Oval Definition:oval:org.opensuse.security:def:92597
Revision Date:2021-10-12Version:1
Title:Security update for apache2 (Important)
Description:

This update for apache2 fixes the following issues:

- CVE-2021-40438: Fixed a SRF via a crafted request uri-path. (bsc#1190703) - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. (bsc#1190702) - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666) - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests. (bsc#1190669) - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy. (bsc#1189387)
Family:unixClass:patch
Status:Reference(s):1189387
1190666
1190669
1190702
1190703
CVE-2021-33193
CVE-2021-34798
CVE-2021-36160
CVE-2021-39275
CVE-2021-40438
SUSE-SU-2021:3335-1
Platform(s):SUSE Linux Enterprise Server 15 SP1-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP1-LTSS is installed
  • AND Package Information
  • apache2-2.4.33-3.55.1 is installed
  • OR apache2-devel-2.4.33-3.55.1 is installed
  • OR apache2-doc-2.4.33-3.55.1 is installed
  • OR apache2-prefork-2.4.33-3.55.1 is installed
  • OR apache2-utils-2.4.33-3.55.1 is installed
  • OR apache2-worker-2.4.33-3.55.1 is installed
  • BACK