OVAL Reference oval:org.opensuse.security:def:5745

Oval Definition:

oval:org.opensuse.security:def:5745

Revision Date:	2021-06-17	Version:	1
Title:	Security update for jetty-minimal (Important)
Description:	This update for jetty-minimal fixes the following issues: Update to version 9.4.42.v20210604 - Fix: bsc#1187117, CVE-2021-28169 - possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory - Fix: bsc#1184367, CVE-2021-28165 - jetty server high CPU when client send data length > 17408 - Fix: bsc#1184368, CVE-2021-28164 - Normalize ambiguous URIs - Fix: bsc#1184366, CVE-2021-28163 - Exclude webapps directory from deployment scan
Family:	unix	Class:	patch
Status:		Reference(s):	1065600 1066382 1149032 1163592 1164648 1170415 1175721 1175749 1176354 1177281 1177766 1177799 1177801 1178166 1178173 1178175 1178176 1178177 1178183 1178184 1178185 1178186 1178190 1178191 1178255 1178307 1178330 1178395 1184366 1184367 1184368 1187117 CVE-2006-4197 CVE-2007-4129 CVE-2007-6720 CVE-2009-0179 CVE-2009-0793 CVE-2009-2473 CVE-2009-2474 CVE-2009-3995 CVE-2009-3996 CVE-2010-0750 CVE-2010-2546 CVE-2011-1485 CVE-2012-4453 CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 CVE-2013-2126 CVE-2013-2127 CVE-2013-4276 CVE-2013-4282 CVE-2013-4288 CVE-2013-4314 CVE-2014-0250 CVE-2014-0791 CVE-2014-2653 CVE-2014-3555 CVE-2014-6414 CVE-2014-7821 CVE-2014-8153 CVE-2015-3218 CVE-2015-3247 CVE-2015-3255 CVE-2015-3256 CVE-2015-4625 CVE-2015-5260 CVE-2015-5261 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-8325 CVE-2016-0749 CVE-2016-0777 CVE-2016-0778 CVE-2016-1908 CVE-2016-2150 CVE-2016-3115 CVE-2016-6210 CVE-2016-6515 CVE-2016-8637 CVE-2016-9957 CVE-2016-9958 CVE-2016-9959 CVE-2016-9960 CVE-2016-9961 CVE-2020-25656 CVE-2020-25705 CVE-2020-8694 CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-28169 SUSE-SU-2020:3273-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise for SAP 12 SP2 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP2 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information openstack-neutron-2014.2.2.dev26-3 is installed OR openstack-neutron-dhcp-agent-2014.2.2.dev26-3 is installed OR openstack-neutron-ha-tool-2014.2.2.dev26-3 is installed OR openstack-neutron-l3-agent-2014.2.2.dev26-3 is installed OR openstack-neutron-lbaas-agent-2014.2.2.dev26-3 is installed OR openstack-neutron-linuxbridge-agent-2014.2.2.dev26-3 is installed OR openstack-neutron-metadata-agent-2014.2.2.dev26-3 is installed OR openstack-neutron-metering-agent-2014.2.2.dev26-3 is installed OR openstack-neutron-openvswitch-agent-2014.2.2.dev26-3 is installed OR openstack-neutron-vpn-agent-2014.2.2.dev26-3 is installed OR python-neutron-2014.2.2.dev26-3 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information cups-1.7.5-5 is installed OR cups-ddk-1.7.5-5 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information python-tdb-1.3.8-4 is installed OR python-tevent-0.9.26-4 is installed OR tdb-1.3.8-4 is installed OR tevent-0.9.26-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information coreutils-8.22-5 is installed OR coreutils-lang-8.22-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND libmusicbrainz4-2.1.5-27 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND coolkey-1.1.0-147 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND clamav-0.100.2-33.18 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_48-52_27-default-5-2.2 is installed OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_8-5-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information MozillaFirefox-52.2.0esr-108.3 is installed OR MozillaFirefox-branding-SLE-52-31.1 is installed OR MozillaFirefox-devel-52.2.0esr-108.3 is installed OR MozillaFirefox-translations-52.2.0esr-108.3 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP2 is installed AND cryptctl-1.2.6-5.3.11 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5 is installed OR libnetfilter_cthelper-1.0.0-7 is installed OR libnetfilter_cthelper0-1.0.0-7 is installed OR libnetfilter_cttimeout-1.0.0-9 is installed OR libnetfilter_cttimeout1-1.0.0-9 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-28.8 is installed OR samba-4.2.4-28.8 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND python-PyYAML-3.10-17 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.82-6.3 is installed OR dlm-kmp-default-4.4.82-6.3 is installed OR gfs2-kmp-default-4.4.82-6.3 is installed OR kernel-default-4.4.82-6.3 is installed OR ocfs2-kmp-default-4.4.82-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND libpcreposix0-8.39-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information apache2-mod_apparmor-2.8.2-51.18 is installed OR apparmor-docs-2.8.2-51.18 is installed OR apparmor-parser-2.8.2-51.18 is installed OR apparmor-profiles-2.8.2-51.18 is installed OR apparmor-utils-2.8.2-51.18 is installed OR libapparmor1-2.8.2-51.18 is installed OR libapparmor1-32bit-2.8.2-51.18 is installed OR pam_apparmor-2.8.2-51.18 is installed OR pam_apparmor-32bit-2.8.2-51.18 is installed OR perl-apparmor-2.8.2-51.18 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-2-7 is installed OR kgraft-patch-3_12_38-44-xen-2-7 is installed OR kgraft-patch-SLE12_Update_3-2-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-4 is installed OR php5-5.5.14-4 is installed OR php5-bcmath-5.5.14-4 is installed OR php5-bz2-5.5.14-4 is installed OR php5-calendar-5.5.14-4 is installed OR php5-ctype-5.5.14-4 is installed OR php5-curl-5.5.14-4 is installed OR php5-dba-5.5.14-4 is installed OR php5-dom-5.5.14-4 is installed OR php5-enchant-5.5.14-4 is installed OR php5-exif-5.5.14-4 is installed OR php5-fastcgi-5.5.14-4 is installed OR php5-fileinfo-5.5.14-4 is installed OR php5-fpm-5.5.14-4 is installed OR php5-ftp-5.5.14-4 is installed OR php5-gd-5.5.14-4 is installed OR php5-gettext-5.5.14-4 is installed OR php5-gmp-5.5.14-4 is installed OR php5-iconv-5.5.14-4 is installed OR php5-intl-5.5.14-4 is installed OR php5-json-5.5.14-4 is installed OR php5-ldap-5.5.14-4 is installed OR php5-mbstring-5.5.14-4 is installed OR php5-mcrypt-5.5.14-4 is installed OR php5-mysql-5.5.14-4 is installed OR php5-odbc-5.5.14-4 is installed OR php5-openssl-5.5.14-4 is installed OR php5-pcntl-5.5.14-4 is installed OR php5-pdo-5.5.14-4 is installed OR php5-pear-5.5.14-4 is installed OR php5-pgsql-5.5.14-4 is installed OR php5-pspell-5.5.14-4 is installed OR php5-shmop-5.5.14-4 is installed OR php5-snmp-5.5.14-4 is installed OR php5-soap-5.5.14-4 is installed OR php5-sockets-5.5.14-4 is installed OR php5-sqlite-5.5.14-4 is installed OR php5-suhosin-5.5.14-4 is installed OR php5-sysvmsg-5.5.14-4 is installed OR php5-sysvsem-5.5.14-4 is installed OR php5-sysvshm-5.5.14-4 is installed OR php5-tokenizer-5.5.14-4 is installed OR php5-wddx-5.5.14-4 is installed OR php5-xmlreader-5.5.14-4 is installed OR php5-xmlrpc-5.5.14-4 is installed OR php5-xmlwriter-5.5.14-4 is installed OR php5-xsl-5.5.14-4 is installed OR php5-zip-5.5.14-4 is installed OR php5-zlib-5.5.14-4 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP2 is installed AND Package Information cluster-md-kmp-rt-4.4.95-21.1 is installed OR cluster-network-kmp-rt-4.4.95-21.1 is installed OR dlm-kmp-rt-4.4.95-21.1 is installed OR gfs2-kmp-rt-4.4.95-21.1 is installed OR kernel-devel-rt-4.4.95-21.1 is installed OR kernel-rt-4.4.95-21.1 is installed OR kernel-rt-base-4.4.95-21.1 is installed OR kernel-rt-devel-4.4.95-21.1 is installed OR kernel-rt_debug-4.4.95-21.1 is installed OR kernel-rt_debug-devel-4.4.95-21.1 is installed OR kernel-source-rt-4.4.95-21.1 is installed OR kernel-syms-rt-4.4.95-21.1 is installed OR ocfs2-kmp-rt-4.4.95-21.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 is installed AND Package Information gnome-screensaver-2.24.0-14.27.1 is installed OR gnome-screensaver-lang-2.24.0-14.27.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information xen-4.0.3_21548_16-0.5.1 is installed OR xen-doc-html-4.0.3_21548_16-0.5.1 is installed OR xen-doc-pdf-4.0.3_21548_16-0.5.1 is installed OR xen-kmp-default-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 is installed OR xen-kmp-pae-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 is installed OR xen-kmp-trace-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 is installed OR xen-libs-4.0.3_21548_16-0.5.1 is installed OR xen-tools-4.0.3_21548_16-0.5.1 is installed OR xen-tools-domU-4.0.3_21548_16-0.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information findutils-4.4.0-38.26.1 is installed OR findutils-locate-4.4.0-38.26.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2-LTSS is installed AND Package Information xen-4.1.6_06-0.5.1 is installed OR xen-devel-4.1.6_06-0.5.1 is installed OR xen-doc-html-4.1.6_06-0.5.1 is installed OR xen-doc-pdf-4.1.6_06-0.5.1 is installed OR xen-kmp-default-4.1.6_06_3.0.101_0.7.17-0.5.1 is installed OR xen-kmp-pae-4.1.6_06_3.0.101_0.7.17-0.5.1 is installed OR xen-kmp-trace-4.1.6_06_3.0.101_0.7.17-0.5.1 is installed OR xen-libs-4.1.6_06-0.5.1 is installed OR xen-libs-32bit-4.1.6_06-0.5.1 is installed OR xen-tools-4.1.6_06-0.5.1 is installed OR xen-tools-domU-4.1.6_06-0.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND curl-7.19.7-1.46.1 is installed OR libcurl4-7.19.7-1.46.1 is installed OR libcurl4-32bit-7.19.7-1.46.1 is installed OR libcurl4-x86-7.19.7-1.46.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND curl-7.19.7-1.46.1 is installed OR libcurl4-7.19.7-1.46.1 is installed OR libcurl4-32bit-7.19.7-1.46.1 is installed OR libcurl4-x86-7.19.7-1.46.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND apache2-mod_jk-1.2.40-0.2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libgc1-7.2d-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_51-52_39-default-7-2.1 is installed OR kgraft-patch-3_12_51-52_39-xen-7-2.1 is installed OR kgraft-patch-SLE12_Update_11-7-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information apache-commons-daemon-1.0.15-4 is installed OR apache-commons-daemon-javadoc-1.0.15-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information kgraft-patch-3_12_74-60_64_82-default-3-2 is installed OR kgraft-patch-3_12_74-60_64_82-xen-3-2 is installed OR kgraft-patch-SLE12-SP1_Update_25-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information lighttpd-1.4.20-2.52.1 is installed OR lighttpd-mod_cml-1.4.20-2.52.1 is installed OR lighttpd-mod_magnet-1.4.20-2.52.1 is installed OR lighttpd-mod_mysql_vhost-1.4.20-2.52.1 is installed OR lighttpd-mod_rrdtool-1.4.20-2.52.1 is installed OR lighttpd-mod_trigger_b4_dl-1.4.20-2.52.1 is installed OR lighttpd-mod_webdav-1.4.20-2.52.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13.2 is installed OR MozillaFirefox-devel-31.8.0esr-0.13.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND libXvMC-devel-1.0.8-3 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND cifs-utils-devel-6.4-6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND apache2-devel-2.4.23-14 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND libopenssl-1_0_0-devel-1.0.2p-2 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND libid3tag0-0.15.1b-184.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.37 is installed OR kernel-default-extra-5.3.18-24.37 is installed

BACK