OVAL Reference oval:org.opensuse.security:def:6065

Oval Definition:

oval:org.opensuse.security:def:6065

Revision Date:	2021-06-17	Version:	1
Title:	Security update for jetty-minimal (Important)
Description:	This update for jetty-minimal fixes the following issues: Update to version 9.4.42.v20210604 - Fix: bsc#1187117, CVE-2021-28169 - possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory - Fix: bsc#1184367, CVE-2021-28165 - jetty server high CPU when client send data length > 17408 - Fix: bsc#1184368, CVE-2021-28164 - Normalize ambiguous URIs - Fix: bsc#1184366, CVE-2021-28163 - Exclude webapps directory from deployment scan
Family:	unix	Class:	patch
Status:		Reference(s):	1184366 1184367 1184368 1187117 CVE-2009-0186 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0624 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1635 CVE-2010-1642 CVE-2010-2063 CVE-2010-3069 CVE-2011-0523 CVE-2011-0524 CVE-2011-0719 CVE-2011-2522 CVE-2011-2694 CVE-2011-2696 CVE-2011-3389 CVE-2011-4944 CVE-2012-0817 CVE-2012-0845 CVE-2012-0870 CVE-2012-1150 CVE-2012-1182 CVE-2012-1616 CVE-2012-2111 CVE-2012-6150 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0454 CVE-2013-1752 CVE-2013-1863 CVE-2013-2063 CVE-2013-4124 CVE-2013-4238 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6442 CVE-2013-6487 CVE-2014-0178 CVE-2014-0239 CVE-2014-0244 CVE-2014-2667 CVE-2014-3493 CVE-2014-3560 CVE-2014-3775 CVE-2014-4650 CVE-2014-8143 CVE-2014-9112 CVE-2014-9496 CVE-2014-9756 CVE-2015-0240 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-3294 CVE-2015-3451 CVE-2015-7805 CVE-2015-8075 CVE-2015-8899 CVE-2016-0772 CVE-2016-1000110 CVE-2016-2037 CVE-2016-3698 CVE-2016-5636 CVE-2016-5699 CVE-2016-7951 CVE-2016-7952 CVE-2016-8605 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5977 CVE-2017-5978 CVE-2017-5979 CVE-2017-5980 CVE-2017-5981 CVE-2017-6440 CVE-2017-7585 CVE-2017-7586 CVE-2017-7741 CVE-2017-7742 CVE-2017-7982 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-28169
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND kernel-zfcpdump-3.12.43-52.6 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.51-60.25 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.21-84 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND Package Information libudev-mini-devel-228-150.9 is installed OR libudev-mini1-228-150.9 is installed OR systemd-mini-228-150.9 is installed OR systemd-mini-devel-228-150.9 is installed OR udev-mini-228-150.9 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND Package Information mariadb-10.2.21-3.7 is installed OR mariadb-bench-10.2.21-3.7 is installed OR mariadb-test-10.2.21-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information acroread-9.5.5-0.5.5.1 is installed OR acroread-cmaps-9.4.6-0.4.5.1 is installed OR acroread-fonts-ja-9.4.6-0.4.5.1 is installed OR acroread-fonts-ko-9.4.6-0.4.5.1 is installed OR acroread-fonts-zh_CN-9.4.6-0.4.5.1 is installed OR acroread-fonts-zh_TW-9.4.6-0.4.5.1 is installed OR acroread_ja-9.4.2-0.4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND openvpn-2.3.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libQt5Core5-5.3.2-1 is installed OR libQt5DBus5-5.3.2-1 is installed OR libQt5Gui5-5.3.2-1 is installed OR libQt5Widgets5-5.3.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND libndp0-1.6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2 is installed OR kgraft-patch-SLE12_Update_15-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-94.1 is installed OR libopenssl0_9_8-0.9.8j-94.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information hawk-1.0.0+git.1448981395.15fb8b9-4.3 is installed OR hawk-templates-1.0.0+git.1448981395.15fb8b9-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND fence-agents-4.2.1+git.1537269352.7b1fd536-1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND libpcreposix0-8.39-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information MozillaFirefox-68.1.0-109.92 is installed OR MozillaFirefox-translations-common-68.1.0-109.92 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_43-52_6-default-1-2 is installed OR kgraft-patch-3_12_43-52_6-xen-1-2 is installed OR kgraft-patch-SLE12_Update_5-1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_6-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_2-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9 is installed OR gcc5-5.3.1+r233831-9 is installed OR gcc5-c++-5.3.1+r233831-9 is installed OR gcc5-fortran-5.3.1+r233831-9 is installed OR gcc5-info-5.3.1+r233831-9 is installed OR gcc5-locale-5.3.1+r233831-9 is installed OR libffi-devel-gcc5-5.3.1+r233831-9 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.67-60.27 is installed OR kernel-compute-base-3.12.67-60.27 is installed OR kernel-compute-devel-3.12.67-60.27 is installed OR kernel-compute_debug-3.12.67-60.27 is installed OR kernel-compute_debug-devel-3.12.67-60.27 is installed OR kernel-devel-rt-3.12.67-60.27 is installed OR kernel-rt-3.12.67-60.27 is installed OR kernel-rt-base-3.12.67-60.27 is installed OR kernel-rt-devel-3.12.67-60.27 is installed OR kernel-rt_debug-3.12.67-60.27 is installed OR kernel-rt_debug-devel-3.12.67-60.27 is installed OR kernel-source-rt-3.12.67-60.27 is installed OR kernel-syms-rt-3.12.67-60.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information OpenEXR-1.6.1-83.17.1 is installed OR OpenEXR-32bit-1.6.1-83.17.1 is installed OR OpenEXR-x86-1.6.1-83.17.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND quota-3.16-50.39.1 is installed OR quota-nfs-3.16-50.39.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND quota-3.16-50.39.1 is installed OR quota-nfs-3.16-50.39.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND LibVNCServer-0.9.1-154.24 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND ipsec-tools-0.7.3-1.13.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND ipsec-tools-0.7.3-1.13.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information ant-1.7.1-20.9.53 is installed OR ant-trax-1.7.1-16.9.65 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information ark-4.3.5-0.3.3 is installed OR kcalc-4.3.5-0.3.3 is installed OR kcharselect-4.3.5-0.3.3 is installed OR kdessh-4.3.5-0.3.3 is installed OR kdf-4.3.5-0.3.3 is installed OR kfloppy-4.3.5-0.3.3 is installed OR kgpg-4.3.5-0.3.3 is installed OR ktimer-4.3.5-0.3.3 is installed OR kwalletmanager-4.3.5-0.3.3 is installed OR kwikdisk-4.3.5-0.3.3 is installed OR okteta-4.3.5-0.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information bzip2-1.0.6-27 is installed OR bzip2-doc-1.0.6-27 is installed OR libbz2-1-1.0.6-27 is installed OR libbz2-1-32bit-1.0.6-27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND autofs-5.0.9-8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_perl-2.0.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information java-1_8_0-openjdk-1.8.0.101-14 is installed OR java-1_8_0-openjdk-demo-1.8.0.101-14 is installed OR java-1_8_0-openjdk-devel-1.8.0.101-14 is installed OR java-1_8_0-openjdk-headless-1.8.0.101-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information kgraft-patch-4_4_121-92_98-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_26-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libcurl-devel-7.19.7-1.20.31.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information cyrus-imapd-devel-2.3.11-60.65.64.1 is installed OR perl-Cyrus-IMAP-2.3.11-60.65.64.1 is installed OR perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.64.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND augeas-devel-1.2.0-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND coolkey-devel-1.1.0-147 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND cifs-utils-devel-6.5-8 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR ImageMagick-devel-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagick++-devel-6.8.8.1-70 is installed OR perl-PerlMagick-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libmysqlclient_r18-10.0.25-6.1 is installed OR libmysqlclient_r18-32bit-10.0.25-6.1 is installed OR mariadb-10.0.25-6.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information libuuid-devel-2.28-42.1 is installed OR util-linux-2.28-42.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND libgio-fam-2.48.2-10 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND bash-lang-4.3-83.15 is installed

BACK