Oval Definition:oval:org.mitre.oval:def:28696
Revision Date:2015-08-17Version:3
Title:SUSE-SU-2015:0974-1 -- Security update for apache2 (moderate)
Description:Apache2 updated to fix four security issues and one non-security bug.The following vulnerabilities have been fixed:- mod_headers rules could be bypassed via chunked requests. Adds "MergeTrailers" directive to restore legacy behavior. (bsc#871310, CVE-2013-5704)- An empty value in Content-Type could lead to a crash through a null pointer dereference and a denial of service. (bsc#899836, CVE-2014-3581)- Remote attackers could bypass intended access restrictions in mod_lua LuaAuthzProvider when multiple Require directives with different arguments are used. (bsc#909715, CVE-2014-8109)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2013-5704
CVE-2014-3581
CVE-2014-8109
CVE-2015-0228
SUSE-SU-2015:0974-1
Platform(s):SUSE Linux Enterprise Server 12
Product(s):apache2
Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Packages match section
  • apache2 is earlier than 0:2.4.10-12.1
  • OR apache2-debuginfo is earlier than 0:2.4.10-12.1
  • OR apache2-debugsource is earlier than 0:2.4.10-12.1
  • OR apache2-example-pages is earlier than 0:2.4.10-12.1
  • OR apache2-prefork is earlier than 0:2.4.10-12.1
  • OR apache2-prefork-debuginfo is earlier than 0:2.4.10-12.1
  • OR apache2-utils is earlier than 0:2.4.10-12.1
  • OR apache2-utils-debuginfo is earlier than 0:2.4.10-12.1
  • OR apache2-worker is earlier than 0:2.4.10-12.1
  • OR apache2-worker-debuginfo is earlier than 0:2.4.10-12.1
  • OR apache2-doc is earlier than 0:2.4.10-12.1
    • BACK