OVAL Reference oval:org.opensuse.security:def:57570

Oval Definition:

oval:org.opensuse.security:def:57570

Revision Date:	2021-03-24	Version:	1
Title:	Security update for nghttp2 (Important)
Description:	This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2020-11080: HTTP/2 Large Settings Frame DoS (bsc#1181358). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service (bsc#1146184). - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146182). - CVE-2018-1000168: Fixed ALTSVC frame client side denial of service (bsc#1088639). - CVE-2016-1544: Fixed out of memory due to unlimited incoming HTTP header fields (bsc#966514). Bug fixes and enhancements: - Packages must not mark license files as %doc (bsc#1082318) - Typo in description of libnghttp2_asio1 (bsc#962914) - Fixed mistake in spec file (bsc#1125689) - Fixed build issue with boost 1.70.0 (bsc#1134616) - Fixed build issue with GCC 6 (bsc#964140) - Feature: Add W&S module (FATE#326776, bsc#1112438)
Family:	unix	Class:	patch
Status:		Reference(s):	1012382 1015187 1039616 1047487 1060653 1061876 1063043 1063824 1064311 1065180 1068032 1068951 1071009 1072556 1072962 1073090 1073230 1073792 1073809 1073874 1073912 1076017 1082318 1083488 1085114 1085447 1088639 1092885 1112438 1123823 1123828 1123832 1125689 1134616 1136085 1141670 1144903 1146182 1146184 1153108 1153158 1153161 1157763 1159723 1159729 1163933 1164825 1171928 1181358 914890 916927 962914 964063 964140 965901 966514 969470 CVE-2004-2771 CVE-2009-1886 CVE-2009-1888 CVE-2009-2666 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1167 CVE-2010-1635 CVE-2010-1642 CVE-2010-2063 CVE-2010-3069 CVE-2011-0719 CVE-2011-1947 CVE-2011-2522 CVE-2011-2694 CVE-2011-3389 CVE-2012-0817 CVE-2012-0870 CVE-2012-1182 CVE-2012-2111 CVE-2012-3482 CVE-2012-6150 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0454 CVE-2013-1863 CVE-2013-4124 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6442 CVE-2014-0178 CVE-2014-0239 CVE-2014-0244 CVE-2014-2524 CVE-2014-3493 CVE-2014-3560 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2014-7844 CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-8143 CVE-2014-9655 CVE-2015-0240 CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-7560 CVE-2015-8467 CVE-2015-9542 CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 CVE-2016-1544 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-2119 CVE-2016-9933 CVE-2017-1000254 CVE-2017-1000257 CVE-2017-13166 CVE-2017-17805 CVE-2017-17806 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2018-1000004 CVE-2018-1000168 CVE-2018-1068 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 CVE-2018-3639 CVE-2018-7566 CVE-2019-0221 CVE-2019-10220 CVE-2019-12418 CVE-2019-15961 CVE-2019-17133 CVE-2019-17563 CVE-2019-17569 CVE-2019-9511 CVE-2019-9513 CVE-2020-11080 CVE-2020-9484 SUSE-SU-2015:1420-1 SUSE-SU-2016:0400-1 SUSE-SU-2016:3211-1 SUSE-SU-2017:2831-1 SUSE-SU-2018:0012-1 SUSE-SU-2018:1019-1 SUSE-SU-2018:1614-1 SUSE-SU-2019:0313-1 SUSE-SU-2019:3177-1 SUSE-SU-2020:1117-1 SUSE-SU-2020:1498-1 SUSE-SU-2021:0932-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libXext6-1.3.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libmariadb-devel-3.1.2-lp151.3.3 is installed OR libmariadb3-3.1.2-lp151.3.3 is installed OR libmariadb3-32bit-3.1.2-lp151.3.3 is installed OR libmariadb_plugins-3.1.2-lp151.3.3 is installed OR libmariadbprivate-3.1.2-lp151.3.3 is installed OR libmysqld-devel-10.2.25-lp151.2.3 is installed OR libmysqld19-10.2.25-lp151.2.3 is installed OR mariadb-10.2.25-lp151.2.3 is installed OR mariadb-bench-10.2.25-lp151.2.3 is installed OR mariadb-client-10.2.25-lp151.2.3 is installed OR mariadb-connector-c-3.1.2-lp151.3.3 is installed OR mariadb-errormessages-10.2.25-lp151.2.3 is installed OR mariadb-galera-10.2.25-lp151.2.3 is installed OR mariadb-test-10.2.25-lp151.2.3 is installed OR mariadb-tools-10.2.25-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.569-0.35 is installed OR flash-player-gnome-11.2.202.569-0.35 is installed OR flash-player-kde4-11.2.202.569-0.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information pam_radius-1.3.16-239.4 is installed OR pam_radius-32bit-1.3.16-239.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information bash-4.3-78 is installed OR bash-doc-4.3-78 is installed OR libreadline6-6.3-78 is installed OR libreadline6-32bit-6.3-78 is installed OR readline-doc-6.3-78 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.5_02-43.30 is installed OR xen-doc-html-4.7.5_02-43.30 is installed OR xen-libs-4.7.5_02-43.30 is installed OR xen-libs-32bit-4.7.5_02-43.30 is installed OR xen-tools-4.7.5_02-43.30 is installed OR xen-tools-domU-4.7.5_02-43.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180703-13.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_20-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_8-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND libnghttp2-14-1.39.2-3.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsystemd0-228-150.63 is installed OR libsystemd0-32bit-228-150.63 is installed OR libudev1-228-150.63 is installed OR libudev1-32bit-228-150.63 is installed OR systemd-228-150.63 is installed OR systemd-32bit-228-150.63 is installed OR systemd-bash-completion-228-150.63 is installed OR systemd-sysvinit-228-150.63 is installed OR udev-228-150.63 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND git-core-2.12.3-27.14 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information git-2.12.3-27.22 is installed OR git-core-2.12.3-27.22 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed

BACK