Oval Definition:	oval:org.opensuse.security:def:58247
Revision Date: 2020-12-01 Version: 1 Title: Security update for apache2 (Important) Description: This update for apache2 fixes the following issues: CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for URL normalization throughout all of its components. In particular, consecutive slashes were not always collapsed. Attackers could potentially abuse these inconsistencies to by-pass access control mechanisms and thus gain unauthorized access to protected parts of the service. [bsc#1131241] CVE-2019-0217: A race condition in Apache's 'mod_auth_digest' when running in a threaded server could have allowed users with valid credentials to authenticate using another username, bypassing configured access control restrictions. [bsc#1131239] CVE-2019-0211: A flaw in the Apache HTTP Server allowed less-privileged child processes or threads to execute arbitrary code with the privileges of the parent process. Attackers with control over CGI scripts or extension modules run by the server could have abused this issue to potentially gain super user privileges. [bsc#1131233] CVE-2019-0197: When HTTP/2 support was enabled in the Apache server for a 'http' host or H2Upgrade was enabled for h2 on a 'https' host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. This issue could have been abused to mount a denial-of-service attack. Servers that never enabled the h2 protocol or that only enabled it for https: and did not configure the 'H2Upgrade on' are unaffected. [bsc#1131245] CVE-2019-0196: Through specially crafted network input the Apache's http/2 request handler could be lead to access previously freed memory while determining the method of a request. This resulted in the request being misclassified and thus being processed incorrectly. [bsc#1131237] Family: unix Class: patch Status: Reference(s): 1000201 1007255 1012382 1015203 1016259 1022610 1022804 1029696 1031529 1031717 1036789 1042286 1046610 1057734 1060877 1062604 1064232 1065364 1070536 1075428 1076847 1077560 1080919 1082153 1082299 1082519 1082863 1083125 1083624 1083745 1083836 1084353 1084536 1084610 1084682 1084721 1084829 1085042 1085185 1085224 1085402 1085404 1086162 1086194 1087088 1087260 1087845 1087920 1088241 1088242 1088600 1088684 1088810 1089066 1089198 1089608 1089644 1089752 1090643 1092903 1094466 1095344 1096547 1097104 1099597 1099811 1099813 1099844 1099845 1099846 1099849 1099863 1099864 1099922 1099993 1099999 1100000 1100001 1100152 1102517 1102715 1102870 1103445 1104319 1104495 1105292 1105296 1105322 1105348 1105396 1105536 1106016 1106095 1106369 1106509 1106511 1106512 1106594 1107689 1107735 1107966 1108239 1108399 1109333 1111331 1121563 1125352 1126056 1127557 1128657 1129622 1130230 1130675 1131233 1131237 1131239 1131241 1131245 1132348 1132400 1132721 1144524 1153451 1153459 1154862 1159478 1159479 1159482 1159486 1166847 1167068 1170558 1171363 1173902 1173994 1176409 1176412 682920 955942 CVE-2016-9082 CVE-2017-12166 CVE-2017-18257 CVE-2017-6507 CVE-2017-7475 CVE-2018-10087 CVE-2018-10124 CVE-2018-1063 CVE-2018-10853 CVE-2018-1087 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-10879 CVE-2018-10880 CVE-2018-10881 CVE-2018-10882 CVE-2018-10883 CVE-2018-10902 CVE-2018-10938 CVE-2018-10940 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-12896 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-14617 CVE-2018-14678 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276 CVE-2018-16658 CVE-2018-17182 CVE-2018-20815 CVE-2018-6554 CVE-2018-6555 CVE-2018-6954 CVE-2018-7480 CVE-2018-7740 CVE-2018-7757 CVE-2018-8043 CVE-2018-8781 CVE-2018-8822 CVE-2018-8897 CVE-2018-9363 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-11091 CVE-2019-13456 CVE-2019-17041 CVE-2019-17042 CVE-2019-17185 CVE-2019-17498 CVE-2019-18388 CVE-2019-18389 CVE-2019-18390 CVE-2019-18391 CVE-2019-3842 CVE-2019-6454 CVE-2019-9824 CVE-2020-12108 CVE-2020-12137 CVE-2020-14318 CVE-2020-14323 CVE-2020-14392 CVE-2020-14393 SUSE-SU-2017:1151-1 SUSE-SU-2017:1671-1 SUSE-SU-2017:2839-1 SUSE-SU-2018:0926-1 SUSE-SU-2018:3084-1 SUSE-SU-2019:0878-1 SUSE-SU-2019:2936-1 SUSE-SU-2020:0016-1 SUSE-SU-2020:0512-1 SUSE-SU-2020:1301-1 SUSE-SU-2020:2391-1 SUSE-SU-2020:2661-1 SUSE-SU-2020:3083-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.0 NonFree openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information NetworkManager-1.10.6-lp150.3 is installed OR NetworkManager-lang-1.10.6-lp150.3 is installed OR libnm-glib-vpn1-1.10.6-lp150.3 is installed OR libnm-glib4-1.10.6-lp150.3 is installed OR libnm-util2-1.10.6-lp150.3 is installed OR libnm0-1.10.6-lp150.3 is installed OR typelib-1_0-NM-1_0-1.10.6-lp150.3 is installed OR typelib-1_0-NMClient-1_0-1.10.6-lp150.3 is installed OR typelib-1_0-NetworkManager-1_0-1.10.6-lp150.3 is installed Definition Synopsis openSUSE Leap 15.0 NonFree is installed AND opera-54.0.2952.41-lp150.2.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-firmware-20190618-lp151.2.6 is installed OR ucode-amd-20190618-lp151.2.6 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-68.0.3618.63-lp151.2.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cairo-1.15.2-24 is installed OR libcairo-gobject2-1.15.2-24 is installed OR libcairo-gobject2-32bit-1.15.2-24 is installed OR libcairo-script-interpreter2-1.15.2-24 is installed OR libcairo2-1.15.2-24 is installed OR libcairo2-32bit-1.15.2-24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.95 is installed OR kernel-default-base-4.4.121-92.95 is installed OR kernel-default-devel-4.4.121-92.95 is installed OR kernel-devel-4.4.121-92.95 is installed OR kernel-macros-4.4.121-92.95 is installed OR kernel-source-4.4.121-92.95 is installed OR kernel-syms-4.4.121-92.95 is installed OR lttng-modules-2.7.1-9.6 is installed OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.73 is installed OR kernel-default-base-4.4.121-92.73 is installed OR kernel-default-devel-4.4.121-92.73 is installed OR kernel-devel-4.4.121-92.73 is installed OR kernel-macros-4.4.121-92.73 is installed OR kernel-source-4.4.121-92.73 is installed OR kernel-syms-4.4.121-92.73 is installed OR kgraft-patch-4_4_121-92_73-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_21-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXxf86vm1-1.1.3-3 is installed OR libXxf86vm1-32bit-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libXfont1-1.5.1-11.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.40 is installed OR apache2-doc-2.4.23-29.40 is installed OR apache2-example-pages-2.4.23-29.40 is installed OR apache2-prefork-2.4.23-29.40 is installed OR apache2-utils-2.4.23-29.40 is installed OR apache2-worker-2.4.23-29.40 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
BACK