| Revision Date: | 2020-12-01 | Version: | 1 |
| Title: | Security update for apache2 (Important) |
| Description: |
This update for apache2 fixes the following issues:
- CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404). - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect (bsc#1168407). - CVE-2020-1938: mod_proxy_ajp: Add 'secret' parameter to proxy workers to implement legacy AJP13 authentication (bsc#1169066).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1168404
1168407
1169066
1172177
CVE-2020-1927
CVE-2020-1934
CVE-2020-1938
CVE-2020-8164
SUSE-SU-2020:1126-1
SUSE-SU-2020:2710-1
|
| Platform(s): | SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 15 SP1 is installed AND Package Information
ruby2.5-rubygem-actionpack-5_1-5.1.4-3.6 is installed
OR rubygem-actionpack-5_1-5.1.4-3.6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
AND Package Information
apache2-2.4.33-3.30 is installed
OR apache2-devel-2.4.33-3.30 is installed
OR apache2-doc-2.4.33-3.30 is installed
OR apache2-prefork-2.4.33-3.30 is installed
OR apache2-utils-2.4.33-3.30 is installed
OR apache2-worker-2.4.33-3.30 is installed
|