Oval Definition:	oval:org.opensuse.security:def:70488
Revision Date: 2021-10-12 Version: 1 Title: Security update for apache2 (Important) Description: This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. (bsc#1190703) - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. (bsc#1190702) - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666) - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests. (bsc#1190669) - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy. (bsc#1189387) Family: unix Class: patch Status: Reference(s): 1161883 1171863 1171864 1171866 1172348 1174458 1189387 1190666 1190669 1190702 1190703 CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 CVE-2020-14339 CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 SUSE-SU-2020:1682-1 SUSE-SU-2021:3335-1 Platform(s): SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND Package Information perl-5.26.1-7.12 is installed OR perl-doc-5.26.1-7.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information libvirt-6.0.0-13.3 is installed OR libvirt-devel-32bit-6.0.0-13.3 is installed OR wireshark-plugin-libvirt-6.0.0-13.3 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND Package Information apache2-2.4.33-3.55.1 is installed OR apache2-devel-2.4.33-3.55.1 is installed OR apache2-doc-2.4.33-3.55.1 is installed OR apache2-prefork-2.4.33-3.55.1 is installed OR apache2-utils-2.4.33-3.55.1 is installed OR apache2-worker-2.4.33-3.55.1 is installed
BACK