SUSE-SU-2023:0294-1 -- SLES apache2ID: oval:org.secpod.oval:def:89048216 | Date: (C)2023-02-10 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp that could allow request smuggling attacks . - CVE-2006-20001: Fixed an issue in mod_proxy_ajp where a request header could cause memory corruption .
Platform: |
SUSE Linux Enterprise Server 15 SP1 |