OVAL Reference oval:org.opensuse.security:def:53606

Oval Definition:

oval:org.opensuse.security:def:53606

Revision Date:	2020-12-01	Version:	1
Title:	Security update for apache2 (Important)
Description:	This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404). - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect (bsc#1168407). - CVE-2020-1938: mod_proxy_ajp: Add 'secret' parameter to proxy workers to implement legacy AJP13 authentication (bsc#1169066).
Family:	unix	Class:	patch
Status:		Reference(s):	1000106 1003030 1003032 1004981 1005004 1005005 1007157 1007941 1009100 1009103 1009104 1009105 1009107 1009108 1009109 1009111 1011652 1015351 1020950 1024145 1024749 1039361 1045460 1050469 1054724 1055587 1056291 1056334 1056996 1057378 1057585 1057966 1062069 1062942 1063122 1168404 1168407 1169066 1175239 854151 897031 930077 930078 930079 937419 952254 970547 981124 CVE-2010-2800 CVE-2010-2801 CVE-2011-1898 CVE-2011-4349 CVE-2012-0029 CVE-2012-0217 CVE-2012-2451 CVE-2012-2625 CVE-2012-3432 CVE-2012-3433 CVE-2012-4411 CVE-2012-4535 CVE-2012-4536 CVE-2012-4537 CVE-2012-4538 CVE-2012-4539 CVE-2012-4544 CVE-2012-5510 CVE-2012-5511 CVE-2012-5513 CVE-2012-5514 CVE-2012-5515 CVE-2012-5525 CVE-2012-5634 CVE-2012-6075 CVE-2013-0151 CVE-2013-0152 CVE-2013-0153 CVE-2013-1442 CVE-2013-1917 CVE-2013-1918 CVE-2013-1919 CVE-2013-1922 CVE-2013-1952 CVE-2013-2007 CVE-2013-2142 CVE-2013-3495 CVE-2013-4355 CVE-2013-4356 CVE-2013-4361 CVE-2013-4375 CVE-2013-4416 CVE-2013-4494 CVE-2013-4533 CVE-2013-4534 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4551 CVE-2013-4553 CVE-2013-4554 CVE-2014-0222 CVE-2014-3124 CVE-2014-3640 CVE-2014-3672 CVE-2014-5146 CVE-2014-5149 CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055 CVE-2014-6268 CVE-2014-7154 CVE-2014-7155 CVE-2014-7156 CVE-2014-7188 CVE-2014-7815 CVE-2014-9556 CVE-2014-9732 CVE-2015-1779 CVE-2015-3259 CVE-2015-3340 CVE-2015-3456 CVE-2015-4037 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106 CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-4467 CVE-2015-4468 CVE-2015-4469 CVE-2015-4470 CVE-2015-4471 CVE-2015-4472 CVE-2015-5154 CVE-2015-5239 CVE-2015-5278 CVE-2015-5307 CVE-2015-5310 CVE-2015-6815 CVE-2015-6855 CVE-2015-7311 CVE-2015-7504 CVE-2015-7512 CVE-2015-7549 CVE-2015-7835 CVE-2015-7969 CVE-2015-7970 CVE-2015-7971 CVE-2015-7972 CVE-2015-8041 CVE-2015-8104 CVE-2015-8339 CVE-2015-8340 CVE-2015-8341 CVE-2015-8345 CVE-2015-8504 CVE-2015-8550 CVE-2015-8554 CVE-2015-8555 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8615 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-10013 CVE-2016-1002 CVE-2016-10024 CVE-2016-10025 CVE-2016-1005 CVE-2016-1010 CVE-2016-1568 CVE-2016-1570 CVE-2016-1571 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-2270 CVE-2016-2271 CVE-2016-2391 CVE-2016-2392 CVE-2016-2538 CVE-2016-2841 CVE-2016-4439 CVE-2016-4441 CVE-2016-5104 CVE-2016-5238 CVE-2016-5338 CVE-2016-6258 CVE-2016-6259 CVE-2016-6351 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 CVE-2016-7586 CVE-2016-7589 CVE-2016-7592 CVE-2016-7599 CVE-2016-7623 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7641 CVE-2016-7645 CVE-2016-7652 CVE-2016-7654 CVE-2016-7656 CVE-2016-7777 CVE-2016-7777 CVE-2016-7908 CVE-2016-7908 CVE-2016-7909 CVE-2016-7909 CVE-2016-8667 CVE-2016-8667 CVE-2016-8669 CVE-2016-8669 CVE-2016-8910 CVE-2016-8910 CVE-2016-9377 CVE-2016-9377 CVE-2016-9378 CVE-2016-9378 CVE-2016-9379 CVE-2016-9379 CVE-2016-9380 CVE-2016-9380 CVE-2016-9381 CVE-2016-9381 CVE-2016-9382 CVE-2016-9382 CVE-2016-9383 CVE-2016-9383 CVE-2016-9384 CVE-2016-9384 CVE-2016-9385 CVE-2016-9385 CVE-2016-9386 CVE-2016-9386 CVE-2016-9637 CVE-2016-9637 CVE-2016-9843 CVE-2016-9921 CVE-2016-9922 CVE-2016-9932 CVE-2017-1000367 CVE-2017-10911 CVE-2017-12809 CVE-2017-13672 CVE-2017-13711 CVE-2017-14107 CVE-2017-14167 CVE-2017-15038 CVE-2017-15268 CVE-2017-15289 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373 CVE-2017-2496 CVE-2017-2510 CVE-2017-2538 CVE-2017-2539 CVE-2017-2615 CVE-2017-2620 CVE-2017-6505 CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064 CVE-2017-8309 CVE-2017-9330 CVE-2020-14363 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 SUSE-SU-2015:2088-1 SUSE-SU-2016:0715-1 SUSE-SU-2016:2305-1 SUSE-SU-2016:3067-1 SUSE-SU-2017:1450-1 SUSE-SU-2017:2546-1 SUSE-SU-2017:2924-1 SUSE-SU-2017:2933-1 SUSE-SU-2020:1126-1 SUSE-SU-2020:2474-2
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information bind-9.11.2-lp150.7 is installed OR bind-chrootenv-9.11.2-lp150.7 is installed OR bind-utils-9.11.2-lp150.7 is installed OR libbind9-160-9.11.2-lp150.7 is installed OR libdns169-9.11.2-lp150.7 is installed OR libirs160-9.11.2-lp150.7 is installed OR libisc166-9.11.2-lp150.7 is installed OR libisccc160-9.11.2-lp150.7 is installed OR libisccfg160-9.11.2-lp150.7 is installed OR liblwres160-9.11.2-lp150.7 is installed OR python3-bind-9.11.2-lp150.7 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libvirt-5.1.0-lp151.7.3 is installed OR libvirt-admin-5.1.0-lp151.7.3 is installed OR libvirt-bash-completion-5.1.0-lp151.7.3 is installed OR libvirt-client-5.1.0-lp151.7.3 is installed OR libvirt-daemon-5.1.0-lp151.7.3 is installed OR libvirt-daemon-config-network-5.1.0-lp151.7.3 is installed OR libvirt-daemon-config-nwfilter-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-interface-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-libxl-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-lxc-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-network-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-nodedev-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-nwfilter-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-qemu-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-secret-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-core-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-disk-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-gluster-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-iscsi-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-logical-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-mpath-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-rbd-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-scsi-5.1.0-lp151.7.3 is installed OR libvirt-daemon-hooks-5.1.0-lp151.7.3 is installed OR libvirt-daemon-lxc-5.1.0-lp151.7.3 is installed OR libvirt-daemon-qemu-5.1.0-lp151.7.3 is installed OR libvirt-daemon-xen-5.1.0-lp151.7.3 is installed OR libvirt-devel-5.1.0-lp151.7.3 is installed OR libvirt-devel-32bit-5.1.0-lp151.7.3 is installed OR libvirt-doc-5.1.0-lp151.7.3 is installed OR libvirt-libs-5.1.0-lp151.7.3 is installed OR libvirt-lock-sanlock-5.1.0-lp151.7.3 is installed OR libvirt-nss-5.1.0-lp151.7.3 is installed OR wireshark-plugin-libvirt-5.1.0-lp151.7.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.12-0.4 is installed OR MozillaFirefox-translations-10.0.12-0.4 is installed OR libfreebl3-3.14.1-0.3 is installed OR libfreebl3-32bit-3.14.1-0.3 is installed OR mozilla-nspr-4.9.4-0.3 is installed OR mozilla-nspr-32bit-4.9.4-0.3 is installed OR mozilla-nss-3.14.1-0.3 is installed OR mozilla-nss-32bit-3.14.1-0.3 is installed OR mozilla-nss-tools-3.14.1-0.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.31 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.31 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.540-0.23 is installed OR flash-player-gnome-11.2.202.540-0.23 is installed OR flash-player-kde4-11.2.202.540-0.23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information LibVNCServer-0.9.9-16 is installed OR libvncclient0-0.9.9-16 is installed OR libvncserver0-0.9.9-16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND wpa_supplicant-2.2-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xen-4.7.1_02-25 is installed OR xen-libs-4.7.1_02-25 is installed OR xen-libs-32bit-4.7.1_02-25 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libz1-1.2.8-11 is installed OR libz1-32bit-1.2.8-11 is installed OR zlib-devel-1.2.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information colord-1.3.3-12 is installed OR colord-gtk-lang-0.1.26-6 is installed OR colord-lang-1.3.3-12 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.4.0esr-109.6 is installed OR MozillaFirefox-devel-52.4.0esr-109.6 is installed OR MozillaFirefox-translations-52.4.0esr-109.6 is installed OR libfreebl3-3.29.5-58.3 is installed OR libfreebl3-32bit-3.29.5-58.3 is installed OR libfreebl3-hmac-3.29.5-58.3 is installed OR libfreebl3-hmac-32bit-3.29.5-58.3 is installed OR libsoftokn3-3.29.5-58.3 is installed OR libsoftokn3-32bit-3.29.5-58.3 is installed OR libsoftokn3-hmac-3.29.5-58.3 is installed OR libsoftokn3-hmac-32bit-3.29.5-58.3 is installed OR mozilla-nss-3.29.5-58.3 is installed OR mozilla-nss-32bit-3.29.5-58.3 is installed OR mozilla-nss-certs-3.29.5-58.3 is installed OR mozilla-nss-certs-32bit-3.29.5-58.3 is installed OR mozilla-nss-devel-3.29.5-58.3 is installed OR mozilla-nss-sysinit-3.29.5-58.3 is installed OR mozilla-nss-sysinit-32bit-3.29.5-58.3 is installed OR mozilla-nss-tools-3.29.5-58.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND libmms0-0.6.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.21 is installed OR python3-3.4.6-25.21 is installed OR python3-base-3.4.6-25.21 is installed OR python3-curses-3.4.6-25.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-default-4.4.121-92.95 is installed OR kernel-default-base-4.4.121-92.95 is installed OR kernel-default-devel-4.4.121-92.95 is installed OR kernel-default-man-4.4.121-92.95 is installed OR kernel-devel-4.4.121-92.95 is installed OR kernel-macros-4.4.121-92.95 is installed OR kernel-source-4.4.121-92.95 is installed OR kernel-syms-4.4.121-92.95 is installed OR kgraft-patch-4_4_121-92_95-default-1-3.4 is installed OR kgraft-patch-SLE12-SP2_Update_25-1-3.4 is installed OR lttng-modules-2.7.1-9.6 is installed OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND permissions-2015.09.28.1626-17.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpolkit0-0.113-5.12 is installed OR polkit-0.113-5.12 is installed OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-bson-1_11-1.11.1-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.5 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information openstack-manila-7.3.1~dev15-4.18 is installed OR openstack-manila-api-7.3.1~dev15-4.18 is installed OR openstack-manila-data-7.3.1~dev15-4.18 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.18 is installed OR openstack-manila-share-7.3.1~dev15-4.18 is installed OR python-manila-7.3.1~dev15-4.18 is installed

BACK