OVAL Reference oval:org.opensuse.security:def:5446

Oval Definition:

oval:org.opensuse.security:def:5446

Revision Date:	2020-12-02	Version:	1
Title:	Security update for tomcat (Important)
Description:	This update for tomcat fixes the following issues: - Update to Tomcat 9.0.35. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) CVE-2020-9484 (bsc#1171928) Apache Tomcat Remote Code Execution via session persistence If an attacker was able to control the contents and name of a file on a server configured to use the PersistenceManager, then the attacker could have triggered a remote code execution via deserialization of the file under their control.
Family:	unix	Class:	patch
Status:		Reference(s):	1171928 1172698 1172704 CVE-2007-3999 CVE-2009-0368 CVE-2009-0799 CVE-2009-0799 CVE-2009-0800 CVE-2009-0800 CVE-2009-1179 CVE-2009-1179 CVE-2009-1180 CVE-2009-1180 CVE-2009-1181 CVE-2009-1181 CVE-2009-1182 CVE-2009-1182 CVE-2009-1183 CVE-2009-1183 CVE-2009-1187 CVE-2009-1187 CVE-2009-1188 CVE-2009-1188 CVE-2009-2473 CVE-2009-2474 CVE-2009-3607 CVE-2009-3607 CVE-2009-3608 CVE-2009-3608 CVE-2009-3736 CVE-2010-4523 CVE-2011-3146 CVE-2012-0035 CVE-2013-1788 CVE-2013-1788 CVE-2013-1789 CVE-2013-1789 CVE-2013-1790 CVE-2013-1790 CVE-2013-1881 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998 CVE-2013-2126 CVE-2013-2127 CVE-2013-4473 CVE-2013-4473 CVE-2013-4474 CVE-2013-4474 CVE-2014-1932 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-9092 CVE-2016-6318 CVE-2020-8023 CVE-2020-9484 SUSE-SU-2020:1364-1 SUSE-SU-2020:1856-1
Platform(s):	openSUSE 13.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise for SAP 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND puppet-2.6.18-0.16.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.6.0esr-31.3 is installed OR MozillaFirefox-branding-SLED-38-18.24 is installed OR MozillaFirefox-translations-38.6.0esr-31.3 is installed OR libfreebl3-3.20.2-25.2 is installed OR libfreebl3-32bit-3.20.2-25.2 is installed OR libsoftokn3-3.20.2-25.2 is installed OR libsoftokn3-32bit-3.20.2-25.2 is installed OR mozilla-nss-3.20.2-25.2 is installed OR mozilla-nss-32bit-3.20.2-25.2 is installed OR mozilla-nss-tools-3.20.2-25.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libjpeg-turbo-1.3.1-30 is installed OR libjpeg62-62.1.0-30 is installed OR libjpeg62-32bit-62.1.0-30 is installed OR libjpeg62-turbo-1.3.1-30 is installed OR libjpeg8-8.0.2-30 is installed OR libjpeg8-32bit-8.0.2-30 is installed OR libturbojpeg0-8.0.2-30 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND bogofilter-1.2.4-5 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_48-52_27-default-5-2.2 is installed OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_8-5-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-97.1 is installed OR libopenssl0_9_8-0.9.8j-97.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP2 is installed AND Package Information compat-openssl098-0.9.8j-105.1 is installed OR libopenssl0_9_8-0.9.8j-105.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-4_4_90-92_45-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND facter-2.0.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.6.2-31 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-66.3 is installed OR libopenssl0_9_8-0.9.8j-66.3 is installed OR libopenssl0_9_8-32bit-0.9.8j-66.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-pycrypto-2.6.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9 is installed OR gcc5-5.3.1+r233831-9 is installed OR gcc5-c++-5.3.1+r233831-9 is installed OR gcc5-fortran-5.3.1+r233831-9 is installed OR gcc5-info-5.3.1+r233831-9 is installed OR gcc5-locale-5.3.1+r233831-9 is installed OR libffi-devel-gcc5-5.3.1+r233831-9 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs6-6.9.5-7 is installed OR nodejs6-devel-6.9.5-7 is installed OR nodejs6-docs-6.9.5-7 is installed OR npm6-6.9.5-7 is installed
Definition Synopsis
SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND Package Information salt-2016.11.4-46.10.1 is installed OR salt-minion-2016.11.4-46.10.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 is installed AND Package Information libxml2-2.7.1-10.11.1 is installed OR libxml2-32bit-2.7.1-10.11.1 is installed OR libxml2-doc-2.7.1-10.11.1 is installed OR libxml2-x86-2.7.1-10.11.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information MozillaFirefox-31.5.3esr-0.3.1 is installed OR MozillaFirefox-translations-31.5.3esr-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information freeradius-server-2.1.1-7.10.1 is installed OR freeradius-server-dialupadmin-2.1.1-7.7.19.77 is installed OR freeradius-server-doc-2.1.1-7.7.19.77 is installed OR freeradius-server-libs-2.1.1-7.7.19.77 is installed OR freeradius-server-utils-2.1.1-7.7.19.77 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information augeas-1.2.0-3 is installed OR augeas-lenses-1.2.0-3 is installed OR libaugeas0-1.2.0-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libX11-1.6.2-8.1 is installed OR libX11-6-1.6.2-8.1 is installed OR libX11-6-32bit-1.6.2-8.1 is installed OR libX11-data-1.6.2-8.1 is installed OR libX11-xcb1-1.6.2-8.1 is installed OR libX11-xcb1-32bit-1.6.2-8.1 is installed OR libXfixes-5.0.1-7.1 is installed OR libXfixes3-5.0.1-7.1 is installed OR libXfixes3-32bit-5.0.1-7.1 is installed OR libXi-1.7.4-14.1 is installed OR libXi6-1.7.4-14.1 is installed OR libXi6-32bit-1.7.4-14.1 is installed OR libXrender-0.9.8-7.1 is installed OR libXrender1-0.9.8-7.1 is installed OR libXrender1-32bit-0.9.8-7.1 is installed OR libXtst-1.2.2-7.1 is installed OR libXtst6-1.2.2-7.1 is installed OR libXtst6-32bit-1.2.2-7.1 is installed OR libXv-1.0.10-7.1 is installed OR libXv1-1.0.10-7.1 is installed OR libXv1-32bit-1.0.10-7.1 is installed OR libXvMC-1.0.8-7.1 is installed OR libXvMC1-1.0.8-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libsoup-2_4-1-2.54.1-4 is installed OR libsoup-2_4-1-32bit-2.54.1-4 is installed OR libsoup-lang-2.54.1-4 is installed OR typelib-1_0-Soup-2_4-2.54.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information giflib-progs-5.0.5-12 is installed OR libgif6-5.0.5-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information bind-9.9.9P1-28.34 is installed OR bind-chrootenv-9.9.9P1-28.34 is installed OR bind-devel-9.9.9P1-28.34 is installed OR bind-doc-9.9.9P1-28.34 is installed OR bind-libs-9.9.9P1-28.34 is installed OR bind-libs-32bit-9.9.9P1-28.34 is installed OR bind-utils-9.9.9P1-28.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information kgraft-patch-3_12_69-60_64_29-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_29-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_12-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information tomcat-9.0.35-3.52 is installed OR tomcat-admin-webapps-9.0.35-3.52 is installed OR tomcat-el-3_0-api-9.0.35-3.52 is installed OR tomcat-jsp-2_3-api-9.0.35-3.52 is installed OR tomcat-lib-9.0.35-3.52 is installed OR tomcat-servlet-4_0-api-9.0.35-3.52 is installed OR tomcat-webapps-9.0.35-3.52 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information GraphicsMagick-1.2.5-4.33.1 is installed OR libGraphicsMagick2-1.2.5-4.33.1 is installed OR perl-GraphicsMagick-1.2.5-4.33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND checkbashisms-2.12.6-3 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND libgme-devel-0.6.0-5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND apache2-devel-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND argyllcms-1.6.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information colord-1.1.7-5 is installed OR colord-lang-1.1.7-5 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-47.1 is installed OR libMagick++-6_Q16-3-6.8.8.1-47.1 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-47.1 is installed

BACK