Oval Definition:	oval:org.opensuse.security:def:61019
Revision Date: 2020-12-01 Version: 1 Title: Security update for apache2 (Moderate) Description: This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request (bsc#1175071). - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite (bsc#1175072). - CVE-2020-11993: When trace/debug was enabled for the HTTP/2 module logging statements were made on the wrong connection (bsc#1175070). Family: unix Class: patch Status: Reference(s): 1002573 1026236 1027282 1027519 1035231 1039567 1041090 1042670 1046077 1046637 1049578 1051787 1051788 1051789 1052686 1055123 1055695 1061832 1068032 1073269 1073748 1074318 1077330 1078326 1078485 1081690 1081750 1084650 1086001 1094290 1094291 1109961 1112824 1118595 1118596 1118599 1121214 1133190 1133738 1136424 1136598 1136922 1136935 1137194 1137586 1138291 1138293 1139751 1149792 1153830 1155094 1159035 1160305 1160498 1162224 1162367 1162825 1163985 1165894 1169428 1170170 1170411 1171561 1172405 1173100 1173659 1173661 1173663 1173664 1173665 1173666 1173867 1173869 1173942 1173963 1174247 1175070 1175071 1175072 1177158 945401 CVE-2017-10664 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12173 CVE-2017-12855 CVE-2017-17973 CVE-2017-5753 CVE-2017-9935 CVE-2018-0739 CVE-2018-11763 CVE-2018-15518 CVE-2018-19869 CVE-2018-19873 CVE-2018-5784 CVE-2019-0155 CVE-2019-10126 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-11599 CVE-2019-12380 CVE-2019-12456 CVE-2019-12614 CVE-2019-12818 CVE-2019-12819 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14901 CVE-2019-16746 CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-18348 CVE-2019-18680 CVE-2019-19447 CVE-2019-3846 CVE-2019-9458 CVE-2019-9674 CVE-2020-11668 CVE-2020-11736 CVE-2020-11985 CVE-2020-11993 CVE-2020-12059 CVE-2020-14331 CVE-2020-14355 CVE-2020-1720 CVE-2020-8022 CVE-2020-8492 CVE-2020-9490 SUSE-SU-2017:2327-2 SUSE-SU-2017:2937-1 SUSE-SU-2018:1180-1 SUSE-SU-2018:2158-1 SUSE-SU-2018:3582-1 SUSE-SU-2020:0068-1 SUSE-SU-2020:0715-1 SUSE-SU-2020:1158-1 SUSE-SU-2020:1791-1 SUSE-SU-2020:2450-1 SUSE-SU-2020:3084-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information curl-7.60.0-lp151.5.3 is installed OR curl-mini-7.60.0-lp151.5.3 is installed OR libcurl-devel-7.60.0-lp151.5.3 is installed OR libcurl-devel-32bit-7.60.0-lp151.5.3 is installed OR libcurl-mini-devel-7.60.0-lp151.5.3 is installed OR libcurl4-7.60.0-lp151.5.3 is installed OR libcurl4-32bit-7.60.0-lp151.5.3 is installed OR libcurl4-mini-7.60.0-lp151.5.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information LibVNCServer-0.9.10-lp152.9.8 is installed OR LibVNCServer-devel-0.9.10-lp152.9.8 is installed OR libvncclient0-0.9.10-lp152.9.8 is installed OR libvncserver0-0.9.10-lp152.9.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information xen-4.9.0_11-3.9 is installed OR xen-doc-html-4.9.0_11-3.9 is installed OR xen-libs-4.9.0_11-3.9 is installed OR xen-libs-32bit-4.9.0_11-3.9 is installed OR xen-tools-4.9.0_11-3.9 is installed OR xen-tools-domU-4.9.0_11-3.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ceph-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR ceph-common-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librados2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librbd1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librgw2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rados-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rbd-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rgw-12.2.12+git.1587570958.35d78d0243-2.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-9-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-9-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information tomcat-8.0.53-29.32 is installed OR tomcat-admin-webapps-8.0.53-29.32 is installed OR tomcat-docs-webapp-8.0.53-29.32 is installed OR tomcat-el-3_0-api-8.0.53-29.32 is installed OR tomcat-javadoc-8.0.53-29.32 is installed OR tomcat-jsp-2_3-api-8.0.53-29.32 is installed OR tomcat-lib-8.0.53-29.32 is installed OR tomcat-servlet-3_1-api-8.0.53-29.32 is installed OR tomcat-webapps-8.0.53-29.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libqt4-4.8.7-8.13 is installed OR libqt4-32bit-4.8.7-8.13 is installed OR libqt4-devel-doc-4.8.7-8.13 is installed OR libqt4-qt3support-4.8.7-8.13 is installed OR libqt4-qt3support-32bit-4.8.7-8.13 is installed OR libqt4-sql-4.8.7-8.13 is installed OR libqt4-sql-32bit-4.8.7-8.13 is installed OR libqt4-sql-mysql-4.8.7-8.13 is installed OR libqt4-sql-plugins-4.8.7-8.13 is installed OR libqt4-sql-sqlite-4.8.7-8.13 is installed OR libqt4-x11-4.8.7-8.13 is installed OR libqt4-x11-32bit-4.8.7-8.13 is installed OR qt4-x11-tools-4.8.7-8.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information xen-4.11.4_04-2.30 is installed OR xen-doc-html-4.11.4_04-2.30 is installed OR xen-libs-4.11.4_04-2.30 is installed OR xen-libs-32bit-4.11.4_04-2.30 is installed OR xen-tools-4.11.4_04-2.30 is installed OR xen-tools-domU-4.11.4_04-2.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information libfreebl3-3.53.1-58.48 is installed OR libfreebl3-32bit-3.53.1-58.48 is installed OR libfreebl3-hmac-3.53.1-58.48 is installed OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed OR libsoftokn3-3.53.1-58.48 is installed OR libsoftokn3-32bit-3.53.1-58.48 is installed OR libsoftokn3-hmac-3.53.1-58.48 is installed OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed OR mozilla-nspr-4.25-19.15 is installed OR mozilla-nspr-32bit-4.25-19.15 is installed OR mozilla-nspr-devel-4.25-19.15 is installed OR mozilla-nss-3.53.1-58.48 is installed OR mozilla-nss-32bit-3.53.1-58.48 is installed OR mozilla-nss-certs-3.53.1-58.48 is installed OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed OR mozilla-nss-devel-3.53.1-58.48 is installed OR mozilla-nss-sysinit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed OR mozilla-nss-tools-3.53.1-58.48 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information apache2-2.4.23-29.63 is installed OR apache2-doc-2.4.23-29.63 is installed OR apache2-example-pages-2.4.23-29.63 is installed OR apache2-prefork-2.4.23-29.63 is installed OR apache2-utils-2.4.23-29.63 is installed OR apache2-worker-2.4.23-29.63 is installed
BACK