SUSE-SU-2018:0261-1 -- SLES apache2ID: oval:org.secpod.oval:def:89043980 | Date: (C)2021-03-05 (M)2022-09-07 |
Class: PATCH | Family: unix |
This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour . - CVE-2017-7659: A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process . These non-security issues were fixed: - Use the full path to a2enmod and a2dismod in the apache-22-24-upgrade script - Fall back to "localhost" as hostname in gensslcert
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |