OVAL Reference oval:org.opensuse.security:def:53565

Oval Definition:

oval:org.opensuse.security:def:53565

Revision Date:	2020-12-01	Version:	1
Title:	Security update for python-waitress (Moderate)
Description:	This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088). - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089). - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790). - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670).
Family:	unix	Class:	patch
Status:		Reference(s):	1011283 1011284 1011285 1011286 1011287 1011288 1011289 1011290 1011291 1011292 1011293 1012021 1012022 1012023 1012024 1012025 1012026 1012027 1012028 1012029 1012030 1012031 1012032 1015499 1015547 1021636 1024044 1024068 1026102 1030071 1035082 1048278 1048339 1048352 1048387 1048790 1050699 1050704 1050708 1050711 1050712 1050714 1052577 1054017 1056127 1056128 1056129 1056131 1056132 1056136 1160790 1161088 1161089 1161670 1171863 1171864 1171866 1172348 866010 901905 907290 921559 928749 930565 933396 982366 983549 983638 983639 983643 983646 983651 983652 983653 983655 984006 984126 985659 CVE-2012-2738 CVE-2013-1992 CVE-2013-6418 CVE-2014-3686 CVE-2014-3970 CVE-2015-0210 CVE-2015-1863 CVE-2015-4041 CVE-2015-4042 CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-5130 CVE-2015-5310 CVE-2015-8041 CVE-2016-1950 CVE-2016-2815 CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2824 CVE-2016-2828 CVE-2016-2831 CVE-2016-2834 CVE-2016-5384 CVE-2016-8635 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443 CVE-2016-9574 CVE-2016-9621 CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633 CVE-2017-11103 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13733 CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839 CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469 CVE-2017-5843 CVE-2017-5848 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 SUSE-SU-2015:1637-1 SUSE-SU-2016:1691-1 SUSE-SU-2016:3053-1 SUSE-SU-2017:0962-1 SUSE-SU-2017:1248-1 SUSE-SU-2017:2234-1 SUSE-SU-2017:2237-1 SUSE-SU-2018:0120-1 SUSE-SU-2020:1682-1 SUSE-SU-2020:3269-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information augeas-1.10.1-lp150.1 is installed OR augeas-lenses-1.10.1-lp150.1 is installed OR libaugeas0-1.10.1-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.4 is installed OR kernel-debug-base-4.12.14-lp151.28.4 is installed OR kernel-debug-devel-4.12.14-lp151.28.4 is installed OR kernel-default-4.12.14-lp151.28.4 is installed OR kernel-default-base-4.12.14-lp151.28.4 is installed OR kernel-default-devel-4.12.14-lp151.28.4 is installed OR kernel-devel-4.12.14-lp151.28.4 is installed OR kernel-docs-4.12.14-lp151.28.4 is installed OR kernel-docs-html-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed OR kernel-macros-4.12.14-lp151.28.4 is installed OR kernel-obs-build-4.12.14-lp151.28.4 is installed OR kernel-obs-qa-4.12.14-lp151.28.4 is installed OR kernel-source-4.12.14-lp151.28.4 is installed OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed OR kernel-syms-4.12.14-lp151.28.4 is installed OR kernel-vanilla-4.12.14-lp151.28.4 is installed OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libldb1-3.6.3-0.33.39 is installed OR libldb1-32bit-3.6.3-0.33.39 is installed OR libsmbclient0-3.6.3-0.33.39 is installed OR libsmbclient0-32bit-3.6.3-0.33.39 is installed OR libtalloc1-3.4.3-1.50 is installed OR libtalloc1-32bit-3.4.3-1.50 is installed OR libtalloc2-3.6.3-0.33.39 is installed OR libtalloc2-32bit-3.6.3-0.33.39 is installed OR libtdb1-3.6.3-0.33.39 is installed OR libtdb1-32bit-3.6.3-0.33.39 is installed OR libtevent0-3.6.3-0.33.39 is installed OR libtevent0-32bit-3.6.3-0.33.39 is installed OR libwbclient0-3.6.3-0.33.39 is installed OR libwbclient0-32bit-3.6.3-0.33.39 is installed OR samba-3.6.3-0.33.39 is installed OR samba-32bit-3.6.3-0.33.39 is installed OR samba-client-3.6.3-0.33.39 is installed OR samba-client-32bit-3.6.3-0.33.39 is installed OR samba-doc-3.6.3-0.33.39 is installed OR samba-krb-printing-3.6.3-0.33.39 is installed OR samba-winbind-3.6.3-0.33.39 is installed OR samba-winbind-32bit-3.6.3-0.33.39 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.6.0esr-0.8 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.6.0esr-0.8 is installed OR libfreebl3-3.16.1-0.8 is installed OR libfreebl3-32bit-3.16.1-0.8 is installed OR libsoftokn3-3.16.1-0.8 is installed OR libsoftokn3-32bit-3.16.1-0.8 is installed OR mozilla-nspr-4.10.6-0.3 is installed OR mozilla-nspr-32bit-4.10.6-0.3 is installed OR mozilla-nss-3.16.1-0.8 is installed OR mozilla-nss-32bit-3.16.1-0.8 is installed OR mozilla-nss-tools-3.16.1-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information coreutils-8.22-9 is installed OR coreutils-lang-8.22-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information MozillaFirefox-45.2.0esr-75 is installed OR MozillaFirefox-branding-SLE-45.0-28 is installed OR MozillaFirefox-translations-45.2.0esr-75 is installed OR libfreebl3-3.21.1-46 is installed OR libfreebl3-32bit-3.21.1-46 is installed OR libsoftokn3-3.21.1-46 is installed OR libsoftokn3-32bit-3.21.1-46 is installed OR mozilla-nspr-4.12-15 is installed OR mozilla-nspr-32bit-4.12-15 is installed OR mozilla-nss-3.21.1-46 is installed OR mozilla-nss-32bit-3.21.1-46 is installed OR mozilla-nss-certs-3.21.1-46 is installed OR mozilla-nss-certs-32bit-3.21.1-46 is installed OR mozilla-nss-sysinit-3.21.1-46 is installed OR mozilla-nss-sysinit-32bit-3.21.1-46 is installed OR mozilla-nss-tools-3.21.1-46 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gstreamer-plugins-bad-1.8.3-17 is installed OR gstreamer-plugins-bad-lang-1.8.3-17 is installed OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed OR libgstbadaudio-1_0-0-1.8.3-17 is installed OR libgstbadbase-1_0-0-1.8.3-17 is installed OR libgstbadvideo-1_0-0-1.8.3-17 is installed OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed OR libgstcodecparsers-1_0-0-1.8.3-17 is installed OR libgstgl-1_0-0-1.8.3-17 is installed OR libgstmpegts-1_0-0-1.8.3-17 is installed OR libgstphotography-1_0-0-1.8.3-17 is installed OR libgsturidownloader-1_0-0-1.8.3-17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libpulse-mainloop-glib0-5.0-4 is installed OR libpulse-mainloop-glib0-32bit-5.0-4 is installed OR libpulse0-5.0-4 is installed OR libpulse0-32bit-5.0-4 is installed OR pulseaudio-5.0-4 is installed OR pulseaudio-esound-compat-5.0-4 is installed OR pulseaudio-gdm-hooks-5.0-4 is installed OR pulseaudio-lang-5.0-4 is installed OR pulseaudio-module-bluetooth-5.0-4 is installed OR pulseaudio-module-gconf-5.0-4 is installed OR pulseaudio-module-jack-5.0-4 is installed OR pulseaudio-module-lirc-5.0-4 is installed OR pulseaudio-module-x11-5.0-4 is installed OR pulseaudio-module-zeroconf-5.0-4 is installed OR pulseaudio-utils-5.0-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information fontconfig-2.11.1-7 is installed OR fontconfig-32bit-2.11.1-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND procmail-3.22-267 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_18-default-9-2 is installed OR kgraft-patch-3_12_67-60_64_18-xen-9-2 is installed OR kgraft-patch-SLE12-SP1_Update_9-9-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libapr-util1-1.5.3-1 is installed OR libapr-util1-dbd-sqlite3-1.5.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-devel-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gvim-7.4.326-16 is installed OR vim-7.4.326-16 is installed OR vim-data-7.4.326-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information pam_pkcs11-0.6.8-7.5 is installed OR pam_pkcs11-32bit-0.6.8-7.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.20.3-2.23 is installed OR libwebkit2gtk-4_0-37-2.20.3-2.23 is installed OR typelib-1_0-JavaScriptCore-4_0-2.20.3-2.23 is installed OR typelib-1_0-WebKit2-4_0-2.20.3-2.23 is installed OR webkit2gtk-4_0-injected-bundles-2.20.3-2.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information python-waitress-1.4.3-3.3 is installed OR python3-waitress-1.4.3-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information perl-5.26.1-7.12 is installed OR perl-base-5.26.1-7.12 is installed OR perl-base-32bit-5.26.1-7.12 is installed OR perl-doc-5.26.1-7.12 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND python-Jinja2-2.7.3-15 is installed
Definition Synopsis
SUSE OpenStack Cloud 6-LTSS is installed AND python-setuptools-18.0.1-4.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND ucode-intel-20190507-13.41 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-SQLAlchemy-1.2.10-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmysqlclient18-10.0.40.2-29.35 is installed OR libmysqlclient18-32bit-10.0.40.2-29.35 is installed OR mariadb-10.0.40.2-29.35 is installed OR mariadb-client-10.0.40.2-29.35 is installed OR mariadb-errormessages-10.0.40.2-29.35 is installed OR mariadb-tools-10.0.40.2-29.35 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.8 is installed

BACK