Oval Definition:oval:org.opensuse.security:def:67319
Revision Date:2021-11-16Version:1
Title:Security update for tomcat (Moderate)
Description:

This update for tomcat fixes the following issues:

- CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279). - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278). - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558).
Family:unixClass:patch
Status:Reference(s):1162501
1178171
1188278
1188279
1190558
945190
CVE-2014-3577
CVE-2015-5262
CVE-2019-20446
CVE-2021-30640
CVE-2021-33037
CVE-2021-41079
SUSE-SU-2020:0629-2
Platform(s):SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND Package Information
  • librsvg-2.42.8-3.3 is installed
  • OR rsvg-view-2.42.8-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • apache-commons-httpclient-3.1-11.3 is installed
  • OR apache-commons-httpclient-demo-3.1-11.3 is installed
  • OR apache-commons-httpclient-javadoc-3.1-11.3 is installed
  • OR apache-commons-httpclient-manual-3.1-11.3 is installed
    • BACK