Oval Definition:oval:org.opensuse.security:def:65592
Revision Date:2021-08-25Version:1
Title:Security update for jetty-minimal (Moderate)
Description:

This update for jetty-minimal fixes the following issues:

- Update to version 9.4.43.v20210629 - CVE-2021-34429: URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. (bsc#1188438)
Family:unixClass:patch
Status:Reference(s):1152930
1171999
1174477
1188438
CVE-2019-11048
CVE-2020-14342
CVE-2021-34429
SUSE-SU-2021:2838-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Development Tools 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • php7-7.2.5-4.58 is installed
  • OR php7-embed-7.2.5-4.58 is installed
  • OR php7-readline-7.2.5-4.58 is installed
  • OR php7-sodium-7.2.5-4.58 is installed
  • OR php7-tidy-7.2.5-4.58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • AND Package Information
  • jetty-http-9.4.43-3.12.2 is installed
  • OR jetty-io-9.4.43-3.12.2 is installed
  • OR jetty-security-9.4.43-3.12.2 is installed
  • OR jetty-server-9.4.43-3.12.2 is installed
  • OR jetty-servlet-9.4.43-3.12.2 is installed
  • OR jetty-util-9.4.43-3.12.2 is installed
  • OR jetty-util-ajax-9.4.43-3.12.2 is installed
    • BACK