SUSE-SU-2021:2127-1 -- SLES apache2ID: oval:org.secpod.oval:def:89047147 | Date: (C)2022-10-21 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for apache2 fixes the following issues: - fixed CVE-2021-30641 [bsc#1187174]: MergeSlashes regression - fixed CVE-2021-31618 [bsc#1186924]: NULL pointer dereference on specially crafted HTTP/2 request - fixed CVE-2020-13950 [bsc#1187040]: mod_proxy NULL pointer dereference - fixed CVE-2020-35452 [bsc#1186922]: Single zero byte stack overflow in mod_auth_digest - fixed CVE-2021-26690 [bsc#1186923]: mod_session NULL pointer dereference in parser - fixed CVE-2021-26691 [bsc#1187017]: Heap overflow in mod_session
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP2 |
SUSE Linux Enterprise Desktop 15 SP3 |