Oval Definition:oval:org.opensuse.security:def:63736
Revision Date:2020-12-01Version:1
Title:Security update for tomcat (Moderate)
Description:

This update for tomcat to version 9.0.21 fixes the following issues:

Security issues fixed:

- CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames (bsc#1131055). - CVE-2019-0221: Fixed a cross site scripting vulnerability with the SSI printenv command (bsc#1136085). - CVE-2019-10072: Fixed incomplete patch for CVE-2019-0199 (bsc#1139924).

Please also see http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.21_(markt) and http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt)
Family:unixClass:patch
Status:Reference(s):1044231
1050549
1051510
1051858
1056686
1060463
1065600
1065729
1082318
1083647
1085030
1104967
1109911
1112767
1114279
1118338
1120386
1121995
1122198
1122475
1124159
1127027
1127341
1128828
1131055
1133021
1136085
1136157
1137325
1139924
1142614
1144333
1145051
1145575
1145738
1145740
1145741
1145742
1145929
1146539
1148643
1148868
1154385
1155094
1156323
1156324
1156326
1156328
1156329
1157424
1158552
1158983
1159037
1159142
1159198
1159199
1159285
1160571
1160659
1161951
1162687
1162689
1162691
1162825
1162929
1162931
1163403
1163508
1163897
1164078
1164284
1164507
1164893
1165019
1165111
1165182
1165404
1165488
1165527
1165741
1165813
1165873
1165949
1165984
1165985
1166003
1166101
1166102
1166103
1166104
1166632
1166730
1166731
1166732
1166733
1166734
1166735
1166780
1166860
1166861
1166862
1166864
1166866
1166867
1166868
1166870
1166940
1167005
1167288
1167290
1167316
1167421
1167423
1167629
1168075
1168202
1168276
1168295
1168424
1168443
1168486
1168760
1168762
1168763
1168764
1168765
1168829
1168854
1168881
1168884
1168952
1168994
1169057
1169390
1169514
1169625
1171924
1173812
1174463
1174570
1175193
1175194
CVE-2019-0199
CVE-2019-0221
CVE-2019-10072
CVE-2019-10081
CVE-2019-10082
CVE-2019-10092
CVE-2019-10098
CVE-2019-12523
CVE-2019-12526
CVE-2019-12528
CVE-2019-18348
CVE-2019-18676
CVE-2019-18677
CVE-2019-18678
CVE-2019-18679
CVE-2019-19768
CVE-2019-19770
CVE-2019-2510
CVE-2019-2537
CVE-2019-3701
CVE-2019-5188
CVE-2019-7314
CVE-2019-9215
CVE-2019-9458
CVE-2019-9517
CVE-2019-9674
CVE-2019-9893
CVE-2020-10713
CVE-2020-10942
CVE-2020-11494
CVE-2020-11669
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-14349
CVE-2020-14350
CVE-2020-15706
CVE-2020-15707
CVE-2020-8449
CVE-2020-8450
CVE-2020-8517
CVE-2020-8647
CVE-2020-8649
CVE-2020-8834
CVE-2020-9383
openSUSE-SU-2019:1797-1
openSUSE-SU-2020:0166-1
openSUSE-SU-2020:0696-1
openSUSE-SU-2020:1228-1
SUSE-SU-2019:0609-1
SUSE-SU-2019:1866-1
SUSE-SU-2019:2329-1
SUSE-SU-2019:2941-1
SUSE-SU-2020:0661-1
SUSE-SU-2020:1141-1
SUSE-SU-2020:2078-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libBasicUsageEnvironment1-2019.06.28-lp151.2.3 is installed
  • OR libUsageEnvironment3-2019.06.28-lp151.2.3 is installed
  • OR libgroupsock8-2019.06.28-lp151.2.3 is installed
  • OR libliveMedia66-2019.06.28-lp151.2.3 is installed
  • OR live555-2019.06.28-lp151.2.3 is installed
  • OR live555-devel-2019.06.28-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libecpg6-12.3-lp152.3.4 is installed
  • OR libecpg6-32bit-12.3-lp152.3.4 is installed
  • OR libpq5-12.3-lp152.3.4 is installed
  • OR libpq5-32bit-12.3-lp152.3.4 is installed
  • OR postgresql-12.0.1-lp152.3.3 is installed
  • OR postgresql-contrib-12.0.1-lp152.3.3 is installed
  • OR postgresql-devel-12.0.1-lp152.3.3 is installed
  • OR postgresql-docs-12.0.1-lp152.3.3 is installed
  • OR postgresql-llvmjit-12.0.1-lp152.3.3 is installed
  • OR postgresql-plperl-12.0.1-lp152.3.3 is installed
  • OR postgresql-plpython-12.0.1-lp152.3.3 is installed
  • OR postgresql-pltcl-12.0.1-lp152.3.3 is installed
  • OR postgresql-server-12.0.1-lp152.3.3 is installed
  • OR postgresql-server-devel-12.0.1-lp152.3.3 is installed
  • OR postgresql-test-12.0.1-lp152.3.3 is installed
  • OR postgresql10-10.13-lp152.2.3 is installed
  • OR postgresql10-contrib-10.13-lp152.2.3 is installed
  • OR postgresql10-devel-10.13-lp152.2.3 is installed
  • OR postgresql10-docs-10.13-lp152.2.3 is installed
  • OR postgresql10-plperl-10.13-lp152.2.3 is installed
  • OR postgresql10-plpython-10.13-lp152.2.3 is installed
  • OR postgresql10-pltcl-10.13-lp152.2.3 is installed
  • OR postgresql10-server-10.13-lp152.2.3 is installed
  • OR postgresql10-test-10.13-lp152.2.3 is installed
  • OR postgresql11-11.9-lp152.3.3 is installed
  • OR postgresql11-contrib-11.9-lp152.3.3 is installed
  • OR postgresql11-devel-11.9-lp152.3.3 is installed
  • OR postgresql11-docs-11.9-lp152.3.3 is installed
  • OR postgresql11-llvmjit-11.9-lp152.3.3 is installed
  • OR postgresql11-plperl-11.9-lp152.3.3 is installed
  • OR postgresql11-plpython-11.9-lp152.3.3 is installed
  • OR postgresql11-pltcl-11.9-lp152.3.3 is installed
  • OR postgresql11-server-11.9-lp152.3.3 is installed
  • OR postgresql11-server-devel-11.9-lp152.3.3 is installed
  • OR postgresql11-test-11.9-lp152.3.3 is installed
  • OR postgresql12-12.3-lp152.3.4 is installed
  • OR postgresql12-contrib-12.3-lp152.3.4 is installed
  • OR postgresql12-devel-12.3-lp152.3.4 is installed
  • OR postgresql12-docs-12.3-lp152.3.4 is installed
  • OR postgresql12-llvmjit-12.3-lp152.3.4 is installed
  • OR postgresql12-plperl-12.3-lp152.3.4 is installed
  • OR postgresql12-plpython-12.3-lp152.3.4 is installed
  • OR postgresql12-pltcl-12.3-lp152.3.4 is installed
  • OR postgresql12-server-12.3-lp152.3.4 is installed
  • OR postgresql12-server-devel-12.3-lp152.3.4 is installed
  • OR postgresql12-test-12.3-lp152.3.4 is installed
  • OR postgresql96-9.6.19-lp152.2.3 is installed
  • OR postgresql96-contrib-9.6.19-lp152.2.3 is installed
  • OR postgresql96-devel-9.6.19-lp152.2.3 is installed
  • OR postgresql96-docs-9.6.19-lp152.2.3 is installed
  • OR postgresql96-plperl-9.6.19-lp152.2.3 is installed
  • OR postgresql96-plpython-9.6.19-lp152.2.3 is installed
  • OR postgresql96-pltcl-9.6.19-lp152.2.3 is installed
  • OR postgresql96-server-9.6.19-lp152.2.3 is installed
  • OR postgresql96-test-9.6.19-lp152.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • tomcat-9.0.21-3.13 is installed
  • OR tomcat-admin-webapps-9.0.21-3.13 is installed
  • OR tomcat-docs-webapp-9.0.21-3.13 is installed
  • OR tomcat-el-3_0-api-9.0.21-3.13 is installed
  • OR tomcat-javadoc-9.0.21-3.13 is installed
  • OR tomcat-jsp-2_3-api-9.0.21-3.13 is installed
  • OR tomcat-lib-9.0.21-3.13 is installed
  • OR tomcat-servlet-4_0-api-9.0.21-3.13 is installed
  • OR tomcat-webapps-9.0.21-3.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • grub2-2.02-12.31 is installed
  • OR grub2-arm64-efi-2.02-12.31 is installed
  • OR grub2-i386-pc-2.02-12.31 is installed
  • OR grub2-powerpc-ieee1275-2.02-12.31 is installed
  • OR grub2-s390x-emu-2.02-12.31 is installed
  • OR grub2-snapper-plugin-2.02-12.31 is installed
  • OR grub2-systemd-sleep-plugin-2.02-12.31 is installed
  • OR grub2-x86_64-efi-2.02-12.31 is installed
  • OR grub2-x86_64-xen-2.02-12.31 is installed
    • BACK