Oval Definition:oval:org.opensuse.security:def:100389
Revision Date:2022-03-29Version:1
Title: (Important)
Description:

This update for apache2 fixes the following issues:

- CVE-2022-23943: heap out-of-bounds write in mod_sed (bsc#1197098). - CVE-2022-22720: HTTP request smuggling due to incorrect error handling (bsc#1197095). - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua (bsc#1197091). - CVE-2022-22721: possible buffer overflow with very large or unlimited LimitXMLRequestBody (bsc#1197096).
Family:unixClass:patch
Status:Reference(s):1197091
1197095
1197096
1197098
CVE-2017-5226
CVE-2019-12439
CVE-2020-5291
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721
CVE-2022-23943
Platform(s):Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND bubblewrap-0.4.1-1.16 is installed
    • Definition Synopsis
  • Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM is installed
  • AND Package Information
  • apache2-2.4.51-150200.3.42.1 is installed
  • OR apache2-prefork-2.4.51-150200.3.42.1 is installed
  • OR apache2-utils-2.4.51-150200.3.42.1 is installed
    • BACK