Oval Definition:oval:org.opensuse.security:def:74660
Revision Date:2021-08-25Version:1
Title:Security update for jetty-minimal (Moderate)
Description:

This update for jetty-minimal fixes the following issues:

- Update to version 9.4.43.v20210629 - CVE-2021-34429: URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. (bsc#1188438)
Family:unixClass:patch
Status:Reference(s):1118987
1146608
1162197
1162200
1188438
862963
CVE-2018-11805
CVE-2019-14973
CVE-2020-1930
CVE-2020-1931
CVE-2021-34429
openSUSE-SU-2020:0446-1
openSUSE-SU-2020:1840-1
SUSE-SU-2021:2838-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Development Tools 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libtiff-devel-4.0.9-lp151.10.3 is installed
  • OR libtiff-devel-32bit-4.0.9-lp151.10.3 is installed
  • OR libtiff5-4.0.9-lp151.10.3 is installed
  • OR libtiff5-32bit-4.0.9-lp151.10.3 is installed
  • OR tiff-4.0.9-lp151.10.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • AND Package Information
  • jetty-http-9.4.43-3.12.2 is installed
  • OR jetty-io-9.4.43-3.12.2 is installed
  • OR jetty-security-9.4.43-3.12.2 is installed
  • OR jetty-server-9.4.43-3.12.2 is installed
  • OR jetty-servlet-9.4.43-3.12.2 is installed
  • OR jetty-util-9.4.43-3.12.2 is installed
  • OR jetty-util-ajax-9.4.43-3.12.2 is installed
    • BACK