OVAL Reference oval:org.opensuse.security:def:5983

Oval Definition:

oval:org.opensuse.security:def:5983

Revision Date:	2021-03-24	Version:	1
Title:	Security update for nghttp2 (Important)
Description:	This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2020-11080: HTTP/2 Large Settings Frame DoS (bsc#1181358). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service (bsc#1146184). - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146182). - CVE-2018-1000168: Fixed ALTSVC frame client side denial of service (bsc#1088639). - CVE-2016-1544: Fixed out of memory due to unlimited incoming HTTP header fields (bsc#966514). Bug fixes and enhancements: - Packages must not mark license files as %doc (bsc#1082318) - Typo in description of libnghttp2_asio1 (bsc#962914) - Fixed mistake in spec file (bsc#1125689) - Fixed build issue with boost 1.70.0 (bsc#1134616) - Fixed build issue with GCC 6 (bsc#964140) - Feature: Add W&S module (FATE#326776, bsc#1112438)
Family:	unix	Class:	patch
Status:		Reference(s):	1082318 1088639 1112438 1125689 1134616 1146182 1146184 1177125 1177222 1181358 962914 964140 966514 CVE-2010-4651 CVE-2011-0461 CVE-2011-2513 CVE-2011-2514 CVE-2011-3377 CVE-2012-3422 CVE-2012-3423 CVE-2012-4510 CVE-2012-4540 CVE-2013-1926 CVE-2013-1927 CVE-2013-1985 CVE-2013-4349 CVE-2013-6418 CVE-2014-0011 CVE-2014-3248 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2014-8240 CVE-2015-0255 CVE-2015-0295 CVE-2015-1196 CVE-2015-1395 CVE-2015-1396 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-5234 CVE-2015-5235 CVE-2016-1544 CVE-2016-1856 CVE-2016-1857 CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4624 CVE-2016-9811 CVE-2017-0381 CVE-2017-14604 CVE-2017-5837 CVE-2017-5844 CVE-2017-6507 CVE-2018-1000168 CVE-2019-9511 CVE-2019-9513 CVE-2020-11080 CVE-2020-25613 SUSE-SU-2021:0932-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Real Time Extension 12 SP2 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information libreoffice-4.3.3.2-6 is installed OR libreoffice-sdk-4.3.3.2-6 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information krb5-mini-1.12.1-22 is installed OR krb5-mini-devel-1.12.1-22 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND Package Information libudev-mini-devel-228-149 is installed OR libudev-mini1-228-149 is installed OR systemd-mini-228-149 is installed OR systemd-mini-devel-228-149 is installed OR udev-mini-228-149 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND kernel-zfcpdump-4.4.82-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libopenssl1_0_0-1.0.1i-9 is installed OR libopenssl1_0_0-32bit-1.0.1i-9 is installed OR openssl-1.0.1i-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information java-1_7_0-openjdk-plugin-1.6.2-2.8 is installed OR java-1_8_0-openjdk-plugin-1.6.2-2.10 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information openvpn-2.3.8-16.17.1 is installed OR openvpn-auth-pam-plugin-2.3.8-16.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND python-requests-2.8.1-6.9 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND hawk2-1.0.1+git.1456406635.49e230d-12 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-90 is installed OR cluster-network-kmp-default-4.4.21-90 is installed OR dlm-kmp-default-4.4.21-90 is installed OR gfs2-kmp-default-4.4.21-90 is installed OR kernel-default-4.4.21-90 is installed OR ocfs2-kmp-default-4.4.21-90 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND lighttpd-1.4.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND libpcreposix0-8.39-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information apache-commons-beanutils-1.9.2-3.3 is installed OR apache-commons-beanutils-javadoc-1.9.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_43-52_6-default-1-2 is installed OR kgraft-patch-3_12_43-52_6-xen-1-2 is installed OR kgraft-patch-SLE12_Update_5-1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.61-60.18.1 is installed OR kernel-compute-base-3.12.61-60.18.1 is installed OR kernel-compute-devel-3.12.61-60.18.1 is installed OR kernel-compute_debug-3.12.61-60.18.1 is installed OR kernel-compute_debug-devel-3.12.61-60.18.1 is installed OR kernel-devel-rt-3.12.61-60.18.1 is installed OR kernel-rt-3.12.61-60.18.1 is installed OR kernel-rt-base-3.12.61-60.18.1 is installed OR kernel-rt-devel-3.12.61-60.18.1 is installed OR kernel-rt_debug-3.12.61-60.18.1 is installed OR kernel-rt_debug-devel-3.12.61-60.18.1 is installed OR kernel-source-rt-3.12.61-60.18.1 is installed OR kernel-syms-rt-3.12.61-60.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP2 is installed AND Package Information cluster-md-kmp-rt-4.4.88-18.1 is installed OR cluster-network-kmp-rt-4.4.88-18.1 is installed OR dlm-kmp-rt-4.4.88-18.1 is installed OR gfs2-kmp-rt-4.4.88-18.1 is installed OR kernel-devel-rt-4.4.88-18.1 is installed OR kernel-rt-4.4.88-18.1 is installed OR kernel-rt-base-4.4.88-18.1 is installed OR kernel-rt-devel-4.4.88-18.1 is installed OR kernel-rt_debug-4.4.88-18.1 is installed OR kernel-rt_debug-devel-4.4.88-18.1 is installed OR kernel-source-rt-4.4.88-18.1 is installed OR kernel-syms-rt-4.4.88-18.1 is installed OR ocfs2-kmp-rt-4.4.88-18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information OpenEXR-1.6.1-83.17.1 is installed OR OpenEXR-32bit-1.6.1-83.17.1 is installed OR OpenEXR-x86-1.6.1-83.17.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND jakarta-commons-fileupload-1.1.1-1.35.1 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-1.35.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND jakarta-commons-fileupload-1.1.1-1.35.1 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-1.35.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND libcgroup1-0.34-2.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND apache2-2.2.12-1.46.1 is installed OR apache2-doc-2.2.12-1.46.1 is installed OR apache2-example-pages-2.2.12-1.46.1 is installed OR apache2-prefork-2.2.12-1.46.1 is installed OR apache2-utils-2.2.12-1.46.1 is installed OR apache2-worker-2.2.12-1.46.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND apache2-2.2.12-1.46.1 is installed OR apache2-doc-2.2.12-1.46.1 is installed OR apache2-example-pages-2.2.12-1.46.1 is installed OR apache2-prefork-2.2.12-1.46.1 is installed OR apache2-utils-2.2.12-1.46.1 is installed OR apache2-worker-2.2.12-1.46.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information Mesa-9.0.3-0.17.1 is installed OR Mesa-32bit-9.0.3-0.17.1 is installed OR Mesa-x86-9.0.3-0.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information xen-4.2.5_20-24.9 is installed OR xen-doc-html-4.2.5_20-24.9 is installed OR xen-doc-pdf-4.2.5_20-24.9 is installed OR xen-kmp-default-4.2.5_20_3.0.101_0.47.79-24.9 is installed OR xen-kmp-pae-4.2.5_20_3.0.101_0.47.79-24.9 is installed OR xen-libs-4.2.5_20-24.9 is installed OR xen-libs-32bit-4.2.5_20-24.9 is installed OR xen-tools-4.2.5_20-24.9 is installed OR xen-tools-domU-4.2.5_20-24.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information bind-9.9.6P1-0.5.5 is installed OR bind-chrootenv-9.9.6P1-0.5.5 is installed OR bind-doc-9.9.6P1-0.5.5 is installed OR bind-libs-9.9.6P1-0.5.5 is installed OR bind-libs-32bit-9.9.6P1-0.5.5 is installed OR bind-libs-x86-9.9.6P1-0.5.1 is installed OR bind-utils-9.9.6P1-0.5.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information g3utils-1.1.36-54 is installed OR mgetty-1.1.36-54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND libnghttp2-14-1.39.2-3.5.1 is installed OR libnghttp2-14-32bit-1.39.2-3.5.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND libnghttp2-14-1.39.2-3.5.1 is installed OR libnghttp2-14-32bit-1.39.2-3.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information apache2-2.4.23-14 is installed OR apache2-doc-2.4.23-14 is installed OR apache2-example-pages-2.4.23-14 is installed OR apache2-prefork-2.4.23-14 is installed OR apache2-utils-2.4.23-14 is installed OR apache2-worker-2.4.23-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND shadow-4.2.1-27.9 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND rubygem-actionpack-2_3-2.3.17-0.15.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND NetworkManager-devel-0.7.1_git20090811-3.28.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND alsa-devel-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND dhcp-devel-4.3.3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information ant-1.9.4-1 is installed OR ant-jmf-1.9.4-1 is installed OR ant-scripts-1.9.4-1 is installed OR ant-swing-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information cups-ddk-1.7.5-19 is installed OR cups-devel-1.7.5-19 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information kernel-default-3.12.60-52.54.2 is installed OR kernel-default-extra-3.12.60-52.54.2 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information kernel-default-3.12.59-60.41.2 is installed OR kernel-default-extra-3.12.59-60.41.2 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information gcc48-gij-4.8.5-30 is installed OR gcc48-gij-32bit-4.8.5-30 is installed OR libgcj48-4.8.5-30 is installed OR libgcj48-32bit-4.8.5-30 is installed OR libgcj48-jar-4.8.5-30 is installed OR libgcj_bc1-4.8.5-30 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information colord-1.3.3-12 is installed OR colord-lang-1.3.3-12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information colord-1.3.3-12 is installed OR colord-lang-1.3.3-12 is installed

BACK