Oval Definition:	oval:org.opensuse.security:def:74777
Revision Date: 2020-12-01 Version: 1 Title: Security update for tomcat (Important) Description: This update for tomcat to version 9.0.30 fixes the following issues: Security issue fixed: - CVE-2019-12418: Fixed a local privilege escalation through by manipulating the RMI registry and performing a man-in-the-middle attack (bsc#1159723). - CVE-2019-17563: Fixed a session fixation attack when using FORM authentication (bsc#1159729). This update was imported from the SUSE:SLE-15-SP1:Update update project. Family: unix Class: patch Status: Reference(s): 1139924 1159723 1159729 1172402 CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 openSUSE-SU-2020:0038-1 openSUSE-SU-2020:0789-1 Platform(s): openSUSE Leap 15.1 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information tomcat-9.0.30-lp151.3.6 is installed OR tomcat-admin-webapps-9.0.30-lp151.3.6 is installed OR tomcat-docs-webapp-9.0.30-lp151.3.6 is installed OR tomcat-el-3_0-api-9.0.30-lp151.3.6 is installed OR tomcat-embed-9.0.30-lp151.3.6 is installed OR tomcat-javadoc-9.0.30-lp151.3.6 is installed OR tomcat-jsp-2_3-api-9.0.30-lp151.3.6 is installed OR tomcat-jsvc-9.0.30-lp151.3.6 is installed OR tomcat-lib-9.0.30-lp151.3.6 is installed OR tomcat-servlet-4_0-api-9.0.30-lp151.3.6 is installed OR tomcat-webapps-9.0.30-lp151.3.6 is installed
BACK