Oval Definition:oval:org.opensuse.security:def:69547
Revision Date:2021-10-12Version:1
Title:Security update for apache2 (Important)
Description:

This update for apache2 fixes the following issues:

- CVE-2021-40438: Fixed a SRF via a crafted request uri-path. (bsc#1190703) - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. (bsc#1190702) - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666) - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests. (bsc#1190669) - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy. (bsc#1189387)
Family:unixClass:patch
Status:Reference(s):1139924
1159723
1159729
1175686
1189387
1190666
1190669
1190702
1190703
CVE-2019-10072
CVE-2019-12418
CVE-2019-17563
CVE-2020-15663
CVE-2020-15664
CVE-2020-15669
CVE-2021-33193
CVE-2021-34798
CVE-2021-36160
CVE-2021-39275
CVE-2021-40438
SUSE-SU-2020:0029-1
SUSE-SU-2020:2552-1
SUSE-SU-2021:3335-1
Platform(s):SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • tomcat-9.0.30-4.10 is installed
  • OR tomcat-admin-webapps-9.0.30-4.10 is installed
  • OR tomcat-el-3_0-api-9.0.30-4.10 is installed
  • OR tomcat-jsp-2_3-api-9.0.30-4.10 is installed
  • OR tomcat-lib-9.0.30-4.10 is installed
  • OR tomcat-servlet-4_0-api-9.0.30-4.10 is installed
  • OR tomcat-webapps-9.0.30-4.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • apache2-2.4.33-3.55.1 is installed
  • OR apache2-devel-2.4.33-3.55.1 is installed
  • OR apache2-doc-2.4.33-3.55.1 is installed
  • OR apache2-prefork-2.4.33-3.55.1 is installed
  • OR apache2-utils-2.4.33-3.55.1 is installed
  • OR apache2-worker-2.4.33-3.55.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-68.12.0-3.94 is installed
  • OR MozillaThunderbird-translations-common-68.12.0-3.94 is installed
  • OR MozillaThunderbird-translations-other-68.12.0-3.94 is installed
    • BACK