Oval Definition:oval:org.opensuse.security:def:66218
Revision Date:2020-12-01Version:1
Title:Security update for tomcat (Important)
Description:

This update for tomcat to version 9.0.31 fixes the following issues:

Security issues fixed:

- CVE-2019-17569: Fixed a regression in the handling of Transfer-Encoding headers that would have allowed HTTP Request Smuggling (bsc#1164825). - CVE-2020-1935: Fixed an HTTP Request Smuggling issue (bsc#1164860). - CVE-2020-1938: Fixed a file contents disclosure vulnerability (bsc#1164692).
Family:unixClass:patch
Status:Reference(s):1051510
1065729
1071995
1085030
1111666
1112178
1113956
1114279
1144333
1148868
1150660
1151927
1152107
1152624
1158983
1159058
1161016
1162002
1162063
1163309
1164692
1164825
1164860
1166985
1167104
1168081
1168959
1169194
1169514
1169771
1169795
1170011
1170442
1170592
1170617
1170618
1171124
1171424
1171529
1171530
1171558
1171732
1171739
1171743
1171753
1171759
1171835
1171841
1171868
1171904
1172247
1172257
1172344
1172458
1172484
1172537
1172538
1172687
1172719
1172759
1172775
1172781
1172782
1172783
1172871
1172872
1172999
1173060
1173074
1173146
1173265
1173280
1173284
1173428
1173514
1173567
1173573
1173659
1173746
1173818
1173820
1173825
1173826
1173833
1173838
1173839
1173845
1173857
1174113
1174115
1174122
1174123
1174186
1174187
1174296
1174343
1174356
1174409
1174438
1174462
1174543
CVE-2019-16746
CVE-2019-17569
CVE-2019-20810
CVE-2019-20908
CVE-2020-0305
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10769
CVE-2020-10773
CVE-2020-10781
CVE-2020-12771
CVE-2020-12888
CVE-2020-13974
CVE-2020-14416
CVE-2020-15393
CVE-2020-15780
CVE-2020-1935
CVE-2020-1938
SUSE-SU-2020:0631-1
SUSE-SU-2020:2107-1
Platform(s):SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • tomcat-9.0.31-4.22 is installed
  • OR tomcat-admin-webapps-9.0.31-4.22 is installed
  • OR tomcat-el-3_0-api-9.0.31-4.22 is installed
  • OR tomcat-jsp-2_3-api-9.0.31-4.22 is installed
  • OR tomcat-lib-9.0.31-4.22 is installed
  • OR tomcat-servlet-4_0-api-9.0.31-4.22 is installed
  • OR tomcat-webapps-9.0.31-4.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.48 is installed
  • OR kernel-default-extra-4.12.14-197.48 is installed
    • BACK