Oval Definition:oval:org.opensuse.security:def:66109
Revision Date:2020-12-01Version:1
Title:Security update for nginx (Important)
Description:

This update for nginx fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization (bsc#1145579). - CVE-2019-9513: Fixed a denial of service caused by resource loops (bsc#1145580). - CVE-2019-9516: Fixed a denial of service caused by header leaks (bsc#1145582). - CVE-2018-16845: Fixed denial of service and memory disclosure via mp4 module (bsc#1115015). - CVE-2018-16843: Fixed excessive memory consumption in HTTP/2 implementation (bsc#1115022). - CVE-2018-16844: Fixed excessive CPU usage via flaw in HTTP/2 implementation (bsc#1115025).
Family:unixClass:patch
Status:Reference(s):1115015
1115022
1115025
1145579
1145580
1145582
1171928
CVE-2018-16843
CVE-2018-16844
CVE-2018-16845
CVE-2019-9511
CVE-2019-9513
CVE-2019-9516
CVE-2020-9484
SUSE-SU-2019:2309-1
SUSE-SU-2020:1363-1
Platform(s):SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • nginx-1.14.2-6.3 is installed
  • OR nginx-source-1.14.2-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • tomcat-9.0.35-4.30 is installed
  • OR tomcat-admin-webapps-9.0.35-4.30 is installed
  • OR tomcat-el-3_0-api-9.0.35-4.30 is installed
  • OR tomcat-jsp-2_3-api-9.0.35-4.30 is installed
  • OR tomcat-lib-9.0.35-4.30 is installed
  • OR tomcat-servlet-4_0-api-9.0.35-4.30 is installed
  • OR tomcat-webapps-9.0.35-4.30 is installed
    • BACK