Oval Definition:oval:org.opensuse.security:def:98656
Revision Date:2019-08-28Version:1
Title:Security update for apache2 (Important)
Description:

This update for apache2 fixes the following issues:

Security issues fixed:

- CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1145575). - CVE-2019-10081: Fixed mod_http2 that is vulnerable to memory corruption on early pushes (bsc#1145742). - CVE-2019-10082: Fixed mod_http2 that is vulnerable to read-after-free in h2 connection shutdown (bsc#1145741). - CVE-2019-10092: Fixed limited cross-site scripting in mod_proxy (bsc#1145740). - CVE-2019-10097: Fixed mod_remoteip stack buffer overflow and NULL pointer dereference (bsc#1145739). - CVE-2019-10098: Fixed mod_rewrite configuration vulnerablility to open redirect (bsc#1145738).
Family:unixClass:patch
Status:Reference(s):1145575
1145738
1145739
1145740
1145741
1145742
CVE-2019-10081
CVE-2019-10082
CVE-2019-10092
CVE-2019-10097
CVE-2019-10098
CVE-2019-9517
SUSE-SU-2019:2237-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • apache2-2.4.33-3.21.1 is installed
  • OR apache2-devel-2.4.33-3.21.1 is installed
  • OR apache2-doc-2.4.33-3.21.1 is installed
  • OR apache2-prefork-2.4.33-3.21.1 is installed
  • OR apache2-utils-2.4.33-3.21.1 is installed
  • OR apache2-worker-2.4.33-3.21.1 is installed
    • BACK