Oval Definition:oval:org.opensuse.security:def:69738
Revision Date:2021-10-12Version:1
Title:Security update for apache2 (Important)
Description:

This update for apache2 fixes the following issues:

- CVE-2021-40438: Fixed a SRF via a crafted request uri-path. (bsc#1190703) - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. (bsc#1190702) - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666) - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests. (bsc#1190669) - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy. (bsc#1189387)
Family:unixClass:patch
Status:Reference(s):1189387
1190666
1190669
1190702
1190703
CVE-2012-0035
CVE-2014-3421
CVE-2014-3422
CVE-2014-3423
CVE-2014-3424
CVE-2014-9483
CVE-2017-7476
CVE-2018-11468
CVE-2018-12495
CVE-2021-33193
CVE-2021-34798
CVE-2021-36160
CVE-2021-39275
CVE-2021-40438
SUSE-SU-2021:3335-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP1-BCL
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • emacs-25.3-3.3 is installed
  • OR emacs-el-25.3-3.3 is installed
  • OR emacs-info-25.3-3.3 is installed
  • OR emacs-nox-25.3-3.3 is installed
  • OR etags-25.3-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP1-BCL is installed
  • AND Package Information
  • apache2-2.4.33-3.55.1 is installed
  • OR apache2-devel-2.4.33-3.55.1 is installed
  • OR apache2-doc-2.4.33-3.55.1 is installed
  • OR apache2-prefork-2.4.33-3.55.1 is installed
  • OR apache2-utils-2.4.33-3.55.1 is installed
  • OR apache2-worker-2.4.33-3.55.1 is installed
    • BACK