OVAL Reference oval:org.opensuse.security:def:60407

Oval Definition:

oval:org.opensuse.security:def:60407

Revision Date:	2021-11-03	Version:	1
Title:	Security update for tomcat (Important)
Description:	This update for tomcat, javapackages-tools fixes the following issue: Security issue fixed: - CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279). - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278). - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558). Non-security issues fixed: - Add requires and conflicts to avoid the usage of the incompatible 'Java 11' with 'Tomcat'. (bsc#1185476) - Rebuild javapackages-tools to fix a missing package on s390.
Family:	unix	Class:	patch
Status:		Reference(s):	1049092 1062563 1062620 1083721 1093414 1105559 1111647 1118003 1120932 1122292 1122299 1122875 1124170 1126391 1128753 1130593 1131712 1131791 1132542 1132852 1132860 1133719 1138301 1138303 1138734 1141780 1141782 1141783 1141785 1141787 1141789 1145092 1147021 1150734 1153332 1157198 1158763 1173274 1185476 1188278 1188279 1190558 124991 CVE-2010-1205 CVE-2011-0904 CVE-2011-0905 CVE-2011-1164 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3328 CVE-2013-6418 CVE-2013-6954 CVE-2014-0333 CVE-2014-9087 CVE-2014-9495 CVE-2015-0973 CVE-2015-8126 CVE-2016-10087 CVE-2016-4574 CVE-2016-4579 CVE-2017-1000256 CVE-2017-7467 CVE-2017-9814 CVE-2018-11212 CVE-2018-12086 CVE-2018-14574 CVE-2018-16301 CVE-2018-18227 CVE-2019-10161 CVE-2019-10167 CVE-2019-10208 CVE-2019-10876 CVE-2019-11068 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-15165 CVE-2019-18900 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-3498 CVE-2019-3688 CVE-2019-3690 CVE-2019-4473 CVE-2019-6975 CVE-2019-7317 CVE-2020-14422 CVE-2021-30640 CVE-2021-33037 CVE-2021-41079 SUSE-SU-2017:2850-1 SUSE-SU-2018:1195-1 SUSE-SU-2018:3590-1 SUSE-SU-2019:1862-1 SUSE-SU-2019:2371-1 SUSE-SU-2019:2669-1 SUSE-SU-2019:3180-1 SUSE-SU-2020:0079-2 SUSE-SU-2020:2157-1 SUSE-SU-2021:3602-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information fish3-3.0.0-lp150.3 is installed OR fish3-devel-3.0.0-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information MozillaThunderbird-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information tomcat-9.0.36-lp152.2.3 is installed OR tomcat-admin-webapps-9.0.36-lp152.2.3 is installed OR tomcat-docs-webapp-9.0.36-lp152.2.3 is installed OR tomcat-el-3_0-api-9.0.36-lp152.2.3 is installed OR tomcat-embed-9.0.36-lp152.2.3 is installed OR tomcat-javadoc-9.0.36-lp152.2.3 is installed OR tomcat-jsp-2_3-api-9.0.36-lp152.2.3 is installed OR tomcat-jsvc-9.0.36-lp152.2.3 is installed OR tomcat-lib-9.0.36-lp152.2.3 is installed OR tomcat-servlet-4_0-api-9.0.36-lp152.2.3 is installed OR tomcat-webapps-9.0.36-lp152.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND libksba8-1.3.0-23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND permissions-2015.09.28.1626-17.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.1-33.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information coreutils-8.25-13.7 is installed OR coreutils-lang-8.25-13.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed OR libwebkit2gtk3-lang-2.28.3-2.56 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed OR webkit2gtk3-2.28.3-2.56 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND javapackages-tools-2.0.1-13.1 is installed OR tomcat-9.0.36-3.71.1 is installed OR tomcat-admin-webapps-9.0.36-3.71.1 is installed OR tomcat-docs-webapp-9.0.36-3.71.1 is installed OR tomcat-el-3_0-api-9.0.36-3.71.1 is installed OR tomcat-javadoc-9.0.36-3.71.1 is installed OR tomcat-jsp-2_3-api-9.0.36-3.71.1 is installed OR tomcat-lib-9.0.36-3.71.1 is installed OR tomcat-servlet-4_0-api-9.0.36-3.71.1 is installed OR tomcat-webapps-9.0.36-3.71.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND javapackages-tools-2.0.1-13.1 is installed OR tomcat-9.0.36-3.71.1 is installed OR tomcat-admin-webapps-9.0.36-3.71.1 is installed OR tomcat-docs-webapp-9.0.36-3.71.1 is installed OR tomcat-el-3_0-api-9.0.36-3.71.1 is installed OR tomcat-javadoc-9.0.36-3.71.1 is installed OR tomcat-jsp-2_3-api-9.0.36-3.71.1 is installed OR tomcat-lib-9.0.36-3.71.1 is installed OR tomcat-servlet-4_0-api-9.0.36-3.71.1 is installed OR tomcat-webapps-9.0.36-3.71.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information libX11-1.6.2-12.12 is installed OR libX11-6-1.6.2-12.12 is installed OR libX11-6-32bit-1.6.2-12.12 is installed OR libX11-data-1.6.2-12.12 is installed OR libX11-xcb1-1.6.2-12.12 is installed OR libX11-xcb1-32bit-1.6.2-12.12 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-core-5.0+git.1558533551.8d8ed2058-3.23 is installed OR crowbar-core-branding-SOC-5.0-10.6 is installed OR crowbar-core-branding-upstream-5.0+git.1558533551.8d8ed2058-3.23 is installed OR crowbar-ha-5.0+git.1559282566.6b06ca3-3.17 is installed OR crowbar-openstack-5.0+git.1559335140.62bb4c014-4.25 is installed OR documentation-suse-openstack-cloud-deployment-8.20190521-1.17 is installed OR documentation-suse-openstack-cloud-supplement-8.20190521-1.17 is installed OR documentation-suse-openstack-cloud-upstream-admin-8.20190521-1.17 is installed OR documentation-suse-openstack-cloud-upstream-user-8.20190521-1.17 is installed OR openstack-aodh-5.1.1~dev7-3.11 is installed OR openstack-aodh-api-5.1.1~dev7-3.11 is installed OR openstack-aodh-doc-5.1.1~dev7-3.11 is installed OR openstack-aodh-evaluator-5.1.1~dev7-3.11 is installed OR openstack-aodh-expirer-5.1.1~dev7-3.11 is installed OR openstack-aodh-listener-5.1.1~dev7-3.11 is installed OR openstack-aodh-notifier-5.1.1~dev7-3.11 is installed OR openstack-barbican-5.0.2~dev3-3.14 is installed OR openstack-barbican-api-5.0.2~dev3-3.14 is installed OR openstack-barbican-doc-5.0.2~dev3-3.14 is installed OR openstack-barbican-keystone-listener-5.0.2~dev3-3.14 is installed OR openstack-barbican-retry-5.0.2~dev3-3.14 is installed OR openstack-barbican-worker-5.0.2~dev3-3.14 is installed OR openstack-ceilometer-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-central-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-compute-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-ipmi-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-notification-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-api-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-collector-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-doc-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-polling-9.0.8~dev7-3.12 is installed OR openstack-cinder-11.2.3~dev5-3.15 is installed OR openstack-cinder-api-11.2.3~dev5-3.15 is installed OR openstack-cinder-backup-11.2.3~dev5-3.15 is installed OR openstack-cinder-doc-11.2.3~dev5-3.15 is installed OR openstack-cinder-scheduler-11.2.3~dev5-3.15 is installed OR openstack-cinder-volume-11.2.3~dev5-3.15 is installed OR openstack-dashboard-12.0.4~dev6-3.20 is installed OR openstack-dashboard-theme-SUSE-2017.2+git.1554906711.9dbe79b-7.11 is installed OR openstack-designate-5.0.3~dev7-3.11 is installed OR openstack-designate-agent-5.0.3~dev7-3.11 is installed OR openstack-designate-api-5.0.3~dev7-3.11 is installed OR openstack-designate-central-5.0.3~dev7-3.11 is installed OR openstack-designate-doc-5.0.3~dev7-3.11 is installed OR openstack-designate-producer-5.0.3~dev7-3.11 is installed OR openstack-designate-sink-5.0.3~dev7-3.11 is installed OR openstack-designate-worker-5.0.3~dev7-3.11 is installed OR openstack-heat-9.0.8~dev3-3.18 is installed OR openstack-heat-api-9.0.8~dev3-3.18 is installed OR openstack-heat-api-cfn-9.0.8~dev3-3.18 is installed OR openstack-heat-api-cloudwatch-9.0.8~dev3-3.18 is installed OR openstack-heat-doc-9.0.8~dev3-3.18 is installed OR openstack-heat-engine-9.0.8~dev3-3.18 is installed OR openstack-heat-gbp-7.0.1~dev1-3.3 is installed OR openstack-heat-plugin-heat_docker-9.0.8~dev3-3.18 is installed OR openstack-heat-test-9.0.8~dev3-3.18 is installed OR openstack-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed OR openstack-ironic-9.1.8~dev5-3.18 is installed OR openstack-ironic-api-9.1.8~dev5-3.18 is installed OR openstack-ironic-conductor-9.1.8~dev5-3.18 is installed OR openstack-ironic-doc-9.1.8~dev5-3.18 is installed OR openstack-keystone-12.0.4~dev2-5.19 is installed OR openstack-keystone-doc-12.0.4~dev2-5.19 is installed OR openstack-monasca-agent-2.2.5~dev2-3.9 is installed OR openstack-monasca-api-2.2.1~dev26-3.12 is installed OR openstack-monasca-log-api-2.3.1~dev12-3.6 is installed OR openstack-neutron-11.0.9~dev28-3.18 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-doc-11.0.9~dev28-3.18 is installed OR openstack-neutron-fwaas-11.0.3~dev1-3.14 is installed OR openstack-neutron-fwaas-doc-11.0.3~dev1-3.14 is installed OR openstack-neutron-gbp-7.3.1~dev28-3.3 is installed OR openstack-neutron-ha-tool-11.0.9~dev28-3.18 is installed OR openstack-neutron-l3-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-lbaas-11.0.4~dev6-3.9 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.9 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.9 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-metadata-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-metering-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-server-11.0.9~dev28-3.18 is installed OR openstack-neutron-vpn-agent-11.0.1~dev5-3.12 is installed OR openstack-neutron-vpnaas-11.0.1~dev5-3.12 is installed OR openstack-neutron-vpnaas-doc-11.0.1~dev5-3.12 is installed OR openstack-neutron-vyatta-agent-11.0.1~dev5-3.12 is installed OR openstack-nova-16.1.9~dev3-3.23 is installed OR openstack-nova-api-16.1.9~dev3-3.23 is installed OR openstack-nova-cells-16.1.9~dev3-3.23 is installed OR openstack-nova-compute-16.1.9~dev3-3.23 is installed OR openstack-nova-conductor-16.1.9~dev3-3.23 is installed OR openstack-nova-console-16.1.9~dev3-3.23 is installed OR openstack-nova-consoleauth-16.1.9~dev3-3.23 is installed OR openstack-nova-doc-16.1.9~dev3-3.23 is installed OR openstack-nova-novncproxy-16.1.9~dev3-3.23 is installed OR openstack-nova-placement-api-16.1.9~dev3-3.23 is installed OR openstack-nova-scheduler-16.1.9~dev3-3.23 is installed OR openstack-nova-serialproxy-16.1.9~dev3-3.23 is installed OR openstack-nova-vncproxy-16.1.9~dev3-3.23 is installed OR openstack-trove-8.0.1~dev13-3.9 is installed OR openstack-trove-api-8.0.1~dev13-3.9 is installed OR openstack-trove-conductor-8.0.1~dev13-3.9 is installed OR openstack-trove-doc-8.0.1~dev13-3.9 is installed OR openstack-trove-guestagent-8.0.1~dev13-3.9 is installed OR openstack-trove-taskmanager-8.0.1~dev13-3.9 is installed OR python-Django-1.11.20-3.7 is installed OR python-aodh-5.1.1~dev7-3.11 is installed OR python-barbican-5.0.2~dev3-3.14 is installed OR python-ceilometer-9.0.8~dev7-3.12 is installed OR python-cinder-11.2.3~dev5-3.15 is installed OR python-cliff-2.8.3-3.6 is installed OR python-designate-5.0.3~dev7-3.11 is installed OR python-freezerclient-1.5.1-3.3 is installed OR python-freezerclient-doc-1.5.1-3.3 is installed OR python-heat-9.0.8~dev3-3.18 is installed OR python-heat-gbp-7.0.1~dev1-3.3 is installed OR python-horizon-12.0.4~dev6-3.20 is installed OR python-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed OR python-ironic-9.1.8~dev5-3.18 is installed OR python-ironicclient-1.17.2-3.3 is installed OR python-ironicclient-doc-1.17.2-3.3 is installed OR python-keystone-12.0.4~dev2-5.19 is installed OR python-magnumclient-2.7.1-3.3 is installed OR python-magnumclient-doc-2.7.1-3.3 is installed OR python-manilaclient-1.17.4-3.6 is installed OR python-manilaclient-doc-1.17.4-3.6 is installed OR python-monasca-agent-2.2.5~dev2-3.9 is installed OR python-monasca-api-2.2.1~dev26-3.12 is installed OR python-monasca-log-api-2.3.1~dev12-3.6 is installed OR python-muranoclient-0.14.1-3.3 is installed OR python-muranoclient-doc-0.14.1-3.3 is installed OR python-neutron-11.0.9~dev28-3.18 is installed OR python-neutron-fwaas-11.0.3~dev1-3.14 is installed OR python-neutron-gbp-7.3.1~dev28-3.3 is installed OR python-neutron-lbaas-11.0.4~dev6-3.9 is installed OR python-neutron-vpnaas-11.0.1~dev5-3.12 is installed OR python-nova-16.1.9~dev3-3.23 is installed OR python-novaclient-9.1.3-3.6 is installed OR python-novaclient-doc-9.1.3-3.6 is installed OR python-openstackclient-3.12.2-3.3 is installed OR python-os-brick-1.15.9-3.6 is installed OR python-os-client-config-1.28.1-3.3 is installed OR python-os-vif-1.7.2-3.3 is installed OR python-os-win-2.2.1-3.3 is installed OR python-oslo.cache-1.25.2-3.3 is installed OR python-oslo.concurrency-3.21.2-3.3 is installed OR python-oslo.config-4.11.2-3.3 is installed OR python-oslo.config-doc-4.11.2-3.3 is installed OR python-oslo.i18n-3.17.2-3.3 is installed OR python-oslo.log-3.30.3-3.3 is installed OR python-oslo.messaging-5.30.8-3.8 is installed OR python-oslo.middleware-3.30.2-3.3 is installed OR python-oslo.policy-1.25.4-3.6 is installed OR python-oslo.privsep-1.22.2-3.3 is installed OR python-oslo.reports-1.22.2-3.3 is installed OR python-oslo.utils-3.28.4-3.6 is installed OR python-oslo.versionedobjects-1.26.3-3.6 is installed OR python-oslo.vmware-2.23.2-3.3 is installed OR python-oslotest-2.17.2-3.3 is installed OR python-python-subunit-1.2.0-4.3 is installed OR python-saharaclient-1.3.1-3.3 is installed OR python-saharaclient-doc-1.3.1-3.3 is installed OR python-swiftclient-3.4.1-3.3 is installed OR python-swiftclient-doc-3.4.1-3.3 is installed OR python-trove-8.0.1~dev13-3.9 is installed OR python-zaqarclient-1.7.1-3.3 is installed OR supportutils-plugin-suse-openstack-cloud-8.0.1551262227.7a7deb6-3.3 is installed

BACK