Vulnerability CVE-2017-15698

Vulnerability Name:

CVE-2017-15698 (CCN-138491)

Assigned:

2017-10-21

Published:

2018-01-31

Updated:

2019-03-25

Summary:

When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability.

CVSS v3 Severity:

5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-295

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2017-15698

Source: CCN
Type: Apache Web site
Tomcat Native

Source: CCN
Type: IBM Security Bulletin T1027633 (Spectrum Symphony)
Vulnerability in Apache Tomcat affects IBM Platform Symphony, IBM Spectrum Symphony (CVE-2017-15698, CVE-2017-15706, CVE-2018-1323, CVE-2018-1305, CVE-2018-1304)

Source: CCN
Type: IBM Security Bulletin 2015795 (Tivoli Application Dependency Discovery Manager)
Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-15698, CVE-2017-15706, CVE-2018-1304, CVE-2018-1305)

Source: CCN
Type: IBM Security Bulletin 2017032 (WebSphere Cast Iron Cloud integration)
IBM WebSphere Cast Iron Solution is affected by Tomcat vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1040390

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:0465

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:0466

Source: XF
Type: UNKNOWN
apache-tomcat-cve201715698-sec-bypass(138491)

Source: CCN
Type: Apache Mailing List, 2018/01/31 10:22:22
CVE-2017-15698 Apache Tomcat Native Connector - OCSP check omitted

Source: MLIST
Type: Vendor Advisory
[announce] 20180131 [SECURITY] CVE-2017-15698 Apache Tomcat Native Connector - OCSP check omitted

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180211 [SECURITY] [DLA 1276-1] tomcat-native security update

Source: DEBIAN
Type: Third Party Advisory
DSA-4118

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2017-15698

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tomcat_native:*:*:*:*:*:*:*:* (Version >= 1.1.23 and <= 1.1.34)

OR cpe:/a:apache:tomcat_native:*:*:*:*:*:*:*:* (Version >= 1.2.0 and <= 1.2.14)

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tomcat_native:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat_native:1.2.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat_native:1.1.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat_native:1.1.34:*:*:*:*:*:*:*

AND

cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.5.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_symphony:7.2.0.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201715698	V	CVE-2017-15698	2023-06-22
oval:org.opensuse.security:def:8182	P	Security update for terraform-provider-helm (Important)	2023-06-21
oval:org.opensuse.security:def:8190	P	Security update for terraform-provider-aws (Important) (in QA)	2023-06-20
oval:org.opensuse.security:def:7549	P	libHX-devel-3.22-1.26 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7571	P	libXvnc1-1.12.0-150500.2.6 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:124246	P	libtcnative-1-0-1.2.17-1.12 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3266	P	libtcnative-1-0-1.2.23-3.3.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:9141	P	Security update for libsndfile (Important)	2022-01-11
oval:org.opensuse.security:def:8730	P	Security update for libsndfile (Important)	2022-01-11
oval:org.opensuse.security:def:10712	P	Security update for libvirt (Important) (in QA)	2021-12-30
oval:org.opensuse.security:def:10434	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:8882	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:31324	P	Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:33756	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:34007	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:37482	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:33745	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:33744	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:6713	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)	2021-11-17
oval:org.opensuse.security:def:10703	P	Security update for the Linux Kernel (Important)	2021-11-16
oval:org.opensuse.security:def:34589	P	Security update for bind (Important)	2021-11-11
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:8668	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:10351	P	Security update for python-Pygments (Important)	2021-10-20
oval:org.opensuse.security:def:8849	P	Security update for strongswan (Moderate)	2021-10-19
oval:org.opensuse.security:def:10661	P	Security update for the Linux Kernel (Important)	2021-10-15
oval:org.opensuse.security:def:31275	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:34545	P	Security update for the Linux Kernel (Important)	2021-09-22
oval:org.opensuse.security:def:61639	P	python3-pyOpenSSL-17.5.0-3.3.2 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61447	P	gdk-pixbuf-loader-rsvg-2.42.3-1.49 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63230	P	postgresql-contrib-10-6.8 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61446	P	gdk-pixbuf-devel-2.36.11-3.19 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61470	P	iputils-s20161105-6.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:35267	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:33975	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:33001	P	Security update for qemu (Moderate)	2021-09-09
oval:org.opensuse.security:def:10326	P	Security update for krb5 (Important)	2021-08-20
oval:org.opensuse.security:def:9573	P	Security update for php7 (Important)	2021-08-20
oval:org.opensuse.security:def:8824	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:8258	P	Security update for haproxy (Important)	2021-08-17
oval:org.opensuse.security:def:15085	P	libtcnative-1-0-1.2.23-3.3.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48205	P	libtcnative-1-0-1.2.23-3.3.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:87836	P	libtcnative-1-0-1.2.17-1.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14675	P	libtcnative-1-0-1.2.17-1.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47795	P	libtcnative-1-0-1.2.17-1.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63091	P	java-1_8_0-ibm-1.8.0_sr6.25-3.50.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63129	P	python3-aiohttp-3.4.4-3.6.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62997	P	cargo-1.43.1-12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62765	P	libQt5OpenGLExtensions-devel-static-5.12.7-4.12.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62106	P	kdump-0.9.0-16.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62236	P	libunwind-1.5.0-4.5.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:10124	P	Security update for MozillaFirefox (Important)	2021-07-27
oval:org.opensuse.security:def:8622	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:35259	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:31215	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:30095	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:6911	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:10102	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-17
oval:org.opensuse.security:def:8320	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:8600	P	Security update for spice-gtk (Important)	2021-06-09
oval:org.opensuse.security:def:36433	P	libapr-util1-1.3.4-12.22.23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36115	P	ecryptfs-utils-32bit-61-1.33.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11363	P	libgc1-7.2d-3.77 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36432	P	libadns-devel-1.4-73.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16589	P	libtcnative-1-0-devel-1.2.17-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36444	P	libevent-devel-1.4.5-24.24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36156	P	kbd-1.14.1-16.33.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11385	P	libpango-1_0-0-1.36.3-4.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36528	P	opensc-devel-0.11.6-5.27.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124595	P	libtcnative-1-0-devel-1.2.17-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10094	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:32104	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:8592	P	Security update for djvulibre (Important)	2021-06-04
oval:org.opensuse.security:def:8749	P	Security update for avahi (Moderate)	2021-06-04
oval:org.opensuse.security:def:32914	P	Security update for avahi (Important)	2021-06-03
oval:org.opensuse.security:def:6898	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-05-25
oval:org.opensuse.security:def:34432	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:10251	P	Security update for sca-patterns-sle11 (Important)	2021-05-04
oval:org.opensuse.security:def:6889	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:6666	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15) (Important)	2021-04-28
oval:org.opensuse.security:def:6880	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:30181	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:10636	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:32066	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:10232	P	Security update for MozillaFirefox (Important)	2021-04-01
oval:org.opensuse.security:def:34046	P	Security update for openssl-1_1 (Important)	2021-03-25
oval:org.opensuse.security:def:8913	P	Security update for glib2 (Important)	2021-03-19
oval:org.opensuse.security:def:31363	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:10415	P	Security update for python (Moderate)	2021-03-11
oval:org.opensuse.security:def:30038	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:10412	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:8715	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:6728	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:10217	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:10404	P	Security update for MozillaFirefox (Important)	2021-03-02
oval:org.opensuse.security:def:8900	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:10402	P	Security update for java-1_8_0-ibm (Important)	2021-03-01
oval:org.opensuse.security:def:34634	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:10393	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:8891	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:34622	P	Security update for python36 (Important)	2021-02-10
oval:org.opensuse.security:def:34623	P	Security update for MozillaFirefox (Low)	2021-02-10
oval:org.opensuse.security:def:34520	P	Security update for cups (Moderate)	2021-02-02
oval:org.opensuse.security:def:9551	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:34481	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:31219	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:31178	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:29958	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:6847	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important)	2020-12-07
oval:org.opensuse.security:def:29951	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:63263	P	gnuplot-5.2.2-3.3.29 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61912	P	libxml2-2-2.9.7-3.19.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62895	P	ctags-5.8-1.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13079	P	libtcnative-1-0-1.2.23-3.3.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16899	P	libtcnative-1-0-devel-1.2.23-3.3.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63180	P	salt-api-2018.3.0-3.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62446	P	libimobiledevice-devel-1.2.0+git20170122.45fda81-1.44 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4063	P	libtcnative-1-0-devel-1.2.23-3.3.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:30698	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:8305	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33214	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37629	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29120	P	Security update for java-1_7_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:6590	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37074	P	automake on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28131	P	Security update for imlib2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30389	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:10725	P	libcgroup-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6598	P	facter on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10542	P	libsmbclient-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34374	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:29320	P	Security update for IBM Java 1.4.2	2020-12-01
oval:org.opensuse.security:def:28881	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:8472	P	mailx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33325	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27705	P	Security update for php53	2020-12-01
oval:org.opensuse.security:def:32857	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35100	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:37541	P	libjson-c2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30496	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:27780	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6747	P	libpython3_4m1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37291	P	p7zip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28528	P	Security update for ImageMagick	2020-12-01
oval:org.opensuse.security:def:36822	P	dnsmasq on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8503	P	python-cupshelpers on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11075	P	libtcnative-1-0-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28540	P	Security update for curl	2020-12-01
oval:org.opensuse.security:def:30830	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:35367	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:37657	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29155	P	Security update for libtcnative-1-0 (Important)	2020-12-01
oval:org.opensuse.security:def:32539	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34718	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:37175	P	libXt6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28282	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:30438	P	Security update for xpdf-tools	2020-12-01
oval:org.opensuse.security:def:6620	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10561	P	libwebkit2gtk-3_0-25 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28965	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:33369	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:28423	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:30540	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:36843	P	gnome-keyring on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27908	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:6822	P	python-cupshelpers on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37929	P	libopenssl-1_0_0-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28529	P	Security update for Mesa	2020-12-01
oval:org.opensuse.security:def:34071	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:36912	P	libjansson4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31384	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:32538	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28608	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:30920	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:8339	P	iputils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35406	P	Security update for openssh-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:37701	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29734	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:32550	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34854	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:37232	P	libopenssl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28335	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:29746	P	Security update for gd	2020-12-01
oval:org.opensuse.security:def:37180	P	libXxf86dga1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29994	P	Security update for libtcnative-1-0 (Important)	2020-12-01
oval:org.opensuse.security:def:29117	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:36842	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8212	P	smt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35318	P	Security update for mgetty (Moderate)	2020-12-01
oval:org.opensuse.security:def:28438	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:36854	P	hardlink on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27990	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:37971	P	libtcnative-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10480	P	libXxf86dga-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34128	P	Security update for mozilla-nss	2020-12-01
oval:org.opensuse.security:def:37072	P	augeas on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29259	P	Security update for unrar (Important)	2020-12-01
oval:org.opensuse.security:def:31428	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:9163	P	libtcnative-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28739	P	Security update for PostgreSQL 9.1	2020-12-01
oval:org.opensuse.security:def:30977	P	Security update for guile (Low)	2020-12-01
oval:org.opensuse.security:def:8414	P	liblzo2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33263	P	sudo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35433	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:38339	P	libopenvswitch-2_11-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29735	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:32628	P	PolicyKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34953	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:37322	P	rpm-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28384	P	Security update for rubygem-activesupport-3_2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29819	P	Security update for IBM Java 1.6.0	2020-12-01
oval:org.opensuse.security:def:37219	P	libldb1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30612	P	Security update for strongswan	2020-12-01
oval:org.opensuse.security:def:36664	P	libipa_hbac0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29171	P	Security update for microcode_ctl (Important)	2020-12-01
oval:org.opensuse.security:def:8481	P	openvswitch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30624	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:33157	P	libksba on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37590	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28482	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:36938	P	libproxy1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28047	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30334	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35227	P	Security update for libmpfr	2020-12-01
oval:org.opensuse.security:def:10527	P	libpacemaker-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34217	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37131	P	gnome-shell on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29276	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:28824	P	Recommended update for python-setuptools (Moderate)	2020-12-01
oval:org.opensuse.security:def:31064	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:8439	P	libraptor2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33302	P	xorg-x11-libxcb-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35477	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:38381	P	libtcnative-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27704	P	Security update for apache2-mod_fcgid	2020-12-01
oval:org.opensuse.security:def:32763	P	pam_ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35010	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:30477	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:27716	P	Security update for ctdb	2020-12-01
oval:org.opensuse.security:def:37247	P	libraptor2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30613	P	Security update for stunnel	2020-12-01
oval:org.opensuse.security:def:33839	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:36765	P	unixODBC on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29220	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:8490	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11053	P	libpulse-devel on GA media (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:2017156980000000	V	CVE-2017-15698 on Ubuntu 18.04 LTS (bionic) - medium.	2018-01-31
oval:com.ubuntu.artful:def:201715698000	V	CVE-2017-15698 on Ubuntu 17.10 (artful) - untriaged.	2018-01-31
oval:com.ubuntu.xenial:def:201715698000	V	CVE-2017-15698 on Ubuntu 16.04 LTS (xenial) - medium.	2018-01-31
oval:com.ubuntu.xenial:def:2017156980000000	V	CVE-2017-15698 on Ubuntu 16.04 LTS (xenial) - medium.	2018-01-31
oval:com.ubuntu.bionic:def:201715698000	V	CVE-2017-15698 on Ubuntu 18.04 LTS (bionic) - medium.	2018-01-31
oval:com.ubuntu.disco:def:2017156980000000	V	CVE-2017-15698 on Ubuntu 19.04 (disco) - medium.	2018-01-31
oval:com.ubuntu.cosmic:def:201715698000	V	CVE-2017-15698 on Ubuntu 18.10 (cosmic) - medium.	2018-01-31
oval:com.ubuntu.cosmic:def:2017156980000000	V	CVE-2017-15698 on Ubuntu 18.10 (cosmic) - medium.	2018-01-31
oval:com.ubuntu.trusty:def:201715698000	V	CVE-2017-15698 on Ubuntu 14.04 LTS (trusty) - medium.	2018-01-31

BACK