Oval Definition:oval:org.opensuse.security:def:6267
Revision Date:2021-12-15Version:1
Title:Security update for log4j (Important)
Description:

This update for log4j fixes the following issue:

CVE-2021-44228: The previously published fix by upstream turned out to be incomplete. Therefore, upstream has recommended disabling JNDI support in log4j by default to be completely sure that this vulnerability cannot be exploited.

This update implements that recommendation and disables JNDI support by default. [bsc#1193611, CVE-2021-44228]

CVE-2021-45046: A Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack is also fixed by disabling JNDI support by default (bsc#1193743)
Family:unixClass:patch
Status:Reference(s):1193611
1193743
CVE-2007-3126
CVE-2008-3825
CVE-2009-0946
CVE-2009-1384
CVE-2010-2252
CVE-2010-2497
CVE-2010-2547
CVE-2010-2805
CVE-2010-2935
CVE-2010-2936
CVE-2010-3053
CVE-2010-3054
CVE-2010-3311
CVE-2010-3814
CVE-2010-4540
CVE-2010-4541
CVE-2010-4542
CVE-2010-4543
CVE-2011-0226
CVE-2011-1831
CVE-2011-1832
CVE-2011-1833
CVE-2011-1834
CVE-2011-1835
CVE-2011-1836
CVE-2011-1837
CVE-2011-2896
CVE-2012-0035
CVE-2012-2396
CVE-2012-3236
CVE-2012-4024
CVE-2012-4025
CVE-2012-4929
CVE-2012-5576
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
CVE-2013-0221
CVE-2013-0222
CVE-2013-0223
CVE-2013-2063
CVE-2013-4143
CVE-2013-4351
CVE-2013-4402
CVE-2014-0247
CVE-2014-2240
CVE-2014-3421
CVE-2014-3422
CVE-2014-3423
CVE-2014-3424
CVE-2014-3524
CVE-2014-3575
CVE-2014-3693
CVE-2014-4617
CVE-2014-4877
CVE-2014-8146
CVE-2014-8147
CVE-2014-8964
CVE-2014-9093
CVE-2014-9656
CVE-2014-9657
CVE-2014-9658
CVE-2014-9659
CVE-2014-9660
CVE-2014-9661
CVE-2014-9662
CVE-2014-9663
CVE-2014-9664
CVE-2014-9665
CVE-2014-9666
CVE-2014-9667
CVE-2014-9668
CVE-2014-9669
CVE-2014-9670
CVE-2014-9671
CVE-2014-9672
CVE-2014-9673
CVE-2014-9674
CVE-2014-9675
CVE-2014-9687
CVE-2015-1606
CVE-2015-1607
CVE-2015-2059
CVE-2015-2325
CVE-2015-2327
CVE-2015-2328
CVE-2015-3210
CVE-2015-3217
CVE-2015-4041
CVE-2015-4042
CVE-2015-4551
CVE-2015-5073
CVE-2015-5212
CVE-2015-5213
CVE-2015-5214
CVE-2015-8380
CVE-2015-8946
CVE-2016-0794
CVE-2016-0795
CVE-2016-10165
CVE-2016-10327
CVE-2016-1283
CVE-2016-1572
CVE-2016-3191
CVE-2016-4324
CVE-2016-4971
CVE-2016-4994
CVE-2016-6224
CVE-2016-7098
CVE-2016-7951
CVE-2016-7952
CVE-2017-13089
CVE-2017-13090
CVE-2017-3157
CVE-2017-6508
CVE-2017-7870
CVE-2017-7882
CVE-2017-8358
CVE-2018-0494
CVE-2018-10119
CVE-2018-10120
CVE-2018-1055
CVE-2018-10583
CVE-2018-12020
CVE-2018-16435
CVE-2018-6871
CVE-2021-44228
CVE-2021-45046
Platform(s):openSUSE 13.1
openSUSE 13.1 NonFree
openSUSE 13.2
openSUSE 13.2 NonFree
openSUSE Leap 42.1
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12 SP2
SUSE Linux Enterprise Build System Kit 12 SP3
SUSE Linux Enterprise Build System Kit 12 SP4
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for High Performance Computing 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Point of Sale 12 SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE OpenStack Cloud 6
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP2 is installed
  • AND Package Information
  • libudev-mini-devel-228-150.7 is installed
  • OR libudev-mini1-228-150.7 is installed
  • OR systemd-mini-228-150.7 is installed
  • OR systemd-mini-devel-228-150.7 is installed
  • OR udev-mini-228-150.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP3 is installed
  • AND Package Information
  • libpoppler-cpp0-0.43.0-16.5 is installed
  • OR poppler-0.43.0-16.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP4 is installed
  • AND Package Information
  • ghostscript-mini-9.26-23.16 is installed
  • OR ghostscript-mini-devel-9.26-23.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND clamav-0.97.8-0.2.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-38.5.0esr-28.2 is installed
  • OR MozillaFirefox-translations-38.5.0esr-28.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-8 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-8 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • flash-player-11.2.202.559-117 is installed
  • OR flash-player-gnome-11.2.202.559-117 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • coreutils-8.25-12 is installed
  • OR coreutils-lang-8.25-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • ecryptfs-utils-103-8.3 is installed
  • OR ecryptfs-utils-32bit-103-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_45-default-2-2 is installed
  • OR kgraft-patch-3_12_74-60_64_45-xen-2-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_16-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND Package Information
  • libpacemaker3-1.1.21+20190809.bf34b44fa-1 is installed
  • OR pacemaker-1.1.21+20190809.bf34b44fa-1 is installed
  • OR pacemaker-cli-1.1.21+20190809.bf34b44fa-1 is installed
  • OR pacemaker-cts-1.1.21+20190809.bf34b44fa-1 is installed
  • OR pacemaker-remote-1.1.21+20190809.bf34b44fa-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND ant-1.9.4-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-4_4_49-92_11-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_5-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_82-6_3-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_1-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 12 is installed
  • AND Package Information
  • libslurm29-16.05.8.1-5 is installed
  • OR perl-slurm-16.05.8.1-5 is installed
  • OR slurm-16.05.8.1-5 is installed
  • OR slurm-auth-none-16.05.8.1-5 is installed
  • OR slurm-devel-16.05.8.1-5 is installed
  • OR slurm-doc-16.05.8.1-5 is installed
  • OR slurm-lua-16.05.8.1-5 is installed
  • OR slurm-munge-16.05.8.1-5 is installed
  • OR slurm-pam_slurm-16.05.8.1-5 is installed
  • OR slurm-plugins-16.05.8.1-5 is installed
  • OR slurm-sched-wiki-16.05.8.1-5 is installed
  • OR slurm-slurmdbd-16.05.8.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • java-1_6_0-ibm-1.6.0_sr16.15-27 is installed
  • OR java-1_6_0-ibm-fonts-1.6.0_sr16.15-27 is installed
  • OR java-1_6_0-ibm-jdbc-1.6.0_sr16.15-27 is installed
  • OR java-1_6_0-ibm-plugin-1.6.0_sr16.15-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND Package Information
  • kernel-ec2-3.12.43-52.6 is installed
  • OR kernel-ec2-devel-3.12.43-52.6 is installed
  • OR kernel-ec2-extra-3.12.43-52.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php7-7.0.7-15 is installed
  • OR php7-7.0.7-15 is installed
  • OR php7-bcmath-7.0.7-15 is installed
  • OR php7-bz2-7.0.7-15 is installed
  • OR php7-calendar-7.0.7-15 is installed
  • OR php7-ctype-7.0.7-15 is installed
  • OR php7-curl-7.0.7-15 is installed
  • OR php7-dba-7.0.7-15 is installed
  • OR php7-dom-7.0.7-15 is installed
  • OR php7-enchant-7.0.7-15 is installed
  • OR php7-exif-7.0.7-15 is installed
  • OR php7-fastcgi-7.0.7-15 is installed
  • OR php7-fileinfo-7.0.7-15 is installed
  • OR php7-fpm-7.0.7-15 is installed
  • OR php7-ftp-7.0.7-15 is installed
  • OR php7-gd-7.0.7-15 is installed
  • OR php7-gettext-7.0.7-15 is installed
  • OR php7-gmp-7.0.7-15 is installed
  • OR php7-iconv-7.0.7-15 is installed
  • OR php7-imap-7.0.7-15 is installed
  • OR php7-intl-7.0.7-15 is installed
  • OR php7-json-7.0.7-15 is installed
  • OR php7-ldap-7.0.7-15 is installed
  • OR php7-mbstring-7.0.7-15 is installed
  • OR php7-mcrypt-7.0.7-15 is installed
  • OR php7-mysql-7.0.7-15 is installed
  • OR php7-odbc-7.0.7-15 is installed
  • OR php7-opcache-7.0.7-15 is installed
  • OR php7-openssl-7.0.7-15 is installed
  • OR php7-pcntl-7.0.7-15 is installed
  • OR php7-pdo-7.0.7-15 is installed
  • OR php7-pear-7.0.7-15 is installed
  • OR php7-pear-Archive_Tar-7.0.7-15 is installed
  • OR php7-pgsql-7.0.7-15 is installed
  • OR php7-phar-7.0.7-15 is installed
  • OR php7-posix-7.0.7-15 is installed
  • OR php7-pspell-7.0.7-15 is installed
  • OR php7-shmop-7.0.7-15 is installed
  • OR php7-snmp-7.0.7-15 is installed
  • OR php7-soap-7.0.7-15 is installed
  • OR php7-sockets-7.0.7-15 is installed
  • OR php7-sqlite-7.0.7-15 is installed
  • OR php7-sysvmsg-7.0.7-15 is installed
  • OR php7-sysvsem-7.0.7-15 is installed
  • OR php7-sysvshm-7.0.7-15 is installed
  • OR php7-tokenizer-7.0.7-15 is installed
  • OR php7-wddx-7.0.7-15 is installed
  • OR php7-xmlreader-7.0.7-15 is installed
  • OR php7-xmlrpc-7.0.7-15 is installed
  • OR php7-xmlwriter-7.0.7-15 is installed
  • OR php7-xsl-7.0.7-15 is installed
  • OR php7-zip-7.0.7-15 is installed
  • OR php7-zlib-7.0.7-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Point of Sale 12 SP2 is installed
  • AND Package Information
  • salt-2016.11.4-46.10 is installed
  • OR salt-minion-2016.11.4-46.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND perl-HTML-Parser-3.56-1.18.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND aaa_base-11-6.65.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND libmspack0-0.0.20060920alpha-74.5.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND libmspack0-0.0.20060920alpha-74.5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND acpid-1.0.6-91.25.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND automake-1.10.1-4.131.9.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • automake-1.13.4-4 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-4 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR alsa-docs-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_48-52_27-default-5-2.2 is installed
  • OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed
  • OR kgraft-patch-SLE12_Update_8-5-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND xlockmore-5.43-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND mailman-2.1.17-3.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
  • AND Package Information
  • mozilla-nspr-devel-4.9.6-0.3.1 is installed
  • OR mozilla-nss-devel-3.14.3-0.4.3.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-devel-24.6.0esr-0.8.1 is installed
  • OR mozilla-nspr-devel-4.10.6-0.3.1 is installed
  • OR mozilla-nss-devel-3.16.1-0.8.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND dbus-1-glib-devel-0.76-34.22.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND Package Information
  • evince-devel-3.10.3-1 is installed
  • OR typelib-1_0-EvinceDocument-3_0-3.10.3-1 is installed
  • OR typelib-1_0-EvinceView-3_0-3.10.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND Package Information
  • DirectFB-devel-1.7.1-4 is installed
  • OR lib++dfb-devel-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • FastCGI-2.4.0-167 is installed
  • OR perl-FastCGI-2.4.0-167 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND Package Information
  • DirectFB-devel-1.7.1-6 is installed
  • OR lib++dfb-devel-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND accountsservice-devel-0.6.42-16.3 is installed
    • BACK