Oval Definition:	oval:org.opensuse.security:def:69937
Revision Date: 2021-10-12 Version: 1 Title: Security update for apache2 (Important) Description: This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. (bsc#1190703) - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. (bsc#1190702) - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666) - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests. (bsc#1190669) - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy. (bsc#1189387) Family: unix Class: patch Status: Reference(s): 1189387 1190666 1190669 1190702 1190703 CVE-2009-2666 CVE-2010-1167 CVE-2011-1947 CVE-2011-3389 CVE-2012-3482 CVE-2015-1038 CVE-2016-2334 CVE-2016-2335 CVE-2016-9296 CVE-2017-17969 CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 SUSE-SU-2021:3335-1 Platform(s): SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Server 15 SP1-LTSS Product(s): Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND p7zip-16.02-12 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed AND fetchmailconf-6.3.26-3 is installed Definition Synopsis SUSE Linux Enterprise Server 15 SP1-LTSS is installed AND Package Information apache2-2.4.33-3.55.1 is installed OR apache2-devel-2.4.33-3.55.1 is installed OR apache2-doc-2.4.33-3.55.1 is installed OR apache2-prefork-2.4.33-3.55.1 is installed OR apache2-utils-2.4.33-3.55.1 is installed OR apache2-worker-2.4.33-3.55.1 is installed
BACK