10 is installed OR tomcat-lib-9.0.30-4.10 is installed OR tomcat-servlet-4_0-api-9.0.30-4.10 is installed OR tomcat-webapps-9.0.30-4.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information dbus-1-glib-0.100.2-3 is installed OR dbus-1-glib-32bit-0.100.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_29-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_29-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_12-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND shadow-4.2.1-27.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.6_05-43.45 is installed OR xen-doc-html-4.7.6_05-43.45 is installed OR xen-libs-4.7.6_05-43.45 is installed OR xen-libs-32bit-4.7.6_05-43.45 is installed OR xen-tools-4.7.6_05-43.45 is installed OR xen-tools-domU-4.7.6_05-43.45 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fuse-2.9.3-5 is installed OR libfuse2-2.9.3-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mutt-1.10.1-55.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libasm1-32bit-0.158-6 is installed OR libdw1-0.158-6 is installed OR libdw1-32bit-0.158-6 is installed OR libebl1-0.158-6 is installed OR libebl1-32bit-0.158-6 is installed OR libelf-devel-0.158-6 is installed OR libelf1-0.158-6 is installed OR libelf1-32bit-0.158-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information tomcat-9.0.36-3.65 is installed OR tomcat-admin-webapps-9.0.36-3.65 is installed OR tomcat-el-3_0-api-9.0.36-3.65 is installed OR tomcat-jsp-2_3-api-9.0.36-3.65 is installed OR tomcat-lib-9.0.36-3.65 is installed OR tomcat-servlet-4_0-api-9.0.36-3.65 is installed OR tomcat-webapps-9.0.36-3.65 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ntp-4.2.8p4-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND python-XStatic-jquery-ui-1.11.0.1-2.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND ansible-2.4.6.0-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.1-11.30 is installed

BACK