OVAL Reference oval:org.opensuse.security:def:59195

Oval Definition:

oval:org.opensuse.security:def:59195

Revision Date:	2020-12-01	Version:	1
Title:	Security update for apache2 (Important)
Description:	This update for apache2 fixes the following issues: CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for URL normalization throughout all of its components. In particular, consecutive slashes were not always collapsed. Attackers could potentially abuse these inconsistencies to by-pass access control mechanisms and thus gain unauthorized access to protected parts of the service. [bsc#1131241] CVE-2019-0217: A race condition in Apache's 'mod_auth_digest' when running in a threaded server could have allowed users with valid credentials to authenticate using another username, bypassing configured access control restrictions. [bsc#1131239] CVE-2019-0211: A flaw in the Apache HTTP Server allowed less-privileged child processes or threads to execute arbitrary code with the privileges of the parent process. Attackers with control over CGI scripts or extension modules run by the server could have abused this issue to potentially gain super user privileges. [bsc#1131233] CVE-2019-0197: When HTTP/2 support was enabled in the Apache server for a 'http' host or H2Upgrade was enabled for h2 on a 'https' host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. This issue could have been abused to mount a denial-of-service attack. Servers that never enabled the h2 protocol or that only enabled it for https: and did not configure the 'H2Upgrade on' are unaffected. [bsc#1131245] CVE-2019-0196: Through specially crafted network input the Apache's http/2 request handler could be lead to access previously freed memory while determining the method of a request. This resulted in the request being misclassified and thus being processed incorrectly. [bsc#1131237]
Family:	unix	Class:	patch
Status:		Reference(s):	1016715 1027519 1043983 1048072 1055265 1056286 1056782 1058754 1058755 1058757 1062452 1069607 1069632 1073002 1078782 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1087433 1087434 1087436 1087437 1087440 1087441 1102680 1104826 1105528 1108940 1109663 1109847 1112530 1112532 1114423 1115040 1115045 1115047 1116380 1117756 1130611 1130617 1130620 1130622 1130623 1130627 1131233 1131237 1131239 1131241 1131245 1138459 1141853 1145092 1152990 1152992 1152994 1152995 1168422 1171252 1171254 1171517 1172275 1173455 1174415 1176579 1177513 CVE-2009-0023 CVE-2009-1191 CVE-2009-1195 CVE-2009-1890 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 CVE-2009-2412 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 CVE-2009-3560 CVE-2009-3720 CVE-2010-0408 CVE-2010-0425 CVE-2010-0434 CVE-2010-1452 CVE-2010-1623 CVE-2010-2068 CVE-2011-1176 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2013-1896 CVE-2013-2249 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-2924 CVE-2015-4000 CVE-2015-9096 CVE-2016-0736 CVE-2016-0764 CVE-2016-1546 CVE-2016-2161 CVE-2016-2339 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-7798 CVE-2016-8740 CVE-2016-8743 CVE-2016-8743 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2017-9228 CVE-2017-9229 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-1000802 CVE-2018-14574 CVE-2018-14647 CVE-2018-16395 CVE-2018-16396 CVE-2018-18849 CVE-2018-19665 CVE-2018-19961 CVE-2018-19962 CVE-2018-19965 CVE-2018-19966 CVE-2018-20852 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-10160 CVE-2019-10160 CVE-2019-10208 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2020-10663 CVE-2020-12653 CVE-2020-12654 CVE-2020-1472 CVE-2020-15049 CVE-2020-15900 CVE-2020-25645 CVE-2020-3898 SUSE-SU-2018:2815-2 SUSE-SU-2018:3549-1 SUSE-SU-2019:0020-1 SUSE-SU-2019:0878-1 SUSE-SU-2019:2091-1 SUSE-SU-2019:2159-1 SUSE-SU-2020:1045-1 SUSE-SU-2020:1570-1 SUSE-SU-2020:2097-1 SUSE-SU-2020:2724-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libblkid1-2.31.1-lp150.6 is installed OR libblkid1-32bit-2.31.1-lp150.6 is installed OR libfdisk1-2.31.1-lp150.6 is installed OR libmount1-2.31.1-lp150.6 is installed OR libsmartcols1-2.31.1-lp150.6 is installed OR libuuid1-2.31.1-lp150.6 is installed OR libuuid1-32bit-2.31.1-lp150.6 is installed OR util-linux-2.31.1-lp150.6 is installed OR util-linux-lang-2.31.1-lp150.6 is installed OR util-linux-systemd-2.31.1-lp150.6 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information djvulibre-3.5.27-lp151.3.6 is installed OR djvulibre-doc-3.5.27-lp151.3.6 is installed OR libdjvulibre-devel-3.5.27-lp151.3.6 is installed OR libdjvulibre21-3.5.27-lp151.3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information apache2-2.4.23-29.40 is installed OR apache2-doc-2.4.23-29.40 is installed OR apache2-example-pages-2.4.23-29.40 is installed OR apache2-prefork-2.4.23-29.40 is installed OR apache2-utils-2.4.23-29.40 is installed OR apache2-worker-2.4.23-29.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_7_0-openjdk-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-demo-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-devel-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-headless-1.7.0.261-43.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_64-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information curl-7.37.0-37.31 is installed OR libcurl4-7.37.0-37.31 is installed OR libcurl4-32bit-7.37.0-37.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND ft2demos-2.6.3-7.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information cups-1.7.5-20.29 is installed OR cups-client-1.7.5-20.29 is installed OR cups-libs-1.7.5-20.29 is installed OR cups-libs-32bit-1.7.5-20.29 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information ardana-ansible-9.0+git.1566374020.301191f-3.7 is installed OR ardana-barbican-9.0+git.1566251498.be02ca4-3.7 is installed OR ardana-cinder-9.0+git.1565678764.c3a9b9f-3.7 is installed OR ardana-cluster-9.0+git.1559333871.40508f7-3.7 is installed OR ardana-cobbler-9.0+git.1566336494.93967dd-3.7 is installed OR ardana-db-9.0+git.1564409964.b7e4fc3-3.7 is installed OR ardana-designate-9.0+git.1565680593.df7a432-3.7 is installed OR ardana-extensions-nsx-9.0+git.1566213657.69862ab-8 is installed OR ardana-glance-9.0+git.1566375806.f0b2333-3.7 is installed OR ardana-heat-9.0+git.1565721273.f44b8d7-3.7 is installed OR ardana-horizon-9.0+git.1565891518.2a545a1-3.7 is installed OR ardana-input-model-9.0+git.1562848565.91e75b2-3.7 is installed OR ardana-installer-ui-9.0+git.1566255088.3443670-3.7 is installed OR ardana-ironic-9.0+git.1565721987.ddc59c8-3.7 is installed OR ardana-keystone-9.0+git.1565891593.cad6d1a-3.7 is installed OR ardana-logging-9.0+git.1565761582.2dc823a-3.7 is installed OR ardana-magnum-9.0+git.1565762005.016032a-3.7 is installed OR ardana-monasca-9.0+git.1566332665.ad894c0-3.7 is installed OR ardana-mq-9.0+git.1565115025.148d092-3.7 is installed OR ardana-neutron-9.0+git.1566251310.3a1e8f9-3.7 is installed OR ardana-nova-9.0+git.1566332515.e232568-3.7 is installed OR ardana-octavia-9.0+git.1566206502.6c87b41-3.7 is installed OR ardana-opsconsole-9.0+git.1566251377.b1caeaa-3.7 is installed OR ardana-opsconsole-ui-9.0+git.1555530925.206f1a8-4.7 is installed OR ardana-osconfig-9.0+git.1565764394.545b573-3.7 is installed OR ardana-service-9.0+git.1564706915.edd44c4-3.7 is installed OR ardana-ses-9.0+git.1565962617.523149b-3.7 is installed OR ardana-swift-9.0+git.1565891872.73fc3c7-3.7 is installed OR ardana-swiftlm-drive-provision-9.0+git.1541434883.e0ebe69-8 is installed OR ardana-swiftlm-log-tailer-9.0+git.1541434883.e0ebe69-8 is installed OR ardana-swiftlm-uptime-mon-9.0+git.1541434883.e0ebe69-8 is installed OR ardana-tempest-9.0+git.1566471752.a3c5c9c-3.7 is installed OR openstack-ceilometer-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-central-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-polling-11.0.2~dev14-3.7 is installed OR openstack-cinder-13.0.7~dev3-3.7 is installed OR openstack-cinder-api-13.0.7~dev3-3.7 is installed OR openstack-cinder-backup-13.0.7~dev3-3.7 is installed OR openstack-cinder-scheduler-13.0.7~dev3-3.7 is installed OR openstack-cinder-volume-13.0.7~dev3-3.7 is installed OR openstack-designate-7.0.1~dev21-3.7 is installed OR openstack-designate-agent-7.0.1~dev21-3.7 is installed OR openstack-designate-api-7.0.1~dev21-3.7 is installed OR openstack-designate-central-7.0.1~dev21-3.7 is installed OR openstack-designate-producer-7.0.1~dev21-3.7 is installed OR openstack-designate-sink-7.0.1~dev21-3.7 is installed OR openstack-designate-worker-7.0.1~dev21-3.7 is installed OR openstack-heat-11.0.3~dev19-3.7 is installed OR openstack-heat-api-11.0.3~dev19-3.7 is installed OR openstack-heat-api-cfn-11.0.3~dev19-3.7 is installed OR openstack-heat-engine-11.0.3~dev19-3.7 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev19-3.7 is installed OR openstack-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR openstack-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR openstack-ironic-11.1.4~dev9-3.7 is installed OR openstack-ironic-api-11.1.4~dev9-3.7 is installed OR openstack-ironic-conductor-11.1.4~dev9-3.7 is installed OR openstack-ironic-python-agent-3.3.3~dev4-3.7 is installed OR openstack-keystone-14.1.1~dev8-3.7 is installed OR openstack-magnum-7.1.1~dev28-3.7 is installed OR openstack-magnum-api-7.1.1~dev28-3.7 is installed OR openstack-magnum-conductor-7.1.1~dev28-3.7 is installed OR openstack-manila-7.3.1~dev3-4.7 is installed OR openstack-manila-api-7.3.1~dev3-4.7 is installed OR openstack-manila-data-7.3.1~dev3-4.7 is installed OR openstack-manila-scheduler-7.3.1~dev3-4.7 is installed OR openstack-manila-share-7.3.1~dev3-4.7 is installed OR openstack-monasca-notification-1.14.2~dev1-6.7 is installed OR openstack-monasca-persister-1.12.1~dev9-9 is installed OR openstack-monasca-persister-java-1.12.1~dev9-9 is installed OR openstack-neutron-13.0.5~dev22-3.7 is installed OR openstack-neutron-dhcp-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-gbp-5.0.1~dev459-3.7 is installed OR openstack-neutron-ha-tool-13.0.5~dev22-3.7 is installed OR openstack-neutron-l3-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-lbaas-13.0.1~dev14-3.7 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev14-3.7 is installed OR openstack-neutron-linuxbridge-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-macvtap-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metadata-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metering-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-openvswitch-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-server-13.0.5~dev22-3.7 is installed OR openstack-nova-18.2.2~dev9-3.7 is installed OR openstack-nova-api-18.2.2~dev9-3.7 is installed OR openstack-nova-cells-18.2.2~dev9-3.7 is installed OR openstack-nova-compute-18.2.2~dev9-3.7 is installed OR openstack-nova-conductor-18.2.2~dev9-3.7 is installed OR openstack-nova-console-18.2.2~dev9-3.7 is installed OR openstack-nova-novncproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-placement-api-18.2.2~dev9-3.7 is installed OR openstack-nova-scheduler-18.2.2~dev9-3.7 is installed OR openstack-nova-serialproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-vncproxy-18.2.2~dev9-3.7 is installed OR openstack-octavia-3.1.2~dev8-3.7 is installed OR openstack-octavia-amphora-agent-3.1.2~dev8-3.7 is installed OR openstack-octavia-api-3.1.2~dev8-3.7 is installed OR openstack-octavia-health-manager-3.1.2~dev8-3.7 is installed OR openstack-octavia-housekeeping-3.1.2~dev8-3.7 is installed OR openstack-octavia-worker-3.1.2~dev8-3.7 is installed OR openstack-tempest-19.0.0-12 is installed OR openstack-tempest-test-19.0.0-12 is installed OR python-ardana-configurationprocessor-9.0+git.1566405927.c5c03d4-3.8 is installed OR python-ceilometer-11.0.2~dev14-3.7 is installed OR python-cinder-13.0.7~dev3-3.7 is installed OR python-cinder-tempest-plugin-0.1.0-8 is installed OR python-designate-7.0.1~dev21-3.7 is installed OR python-heat-11.0.3~dev19-3.7 is installed OR python-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR python-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR python-ironic-11.1.4~dev9-3.7 is installed OR python-ironicclient-2.5.3-4.7 is installed OR python-ironicclient-doc-2.5.3-4.7 is installed OR python-keystone-14.1.1~dev8-3.7 is installed OR python-keystonemiddleware-5.2.0-8 is installed OR python-magnum-7.1.1~dev28-3.7 is installed OR python-manila-7.3.1~dev3-4.7 is installed OR python-monasca-notification-1.14.2~dev1-6.7 is installed OR python-monasca-persister-1.12.1~dev9-9 is installed OR python-monasca-tempest-plugin-0.3.0-8 is installed OR python-neutron-13.0.5~dev22-3.7 is installed OR python-neutron-gbp-5.0.1~dev459-3.7 is installed OR python-neutron-lbaas-13.0.1~dev14-3.7 is installed OR python-nova-18.2.2~dev9-3.7 is installed OR python-octavia-3.1.2~dev8-3.7 is installed OR python-openstackclient-3.16.2-8 is installed OR python-openstacksdk-0.17.3-8 is installed OR python-proliantutils-2.8.4-8 is installed OR python-python-engineio-2.0.2-9 is installed OR python-swiftlm-9.0+git.1541434883.e0ebe69-8 is installed OR python-tempest-19.0.0-12 is installed OR python-vmware-nsx-13.0.1~dev146-9 is installed OR python-vmware-nsxlib-13.0.1~dev24-8 is installed OR venv-openstack-barbican-7.0.1~dev18-3.7 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev18-3.7 is installed OR venv-openstack-cinder-13.0.7~dev3-3.7 is installed OR venv-openstack-cinder-x86_64-13.0.7~dev3-3.7 is installed OR venv-openstack-designate-7.0.1~dev21-3.7 is installed OR venv-openstack-designate-x86_64-7.0.1~dev21-3.7 is installed OR venv-openstack-glance-17.0.1~dev16-3.7 is installed OR venv-openstack-glance-x86_64-17.0.1~dev16-3.7 is installed OR venv-openstack-heat-11.0.3~dev19-3.7 is installed OR venv-openstack-heat-x86_64-11.0.3~dev19-3.7 is installed OR venv-openstack-horizon-14.0.4~dev4-4.7 is installed OR venv-openstack-horizon-x86_64-14.0.4~dev4-4.7 is installed OR venv-openstack-ironic-11.1.4~dev9-4.7 is installed OR venv-openstack-ironic-x86_64-11.1.4~dev9-4.7 is installed OR venv-openstack-keystone-14.1.1~dev8-3.7 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev8-3.7 is installed OR venv-openstack-magnum-7.1.1~dev28-4.7 is installed OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.7 is installed OR venv-openstack-manila-7.3.1~dev3-3.7 is installed OR venv-openstack-manila-x86_64-7.3.1~dev3-3.7 is installed OR venv-openstack-monasca-2.7.1~dev10-3.7 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.7 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.7 is installed OR venv-openstack-monasca-x86_64-2.7.1~dev10-3.7 is installed OR venv-openstack-neutron-13.0.5~dev22-6.7 is installed OR venv-openstack-neutron-x86_64-13.0.5~dev22-6.7 is installed OR venv-openstack-nova-18.2.2~dev9-3.7 is installed OR venv-openstack-nova-x86_64-18.2.2~dev9-3.7 is installed OR venv-openstack-octavia-3.1.2~dev8-4.7 is installed OR venv-openstack-octavia-x86_64-3.1.2~dev8-4.7 is installed OR venv-openstack-sahara-9.0.2~dev9-3.7 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev9-3.7 is installed OR venv-openstack-swift-2.19.2~dev1-2.4 is installed OR venv-openstack-swift-x86_64-2.19.2~dev1-2.4 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-Django-1.11.11-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.5 is installed

BACK