OVAL Reference oval:org.opensuse.security:def:58477

Oval Definition:

oval:org.opensuse.security:def:58477

Revision Date:	2020-12-01	Version:	1
Title:	Security update for apache2 (Moderate)
Description:	This update for apache2 provides the following fixes: Security issues fixed: - CVE-2017-3167: In Apache use of httpd ap_get_basic_auth_pw() outside of the authentication phase could lead to authentication requirements bypass (bsc#1045065) - CVE-2017-3169: In mod_ssl may have a dereference NULL pointer issue which could lead to denial of service (bsc#1045062) - CVE-2017-7679: In mod_mime can buffer over-read by 1 byte, potentially leading to a crash or information disclosure (bsc#1045060) Non-Security issues fixed: - Remove /usr/bin/http2 symlink only during apache2 package uninstall, not upgrade. (bsc#1041830) - In gensslcert, use hostname when fqdn is too long. (bsc#1035829)
Family:	unix	Class:	patch
Status:		Reference(s):	1010977 1010979 1011830 1012530 1015351 1015964 1015993 1024145 1027519 1027593 1035829 1039361 1041830 1042419 1044084 1044995 1045060 1045062 1045065 1050707 1058565 1058622 1058624 1060427 1063008 1091107 1103276 1106222 1109663 1109847 1110910 1111006 1111010 1111013 1114422 1125401 1128525 1135170 1138459 1155094 1162224 1162367 1162825 1165894 1167231 1169511 1170715 1172698 1172704 1173576 1173613 1174421 981124 986631 986639 CVE-2016-5824 CVE-2016-5827 CVE-2016-8654 CVE-2016-9395 CVE-2016-9398 CVE-2016-9560 CVE-2016-9584 CVE-2016-9591 CVE-2017-1000367 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-14746 CVE-2017-15275 CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2018-1000802 CVE-2018-10839 CVE-2018-14647 CVE-2018-15746 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 CVE-2018-18849 CVE-2018-3646 CVE-2019-10160 CVE-2019-18348 CVE-2019-5436 CVE-2019-8936 CVE-2019-9674 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-15705 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-8023 CVE-2020-8492 SUSE-SU-2017:0084-1 SUSE-SU-2017:1450-1 SUSE-SU-2017:1714-1 SUSE-SU-2017:1989-1 SUSE-SU-2017:2650-1 SUSE-SU-2017:3086-1 SUSE-SU-2018:2410-1 SUSE-SU-2018:4237-1 SUSE-SU-2019:0789-1 SUSE-SU-2019:1363-1 SUSE-SU-2020:0854-1 SUSE-SU-2020:2308-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND iputils-s20161105-lp150.5 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information gvim-8.0.1568-lp151.5.3 is installed OR vim-8.0.1568-lp151.5.3 is installed OR vim-data-8.0.1568-lp151.5.3 is installed OR vim-data-common-8.0.1568-lp151.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information curl-7.37.0-37.40 is installed OR libcurl4-7.37.0-37.40 is installed OR libcurl4-32bit-7.37.0-37.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.6_04-43.39 is installed OR xen-doc-html-4.7.6_04-43.39 is installed OR xen-libs-4.7.6_04-43.39 is installed OR xen-libs-32bit-4.7.6_04-43.39 is installed OR xen-tools-4.7.6_04-43.39 is installed OR xen-tools-domU-4.7.6_04-43.39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-default-kgraft-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed OR kgraft-patch-4_4_180-94_113-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_30-1-4.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.107 is installed OR kernel-default-base-4.4.180-94.107 is installed OR kernel-default-devel-4.4.180-94.107 is installed OR kernel-default-kgraft-4.4.180-94.107 is installed OR kernel-default-man-4.4.180-94.107 is installed OR kernel-devel-4.4.180-94.107 is installed OR kernel-macros-4.4.180-94.107 is installed OR kernel-source-4.4.180-94.107 is installed OR kernel-syms-4.4.180-94.107 is installed OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libldap-2_4-2-2.4.41-18.43 is installed OR libldap-2_4-2-32bit-2.4.41-18.43 is installed OR openldap2-2.4.41-18.43 is installed OR openldap2-back-meta-2.4.41-18.43 is installed OR openldap2-client-2.4.41-18.43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND gd-2.1.0-24.9 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-SQLAlchemy-1.1.12-3.5 is installed

BACK