Oval Definition:oval:org.opensuse.security:def:59558
Revision Date:2021-11-03Version:1
Title:Security update for tomcat (Important)
Description:

This update for tomcat, javapackages-tools fixes the following issue:

Security issue fixed:

- CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279). - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278). - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558).

Non-security issues fixed:

- Add requires and conflicts to avoid the usage of the incompatible 'Java 11' with 'Tomcat'. (bsc#1185476) - Rebuild javapackages-tools to fix a missing package on s390.
Family:unixClass:patch
Status:Reference(s):1037811
1064455
1071767
1071777
1090766
1096449
1097410
1097560
1100167
1102682
1104662
1106383
1120813
1127458
1133495
1139083
1139459
1151377
1151506
1153108
1154043
1154212
1155574
1156321
1156402
1156482
1157770
1158442
1159814
1162108
1162202
1162675
1171924
1172265
1185476
1188278
1188279
1190558
977043
985657
CVE-2008-4316
CVE-2010-3609
CVE-2012-3524
CVE-2016-3189
CVE-2016-4912
CVE-2016-6354
CVE-2016-7567
CVE-2017-17456
CVE-2017-17457
CVE-2017-9103
CVE-2017-9104
CVE-2017-9105
CVE-2017-9106
CVE-2017-9107
CVE-2017-9108
CVE-2017-9109
CVE-2018-0495
CVE-2018-13139
CVE-2018-5390
CVE-2018-6126
CVE-2019-10220
CVE-2019-12900
CVE-2019-13272
CVE-2019-17631
CVE-2019-18634
CVE-2019-2201
CVE-2019-2933
CVE-2019-2945
CVE-2019-2958
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2975
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2988
CVE-2019-2989
CVE-2019-2992
CVE-2019-2996
CVE-2019-2999
CVE-2019-3840
CVE-2020-1712
CVE-2021-30640
CVE-2021-33037
CVE-2021-41079
SUSE-SU-2018:1783-1
SUSE-SU-2018:2065-1
SUSE-SU-2018:2089-1
SUSE-SU-2019:0553-1
SUSE-SU-2019:1955-1
SUSE-SU-2019:2972-1
SUSE-SU-2020:0024-1
SUSE-SU-2020:0331-1
SUSE-SU-2020:0406-1
SUSE-SU-2020:1612-1
SUSE-SU-2020:3343-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libnghttp2-14-1.31.1-lp150.1 is installed
  • OR libnghttp2-14-32bit-1.31.1-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libopenssl-1_0_0-devel-1.0.2p-lp151.5.3 is installed
  • OR libopenssl-1_0_0-devel-32bit-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-32bit-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-hmac-1.0.2p-lp151.5.3 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2p-lp151.5.3 is installed
  • OR openssl-1_0_0-1.0.2p-lp151.5.3 is installed
  • OR openssl-1_0_0-cavs-1.0.2p-lp151.5.3 is installed
  • OR openssl-1_0_0-doc-1.0.2p-lp151.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libjpeg-turbo-1.5.3-31.19 is installed
  • OR libjpeg62-62.2.0-31.19 is installed
  • OR libjpeg62-32bit-62.2.0-31.19 is installed
  • OR libjpeg62-turbo-1.5.3-31.19 is installed
  • OR libjpeg8-8.1.2-31.19 is installed
  • OR libjpeg8-32bit-8.1.2-31.19 is installed
  • OR libturbojpeg0-8.1.2-31.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND yast2-smt-3.0.14-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • glib2-lang-2.48.2-10 is installed
  • OR glib2-tools-2.48.2-10 is installed
  • OR libgio-2_0-0-2.48.2-10 is installed
  • OR libgio-2_0-0-32bit-2.48.2-10 is installed
  • OR libglib-2_0-0-2.48.2-10 is installed
  • OR libglib-2_0-0-32bit-2.48.2-10 is installed
  • OR libgmodule-2_0-0-2.48.2-10 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-10 is installed
  • OR libgobject-2_0-0-2.48.2-10 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-10 is installed
  • OR libgthread-2_0-0-2.48.2-10 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libfreebl3-3.53.1-58.48 is installed
  • OR libfreebl3-32bit-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-3.53.1-58.48 is installed
  • OR libsoftokn3-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed
  • OR mozilla-nspr-4.25-19.15 is installed
  • OR mozilla-nspr-32bit-4.25-19.15 is installed
  • OR mozilla-nss-3.53.1-58.48 is installed
  • OR mozilla-nss-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-tools-3.53.1-58.48 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_57-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND libcares2-1.9.1-9.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND SuSEfirewall2-3.6.312.333-3.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • javapackages-tools-2.0.1-13.1 is installed
  • OR tomcat-9.0.36-3.71.1 is installed
  • OR tomcat-admin-webapps-9.0.36-3.71.1 is installed
  • OR tomcat-docs-webapp-9.0.36-3.71.1 is installed
  • OR tomcat-el-3_0-api-9.0.36-3.71.1 is installed
  • OR tomcat-javadoc-9.0.36-3.71.1 is installed
  • OR tomcat-jsp-2_3-api-9.0.36-3.71.1 is installed
  • OR tomcat-lib-9.0.36-3.71.1 is installed
  • OR tomcat-servlet-4_0-api-9.0.36-3.71.1 is installed
  • OR tomcat-webapps-9.0.36-3.71.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • bzip2-1.0.6-30.5 is installed
  • OR bzip2-doc-1.0.6-30.5 is installed
  • OR libbz2-1-1.0.6-30.5 is installed
  • OR libbz2-1-32bit-1.0.6-30.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • xen-4.11.4_06-2.33 is installed
  • OR xen-doc-html-4.11.4_06-2.33 is installed
  • OR xen-libs-4.11.4_06-2.33 is installed
  • OR xen-libs-32bit-4.11.4_06-2.33 is installed
  • OR xen-tools-4.11.4_06-2.33 is installed
  • OR xen-tools-domU-4.11.4_06-2.33 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND sudo-1.8.20p2-3.17 is installed
    • BACK