OVAL Reference oval:org.opensuse.security:def:5436

Oval Definition:

oval:org.opensuse.security:def:5436

Revision Date:	2020-12-02	Version:	1
Title:	Security update for nginx (Moderate)
Description:	This update for nginx fixes the following issues: nginx was updated to 1.16.1 (jsc#ECO-1401) - Added TLS 1.3 support (jsc#SLE-9295, bsc#1150711) - Replaced obsolete GeoIP module with MaxMinDB-based GeoIP2 (jsc#SLE-11184, bsc#1156202) - Started nginx after network is online (bsc#1155690) - CVE-2019-20372: Fixed an HTTP request smuggling with certain error_page configurations which could have allowed unauthorized web page reads (bsc#1160682).
Family:	unix	Class:	patch
Status:		Reference(s):	1150711 1154862 1155690 1156202 1160682 CVE-2006-4484 CVE-2007-5970 CVE-2008-7247 CVE-2009-2905 CVE-2009-3736 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2010-0750 CVE-2010-1205 CVE-2010-2494 CVE-2010-2947 CVE-2010-4341 CVE-2010-4352 CVE-2010-5298 CVE-2011-1485 CVE-2011-1758 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3328 CVE-2012-2673 CVE-2012-3524 CVE-2012-5468 CVE-2012-5615 CVE-2013-0219 CVE-2013-0220 CVE-2013-0287 CVE-2013-1976 CVE-2013-2168 CVE-2013-4288 CVE-2013-6393 CVE-2013-6954 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-0333 CVE-2014-2494 CVE-2014-2525 CVE-2014-3248 CVE-2014-3470 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6474 CVE-2014-6478 CVE-2014-6484 CVE-2014-6489 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 CVE-2014-6568 CVE-2014-7824 CVE-2014-8148 CVE-2014-8964 CVE-2014-9130 CVE-2014-9495 CVE-2015-0245 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-0973 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-3152 CVE-2015-3218 CVE-2015-3255 CVE-2015-3256 CVE-2015-4625 CVE-2015-8126 CVE-2016-6354 CVE-2019-17498 CVE-2019-20372 SUSE-SU-2019:2900-2 SUSE-SU-2020:1171-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise for SAP 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for High Performance Computing 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information orca-2.28.3-0.5.10 is installed OR orca-lang-2.28.3-0.5.10 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libssh-0.2-5.22.1 is installed OR libssh2-0.2-5.22.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND libgc1-7.2d-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND bogofilter-1.2.4-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information qemu-2.0.2-48.25.1 is installed OR qemu-block-curl-2.0.2-48.25.1 is installed OR qemu-block-rbd-2.0.2-48.25.1 is installed OR qemu-guest-agent-2.0.2-48.25.1 is installed OR qemu-ipxe-1.0.0-48.25.1 is installed OR qemu-kvm-2.0.2-48.25.1 is installed OR qemu-lang-2.0.2-48.25.1 is installed OR qemu-seabios-1.7.4-48.25.1 is installed OR qemu-sgabios-8-48.25.1 is installed OR qemu-tools-2.0.2-48.25.1 is installed OR qemu-vgabios-1.7.4-48.25.1 is installed OR qemu-x86-2.0.2-48.25.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information MozillaFirefox-52.2.0esr-108.3 is installed OR MozillaFirefox-branding-SLE-52-31.1 is installed OR MozillaFirefox-devel-52.2.0esr-108.3 is installed OR MozillaFirefox-translations-52.2.0esr-108.3 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP2 is installed AND cryptctl-1.2.6-5.3.11 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND dosfstools-3.0.26-6 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-4_4_49-92_11-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_5-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3.2 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND sles12sp1-docker-image-1.0.4-20160308170633 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 12 is installed AND Package Information libpmi0-17.02.9-6.10.1 is installed OR libslurm29-16.05.8.1-6.1 is installed OR libslurm31-17.02.9-6.10.1 is installed OR pdsh-2.33-7.5.17 is installed OR perl-slurm-17.02.9-6.10.1 is installed OR slurm-17.02.9-6.10.1 is installed OR slurm-auth-none-17.02.9-6.10.1 is installed OR slurm-devel-17.02.9-6.10.1 is installed OR slurm-doc-17.02.9-6.10.1 is installed OR slurm-lua-17.02.9-6.10.1 is installed OR slurm-munge-17.02.9-6.10.1 is installed OR slurm-pam_slurm-17.02.9-6.10.1 is installed OR slurm-plugins-17.02.9-6.10.1 is installed OR slurm-sched-wiki-17.02.9-6.10.1 is installed OR slurm-slurmdb-direct-17.02.9-6.10.1 is installed OR slurm-slurmdbd-17.02.9-6.10.1 is installed OR slurm-sql-17.02.9-6.10.1 is installed OR slurm-torque-17.02.9-6.10.1 is installed OR slurmlibs-16.05.8.1-6.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information libopenssl0_9_8-0.9.8j-59 is installed OR libopenssl0_9_8-32bit-0.9.8j-59 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.32-33.1 is installed OR kernel-ec2-devel-3.12.32-33.1 is installed OR kernel-ec2-extra-3.12.32-33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-4 is installed OR php5-5.5.14-4 is installed OR php5-bcmath-5.5.14-4 is installed OR php5-bz2-5.5.14-4 is installed OR php5-calendar-5.5.14-4 is installed OR php5-ctype-5.5.14-4 is installed OR php5-curl-5.5.14-4 is installed OR php5-dba-5.5.14-4 is installed OR php5-dom-5.5.14-4 is installed OR php5-enchant-5.5.14-4 is installed OR php5-exif-5.5.14-4 is installed OR php5-fastcgi-5.5.14-4 is installed OR php5-fileinfo-5.5.14-4 is installed OR php5-fpm-5.5.14-4 is installed OR php5-ftp-5.5.14-4 is installed OR php5-gd-5.5.14-4 is installed OR php5-gettext-5.5.14-4 is installed OR php5-gmp-5.5.14-4 is installed OR php5-iconv-5.5.14-4 is installed OR php5-intl-5.5.14-4 is installed OR php5-json-5.5.14-4 is installed OR php5-ldap-5.5.14-4 is installed OR php5-mbstring-5.5.14-4 is installed OR php5-mcrypt-5.5.14-4 is installed OR php5-mysql-5.5.14-4 is installed OR php5-odbc-5.5.14-4 is installed OR php5-openssl-5.5.14-4 is installed OR php5-pcntl-5.5.14-4 is installed OR php5-pdo-5.5.14-4 is installed OR php5-pear-5.5.14-4 is installed OR php5-pgsql-5.5.14-4 is installed OR php5-pspell-5.5.14-4 is installed OR php5-shmop-5.5.14-4 is installed OR php5-snmp-5.5.14-4 is installed OR php5-soap-5.5.14-4 is installed OR php5-sockets-5.5.14-4 is installed OR php5-sqlite-5.5.14-4 is installed OR php5-suhosin-5.5.14-4 is installed OR php5-sysvmsg-5.5.14-4 is installed OR php5-sysvsem-5.5.14-4 is installed OR php5-sysvshm-5.5.14-4 is installed OR php5-tokenizer-5.5.14-4 is installed OR php5-wddx-5.5.14-4 is installed OR php5-xmlreader-5.5.14-4 is installed OR php5-xmlrpc-5.5.14-4 is installed OR php5-xmlwriter-5.5.14-4 is installed OR php5-xsl-5.5.14-4 is installed OR php5-zip-5.5.14-4 is installed OR php5-zlib-5.5.14-4 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.67-60.27.1 is installed OR kernel-compute-base-3.12.67-60.27.1 is installed OR kernel-compute-devel-3.12.67-60.27.1 is installed OR kernel-compute_debug-3.12.67-60.27.1 is installed OR kernel-compute_debug-devel-3.12.67-60.27.1 is installed OR kernel-devel-rt-3.12.67-60.27.1 is installed OR kernel-rt-3.12.67-60.27.1 is installed OR kernel-rt-base-3.12.67-60.27.1 is installed OR kernel-rt-devel-3.12.67-60.27.1 is installed OR kernel-rt_debug-3.12.67-60.27.1 is installed OR kernel-rt_debug-devel-3.12.67-60.27.1 is installed OR kernel-source-rt-3.12.67-60.27.1 is installed OR kernel-syms-rt-3.12.67-60.27.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 is installed AND libpoppler4-0.10.1-1.30.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information dbus-1-1.2.10-3.25.2 is installed OR dbus-1-32bit-1.2.10-3.25.2 is installed OR dbus-1-x11-1.2.10-3.25.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND ed-0.2-1001.30.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND aaa_base-11-6.90.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information xorg-x11-libXrender-7.4-1.16.8 is installed OR xorg-x11-libXrender-32bit-7.4-1.16.8 is installed OR xorg-x11-libXrender-x86-7.4-1.16.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information qemu-2.6.2-31.2 is installed OR qemu-arm-2.6.2-31.2 is installed OR qemu-block-curl-2.6.2-31.2 is installed OR qemu-block-rbd-2.6.2-31.2 is installed OR qemu-block-ssh-2.6.2-31.2 is installed OR qemu-guest-agent-2.6.2-31.2 is installed OR qemu-ipxe-1.0.0-31.2 is installed OR qemu-kvm-2.6.2-31.2 is installed OR qemu-lang-2.6.2-31.2 is installed OR qemu-ppc-2.6.2-31.2 is installed OR qemu-s390-2.6.2-31.2 is installed OR qemu-seabios-1.9.1-31.2 is installed OR qemu-sgabios-8-31.2 is installed OR qemu-tools-2.6.2-31.2 is installed OR qemu-vgabios-1.9.1-31.2 is installed OR qemu-x86-2.6.2-31.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libpulse-mainloop-glib0-5.0-4 is installed OR libpulse-mainloop-glib0-32bit-5.0-4 is installed OR libpulse0-5.0-4 is installed OR libpulse0-32bit-5.0-4 is installed OR pulseaudio-5.0-4 is installed OR pulseaudio-esound-compat-5.0-4 is installed OR pulseaudio-gdm-hooks-5.0-4 is installed OR pulseaudio-lang-5.0-4 is installed OR pulseaudio-module-x11-5.0-4 is installed OR pulseaudio-module-zeroconf-5.0-4 is installed OR pulseaudio-utils-5.0-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cpio-2.11-36.3 is installed OR cpio-lang-2.11-36.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information file-5.19-9 is installed OR file-magic-5.19-9 is installed OR libmagic1-5.19-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information ctdb-4.2.4-18.35 is installed OR libdcerpc-binding0-4.2.4-18.35 is installed OR libdcerpc-binding0-32bit-4.2.4-18.35 is installed OR libdcerpc0-4.2.4-18.35 is installed OR libdcerpc0-32bit-4.2.4-18.35 is installed OR libgensec0-4.2.4-18.35 is installed OR libgensec0-32bit-4.2.4-18.35 is installed OR libndr-krb5pac0-4.2.4-18.35 is installed OR libndr-krb5pac0-32bit-4.2.4-18.35 is installed OR libndr-nbt0-4.2.4-18.35 is installed OR libndr-nbt0-32bit-4.2.4-18.35 is installed OR libndr-standard0-4.2.4-18.35 is installed OR libndr-standard0-32bit-4.2.4-18.35 is installed OR libndr0-4.2.4-18.35 is installed OR libndr0-32bit-4.2.4-18.35 is installed OR libnetapi0-4.2.4-18.35 is installed OR libnetapi0-32bit-4.2.4-18.35 is installed OR libregistry0-4.2.4-18.35 is installed OR libsamba-credentials0-4.2.4-18.35 is installed OR libsamba-credentials0-32bit-4.2.4-18.35 is installed OR libsamba-hostconfig0-4.2.4-18.35 is installed OR libsamba-hostconfig0-32bit-4.2.4-18.35 is installed OR libsamba-passdb0-4.2.4-18.35 is installed OR libsamba-passdb0-32bit-4.2.4-18.35 is installed OR libsamba-util0-4.2.4-18.35 is installed OR libsamba-util0-32bit-4.2.4-18.35 is installed OR libsamdb0-4.2.4-18.35 is installed OR libsamdb0-32bit-4.2.4-18.35 is installed OR libsmbclient-raw0-4.2.4-18.35 is installed OR libsmbclient-raw0-32bit-4.2.4-18.35 is installed OR libsmbclient0-4.2.4-18.35 is installed OR libsmbclient0-32bit-4.2.4-18.35 is installed OR libsmbconf0-4.2.4-18.35 is installed OR libsmbconf0-32bit-4.2.4-18.35 is installed OR libsmbldap0-4.2.4-18.35 is installed OR libsmbldap0-32bit-4.2.4-18.35 is installed OR libtevent-util0-4.2.4-18.35 is installed OR libtevent-util0-32bit-4.2.4-18.35 is installed OR libwbclient0-4.2.4-18.35 is installed OR libwbclient0-32bit-4.2.4-18.35 is installed OR samba-4.2.4-18.35 is installed OR samba-32bit-4.2.4-18.35 is installed OR samba-client-4.2.4-18.35 is installed OR samba-client-32bit-4.2.4-18.35 is installed OR samba-doc-4.2.4-18.35 is installed OR samba-libs-4.2.4-18.35 is installed OR samba-libs-32bit-4.2.4-18.35 is installed OR samba-winbind-4.2.4-18.35 is installed OR samba-winbind-32bit-4.2.4-18.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information kgraft-patch-3_12_62-60_64_8-default-9-3 is installed OR kgraft-patch-3_12_62-60_64_8-xen-9-3 is installed OR kgraft-patch-SLE12-SP1_Update_8-9-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND nginx-1.16.1-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND build-2011.10.10-0.7.10 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information libcolord-devel-1.3.3-12 is installed OR libcolord-gtk-devel-0.1.26-6 is installed OR typelib-1_0-ColorHug-1_0-1.3.3-12 is installed OR typelib-1_0-Colord-1_0-1.3.3-12 is installed OR typelib-1_0-ColordGtk-1_0-0.1.26-6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information FastCGI-2.4.0-168 is installed OR FastCGI-devel-2.4.0-168 is installed OR perl-FastCGI-2.4.0-168 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND bogofilter-1.2.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gimp-2.8.10-7.8 is installed OR gimp-lang-2.8.10-7.8 is installed OR gimp-plugins-python-2.8.10-7.8 is installed OR libgimp-2_0-0-2.8.10-7.8 is installed OR libgimpui-2_0-0-2.8.10-7.8 is installed

BACK