Oval Definition:oval:org.opensuse.security:def:53448
Revision Date:2020-12-01Version:1
Title:Security update for tomcat (Important)
Description:

This update for tomcat to version 9.0.31 fixes the following issues:

Security issues fixed:

- CVE-2019-17569: Fixed a regression in the handling of Transfer-Encoding headers that would have allowed HTTP Request Smuggling (bsc#1164825). - CVE-2020-1935: Fixed an HTTP Request Smuggling issue (bsc#1164860). - CVE-2020-1938: Fixed a file contents disclosure vulnerability (bsc#1164692).
Family:unixClass:patch
Status:Reference(s):1028075
1033091
1034570
1034571
1034572
1034574
1034870
1034872
1034876
1036976
1036977
1036978
1036980
1036981
1036982
1036983
1036984
1036985
1036986
1036987
1036988
1036989
1036990
1036991
1037527
1038000
1039063
1039064
1039066
1039069
1039209
1039210
1039379
1039380
1039661
1040025
1040303
1040304
1040306
1040332
1164692
1164825
1164860
1174157
900031
905158
912214
926826
930683
957517
971942
CVE-2009-0163
CVE-2009-2820
CVE-2009-3553
CVE-2010-0393
CVE-2010-0540
CVE-2010-0542
CVE-2010-1748
CVE-2010-2941
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2012-5519
CVE-2012-6094
CVE-2013-1752
CVE-2013-2001
CVE-2013-4238
CVE-2014-2667
CVE-2014-2856
CVE-2014-3537
CVE-2014-4650
CVE-2014-5029
CVE-2014-5030
CVE-2014-5031
CVE-2014-7300
CVE-2014-9092
CVE-2014-9556
CVE-2014-9679
CVE-2015-1158
CVE-2015-1159
CVE-2015-3885
CVE-2015-8367
CVE-2016-0772
CVE-2016-1000110
CVE-2016-10324
CVE-2016-10325
CVE-2016-10326
CVE-2016-3119
CVE-2016-5636
CVE-2016-5699
CVE-2016-9445
CVE-2016-9446
CVE-2016-9809
CVE-2016-9812
CVE-2016-9813
CVE-2017-18190
CVE-2017-18248
CVE-2017-5843
CVE-2017-5848
CVE-2017-6502
CVE-2017-6886
CVE-2017-6887
CVE-2017-6889
CVE-2017-6890
CVE-2017-6899
CVE-2017-7606
CVE-2017-7853
CVE-2017-7941
CVE-2017-7942
CVE-2017-7943
CVE-2017-8343
CVE-2017-8344
CVE-2017-8345
CVE-2017-8346
CVE-2017-8347
CVE-2017-8348
CVE-2017-8349
CVE-2017-8350
CVE-2017-8351
CVE-2017-8352
CVE-2017-8353
CVE-2017-8354
CVE-2017-8355
CVE-2017-8356
CVE-2017-8357
CVE-2017-8765
CVE-2017-8830
CVE-2017-9047
CVE-2017-9048
CVE-2017-9049
CVE-2017-9050
CVE-2017-9098
CVE-2017-9141
CVE-2017-9142
CVE-2017-9143
CVE-2017-9144
CVE-2018-4180
CVE-2018-4181
CVE-2018-4182
CVE-2018-4183
CVE-2019-17569
CVE-2020-14556
CVE-2020-14562
CVE-2020-14573
CVE-2020-14577
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-1935
CVE-2020-1938
SUSE-SU-2015:0366-1
SUSE-SU-2015:0515-1
SUSE-SU-2015:2056-2
SUSE-SU-2016:0994-1
SUSE-SU-2017:1187-1
SUSE-SU-2017:1489-1
SUSE-SU-2017:1538-1
SUSE-SU-2017:2300-1
SUSE-SU-2020:0631-1
SUSE-SU-2020:2143-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • eog-3.26.2-lp150.3 is installed
  • OR eog-lang-3.26.2-lp150.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND enigmail-2.0.11-31 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND libssh2-0.2-5.18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-31.8.0esr-0.10 is installed
  • OR MozillaFirefox-translations-31.8.0esr-0.10 is installed
  • OR libfreebl3-3.19.2_CKBI_1.98-0.10 is installed
  • OR libfreebl3-32bit-3.19.2_CKBI_1.98-0.10 is installed
  • OR libsoftokn3-3.19.2_CKBI_1.98-0.10 is installed
  • OR libsoftokn3-32bit-3.19.2_CKBI_1.98-0.10 is installed
  • OR mozilla-nspr-4.10.8-0.5 is installed
  • OR mozilla-nspr-32bit-4.10.8-0.5 is installed
  • OR mozilla-nss-3.19.2_CKBI_1.98-0.10 is installed
  • OR mozilla-nss-32bit-3.19.2_CKBI_1.98-0.10 is installed
  • OR mozilla-nss-tools-3.19.2_CKBI_1.98-0.10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • kernel-default-3.0.101-71 is installed
  • OR kernel-default-base-3.0.101-71 is installed
  • OR kernel-default-devel-3.0.101-71 is installed
  • OR kernel-default-extra-3.0.101-71 is installed
  • OR kernel-pae-3.0.101-71 is installed
  • OR kernel-pae-base-3.0.101-71 is installed
  • OR kernel-pae-devel-3.0.101-71 is installed
  • OR kernel-pae-extra-3.0.101-71 is installed
  • OR kernel-source-3.0.101-71 is installed
  • OR kernel-syms-3.0.101-71 is installed
  • OR kernel-trace-3.0.101-71 is installed
  • OR kernel-trace-devel-3.0.101-71 is installed
  • OR kernel-xen-3.0.101-71 is installed
  • OR kernel-xen-base-3.0.101-71 is installed
  • OR kernel-xen-devel-3.0.101-71 is installed
  • OR kernel-xen-extra-3.0.101-71 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • gnome-settings-daemon-3.10.2-20 is installed
  • OR gnome-settings-daemon-lang-3.10.2-20 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libksba-1.3.0-18 is installed
  • OR libksba8-1.3.0-18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libraw-0.15.4-9 is installed
  • OR libraw9-0.15.4-9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gstreamer-plugins-bad-1.8.3-17 is installed
  • OR gstreamer-plugins-bad-lang-1.8.3-17 is installed
  • OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed
  • OR libgstbadaudio-1_0-0-1.8.3-17 is installed
  • OR libgstbadbase-1_0-0-1.8.3-17 is installed
  • OR libgstbadvideo-1_0-0-1.8.3-17 is installed
  • OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed
  • OR libgstcodecparsers-1_0-0-1.8.3-17 is installed
  • OR libgstgl-1_0-0-1.8.3-17 is installed
  • OR libgstmpegts-1_0-0-1.8.3-17 is installed
  • OR libgstphotography-1_0-0-1.8.3-17 is installed
  • OR libgsturidownloader-1_0-0-1.8.3-17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • cups-1.7.5-20.17 is installed
  • OR cups-client-1.7.5-20.17 is installed
  • OR cups-libs-1.7.5-20.17 is installed
  • OR cups-libs-32bit-1.7.5-20.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • tomcat-9.0.31-4.22 is installed
  • OR tomcat-admin-webapps-9.0.31-4.22 is installed
  • OR tomcat-el-3_0-api-9.0.31-4.22 is installed
  • OR tomcat-jsp-2_3-api-9.0.31-4.22 is installed
  • OR tomcat-lib-9.0.31-4.22 is installed
  • OR tomcat-servlet-4_0-api-9.0.31-4.22 is installed
  • OR tomcat-webapps-9.0.31-4.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • elfutils-0.158-6 is installed
  • OR libasm1-0.158-6 is installed
  • OR libasm1-32bit-0.158-6 is installed
  • OR libdw1-0.158-6 is installed
  • OR libdw1-32bit-0.158-6 is installed
  • OR libebl1-0.158-6 is installed
  • OR libebl1-32bit-0.158-6 is installed
  • OR libelf1-0.158-6 is installed
  • OR libelf1-32bit-0.158-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_45-default-3-2 is installed
  • OR kgraft-patch-3_12_74-60_64_45-xen-3-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_16-3-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-4 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.92 is installed
  • OR kernel-default-base-4.4.121-92.92 is installed
  • OR kernel-default-devel-4.4.121-92.92 is installed
  • OR kernel-devel-4.4.121-92.92 is installed
  • OR kernel-macros-4.4.121-92.92 is installed
  • OR kernel-source-4.4.121-92.92 is installed
  • OR kernel-syms-4.4.121-92.92 is installed
  • OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed
  • OR lttng-modules-2.7.1-9.4 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND yast2-smt-3.0.14-17.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND squid-3.5.21-26.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND git-core-2.12.3-26 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.31 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed
  • OR python-2.7.13-28.31 is installed
  • OR python-32bit-2.7.13-28.31 is installed
  • OR python-base-2.7.13-28.31 is installed
  • OR python-base-32bit-2.7.13-28.31 is installed
  • OR python-curses-2.7.13-28.31 is installed
  • OR python-demo-2.7.13-28.31 is installed
  • OR python-devel-2.7.13-28.31 is installed
  • OR python-doc-2.7.13-28.31 is installed
  • OR python-doc-pdf-2.7.13-28.31 is installed
  • OR python-gdbm-2.7.13-28.31 is installed
  • OR python-idle-2.7.13-28.31 is installed
  • OR python-tk-2.7.13-28.31 is installed
  • OR python-xml-2.7.13-28.31 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.62 is installed
  • OR libgcrypt20-1.6.1-16.62 is installed
  • OR libgcrypt20-32bit-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.62 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • fontconfig-2.11.1-7 is installed
  • OR fontconfig-32bit-2.11.1-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • java-11-openjdk-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-demo-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-devel-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-headless-11.0.8.0-3.45 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-keystone-8.0.2~a0~dev8-1 is installed
  • OR python-keystone-8.0.2~a0~dev8-1 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-nova-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-api-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-cells-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-cert-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-compute-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-conductor-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-console-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-consoleauth-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-doc-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-novncproxy-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-placement-api-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-scheduler-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-serialproxy-14.0.10~dev13-4.11 is installed
  • OR openstack-nova-vncproxy-14.0.10~dev13-4.11 is installed
  • OR python-nova-14.0.10~dev13-4.11 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
  • BACK