Oval Definition:oval:org.opensuse.security:def:95370
Revision Date:2022-07-06Version:1
Title:Security update for apache2 (Important)
Description:

This update for apache2 fixes the following issues:

- CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338) - CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340) - CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341) - CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345) - CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350) - CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352) - CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)
Family:unixClass:patch
Status:Reference(s):1170671
1180520
1198913
1200338
1200340
1200341
1200345
1200348
1200350
1200352
CVE-2019-8842
CVE-2020-10001
CVE-2022-26377
CVE-2022-28614
CVE-2022-28615
CVE-2022-29404
CVE-2022-30522
CVE-2022-30556
CVE-2022-31813
SUSE-SU-2022:2302-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Package Hub 15 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Package Hub 15 SP4 is installed
  • AND apache2-event-2.4.51-150400.6.3.1 is installed
    • BACK