Oval Definition:oval:org.opensuse.security:def:96077
Revision Date:2021-10-26Version:1
Title:Security update for apache2 (Important)
Description:

This update for apache2 fixes the following issues:

- CVE-2021-40438: Fixed a SRF via a crafted request uri-path. (bsc#1190703) - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. (bsc#1190702) - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666) - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests. (bsc#1190669)
Family:unixClass:patch
Status:Reference(s):1190666
1190669
1190702
1190703
CVE-2021-34798
CVE-2021-36160
CVE-2021-39275
CVE-2021-40438
SUSE-SU-2021:3522-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • apache2-devel-2.4.43-3.32.1 is installed
  • OR apache2-doc-2.4.43-3.32.1 is installed
  • OR apache2-worker-2.4.43-3.32.1 is installed
    • BACK