OVAL Reference oval:org.opensuse.security:def:59422

Oval Definition:

oval:org.opensuse.security:def:59422

Revision Date:	2020-12-01	Version:	1
Title:	Security update for apache2 (Moderate)
Description:	This update for apache2 fixes the following issues: Security issues fixed: - CVE-2016-8743: Fixed liberal whitespace interpretation accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. (bsc#1016715) - CVE-2016-4975: Fixed possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes which prohibit CR or LF injection into the 'Location' or other outbound header key or value. (bsc#1104826)
Family:	unix	Class:	patch
Status:		Reference(s):	1016715 1051222 1065237 1082023 1090671 1091396 1104826 1105010 1119183 1121816 1121821 1131709 1133114 1133145 1138954 1141780 1141782 1141783 1141785 1141789 1144327 1144379 1146358 1146359 1147021 1150584 1152711 1153471 1154862 1155789 1155952 1157860 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1164692 1168630 1173580 1176733 964336 979907 997857 CVE-2008-1420 CVE-2009-3379 CVE-2011-2895 CVE-2012-0444 CVE-2013-6462 CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 CVE-2015-8871 CVE-2016-4975 CVE-2016-7163 CVE-2016-8743 CVE-2017-11185 CVE-2017-6967 CVE-2018-15473 CVE-2019-11365 CVE-2019-11366 CVE-2019-11771 CVE-2019-11775 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-17498 CVE-2019-19604 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2816 CVE-2019-4473 CVE-2019-6109 CVE-2019-6111 CVE-2019-7317 CVE-2019-8675 CVE-2019-8696 CVE-2020-1938 CVE-2020-26117 CVE-2020-4044 CVE-2020-6819 CVE-2020-6820 SUSE-SU-2017:2143-1 SUSE-SU-2017:2144-1 SUSE-SU-2018:2815-2 SUSE-SU-2018:3910-1 SUSE-SU-2019:1524-1 SUSE-SU-2019:2336-1 SUSE-SU-2019:2936-1 SUSE-SU-2019:3057-1 SUSE-SU-2019:3311-1 SUSE-SU-2020:0725-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:1943-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information ghostscript-9.23-lp150.1 is installed OR ghostscript-x11-9.23-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information go1.11-1.11.13-lp151.2.9 is installed OR go1.11-doc-1.11.13-lp151.2.9 is installed OR go1.11-race-1.11.13-lp151.2.9 is installed
Definition Synopsis
openSUSE Leap 15.1 NonFree is installed AND opera-68.0.3618.104-lp151.2.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND atftp-0.7.0-160.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND libXfont1-1.5.1-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ImageMagick-6.8.8.1-71.93 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.93 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.93 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cvs-1.12.12-182.3 is installed OR cvs-doc-1.12.12-182.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information ardana-ansible-9.0+git.1587034359.a12678b-3.19 is installed OR ardana-barbican-9.0+git.1583953599.cd723bb-3.10 is installed OR ardana-cluster-9.0+git.1585653734.c1fe3b2-3.13 is installed OR ardana-db-9.0+git.1586543314.6b6aa20-3.19 is installed OR ardana-designate-9.0+git.1583445435.4bd1793-3.10 is installed OR ardana-input-model-9.0+git.1584632190.9541c56-3.16 is installed OR ardana-logging-9.0+git.1585929695.f35b591-3.10 is installed OR ardana-monasca-9.0+git.1586769889.d43d736-3.16 is installed OR ardana-mq-9.0+git.1586350749.a463fd2-3.13 is installed OR ardana-neutron-9.0+git.1587667603.507fb50-3.19 is installed OR ardana-octavia-9.0+git.1587486004.8e99c6b-3.16 is installed OR ardana-osconfig-9.0+git.1586546715.dbd07ab-3.16 is installed OR ardana-tempest-9.0+git.1587398456.b31cc4a-3.13 is installed OR ardana-tls-9.0+git.1586301209.c9413b4-3.12 is installed OR memcached-1.5.17-3.3 is installed OR openstack-ceilometer-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-central-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-compute-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-ipmi-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-notification-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-polling-11.1.1~dev5-3.13 is installed OR openstack-cinder-13.0.10~dev9-3.19 is installed OR openstack-cinder-api-13.0.10~dev9-3.19 is installed OR openstack-cinder-backup-13.0.10~dev9-3.19 is installed OR openstack-cinder-scheduler-13.0.10~dev9-3.19 is installed OR openstack-cinder-volume-13.0.10~dev9-3.19 is installed OR openstack-designate-7.0.1~dev25-3.16 is installed OR openstack-designate-agent-7.0.1~dev25-3.16 is installed OR openstack-designate-api-7.0.1~dev25-3.16 is installed OR openstack-designate-central-7.0.1~dev25-3.16 is installed OR openstack-designate-producer-7.0.1~dev25-3.16 is installed OR openstack-designate-sink-7.0.1~dev25-3.16 is installed OR openstack-designate-worker-7.0.1~dev25-3.16 is installed OR openstack-heat-11.0.3~dev35-3.16 is installed OR openstack-heat-api-11.0.3~dev35-3.16 is installed OR openstack-heat-api-cfn-11.0.3~dev35-3.16 is installed OR openstack-heat-engine-11.0.3~dev35-3.16 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev35-3.16 is installed OR openstack-ironic-11.1.5~dev3-3.16 is installed OR openstack-ironic-api-11.1.5~dev3-3.16 is installed OR openstack-ironic-conductor-11.1.5~dev3-3.16 is installed OR openstack-ironic-image-9.0.0-3.6 is installed OR openstack-ironic-image-x86_64-9.0.0-3.6 is installed OR openstack-manila-7.4.2~dev4-4.21 is installed OR openstack-manila-api-7.4.2~dev4-4.21 is installed OR openstack-manila-data-7.4.2~dev4-4.21 is installed OR openstack-manila-scheduler-7.4.2~dev4-4.21 is installed OR openstack-manila-share-7.4.2~dev4-4.21 is installed OR openstack-neutron-13.0.8~dev28-3.22 is installed OR openstack-neutron-dhcp-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-ha-tool-13.0.8~dev28-3.22 is installed OR openstack-neutron-l3-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-linuxbridge-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-macvtap-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-metadata-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-metering-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-openvswitch-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-server-13.0.8~dev28-3.22 is installed OR openstack-nova-18.3.1~dev17-3.22 is installed OR openstack-nova-api-18.3.1~dev17-3.22 is installed OR openstack-nova-cells-18.3.1~dev17-3.22 is installed OR openstack-nova-compute-18.3.1~dev17-3.22 is installed OR openstack-nova-conductor-18.3.1~dev17-3.22 is installed OR openstack-nova-console-18.3.1~dev17-3.22 is installed OR openstack-nova-novncproxy-18.3.1~dev17-3.22 is installed OR openstack-nova-placement-api-18.3.1~dev17-3.22 is installed OR openstack-nova-scheduler-18.3.1~dev17-3.22 is installed OR openstack-nova-serialproxy-18.3.1~dev17-3.22 is installed OR openstack-nova-vncproxy-18.3.1~dev17-3.22 is installed OR openstack-octavia-3.2.3~dev2-3.22 is installed OR openstack-octavia-amphora-agent-3.2.3~dev2-3.22 is installed OR openstack-octavia-amphora-image-0.1.3-7.9 is installed OR openstack-octavia-amphora-image-x86_64-0.1.3-7.9 is installed OR openstack-octavia-api-3.2.3~dev2-3.22 is installed OR openstack-octavia-health-manager-3.2.3~dev2-3.22 is installed OR openstack-octavia-housekeeping-3.2.3~dev2-3.22 is installed OR openstack-octavia-worker-3.2.3~dev2-3.22 is installed OR python-ceilometer-11.1.1~dev5-3.13 is installed OR python-cinder-13.0.10~dev9-3.19 is installed OR python-cinderclient-4.0.3-3.6 is installed OR python-cinderclient-doc-4.0.3-3.6 is installed OR python-designate-7.0.1~dev25-3.16 is installed OR python-glanceclient-2.13.2-3.3 is installed OR python-glanceclient-doc-2.13.2-3.3 is installed OR python-heat-11.0.3~dev35-3.16 is installed OR python-ironic-11.1.5~dev3-3.16 is installed OR python-ironic-lib-2.14.3-3.6 is installed OR python-ironicclient-2.5.4-4.10 is installed OR python-ironicclient-doc-2.5.4-4.10 is installed OR python-keystonemiddleware-5.2.2-17 is installed OR python-manila-7.4.2~dev4-4.21 is installed OR python-manila-tempest-plugin-0.1.0-3.6 is installed OR python-neutron-13.0.8~dev28-3.22 is installed OR python-nova-18.3.1~dev17-3.22 is installed OR python-novaclient-11.0.1-3.3 is installed OR python-novaclient-doc-11.0.1-3.3 is installed OR python-octavia-3.2.3~dev2-3.22 is installed OR python-octaviaclient-1.6.2-3.6 is installed OR python-openstackclient-3.16.3-11 is installed OR python-os-brick-2.5.10-3.9 is installed OR python-os-brick-common-2.5.10-3.9 is installed OR python-oslo.config-6.4.2-3.3 is installed OR python-oslo.config-doc-6.4.2-3.3 is installed OR python-oslo.rootwrap-5.14.2-3.3 is installed OR python-oslo.utils-3.36.5-3.3 is installed OR python-swiftclient-3.6.1-3.3 is installed OR python-swiftclient-doc-3.6.1-3.3 is installed OR python-watcherclient-2.1.1-3.3 is installed OR release-notes-suse-openstack-cloud-9.20200319-3.18 is installed OR venv-openstack-barbican-7.0.1~dev24-3.17 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev24-3.17 is installed OR venv-openstack-cinder-13.0.10~dev9-3.17 is installed OR venv-openstack-cinder-x86_64-13.0.10~dev9-3.17 is installed OR venv-openstack-designate-7.0.1~dev25-3.17 is installed OR venv-openstack-designate-x86_64-7.0.1~dev25-3.17 is installed OR venv-openstack-glance-17.0.1~dev30-3.15 is installed OR venv-openstack-glance-x86_64-17.0.1~dev30-3.15 is installed OR venv-openstack-heat-11.0.3~dev35-3.17 is installed OR venv-openstack-heat-x86_64-11.0.3~dev35-3.17 is installed OR venv-openstack-horizon-14.1.1~dev1-4.16 is installed OR venv-openstack-horizon-x86_64-14.1.1~dev1-4.16 is installed OR venv-openstack-ironic-11.1.5~dev3-4.13 is installed OR venv-openstack-ironic-x86_64-11.1.5~dev3-4.13 is installed OR venv-openstack-keystone-14.1.1~dev36-3.17 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev36-3.17 is installed OR venv-openstack-magnum-7.2.1~dev1-4.17 is installed OR venv-openstack-magnum-x86_64-7.2.1~dev1-4.17 is installed OR venv-openstack-manila-7.4.2~dev4-3.19 is installed OR venv-openstack-manila-x86_64-7.4.2~dev4-3.19 is installed OR venv-openstack-monasca-2.7.1~dev10-3.15 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.17 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.17 is installed OR venv-openstack-monasca-x86_64-2.7.1~dev10-3.15 is installed OR venv-openstack-neutron-13.0.8~dev28-6.17 is installed OR venv-openstack-neutron-x86_64-13.0.8~dev28-6.17 is installed OR venv-openstack-nova-18.3.1~dev17-3.17 is installed OR venv-openstack-nova-x86_64-18.3.1~dev17-3.17 is installed OR venv-openstack-octavia-3.2.3~dev2-4.17 is installed OR venv-openstack-octavia-x86_64-3.2.3~dev2-4.17 is installed OR venv-openstack-sahara-9.0.2~dev15-3.17 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev15-3.17 is installed OR venv-openstack-swift-2.19.2~dev48-2.12 is installed OR venv-openstack-swift-x86_64-2.19.2~dev48-2.12 is installed OR zookeeper-3.4.13-3.3 is installed OR zookeeper-server-3.4.13-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed

BACK