SUSE-SU-2021:3335-1 -- SLES apache2ID: oval:org.secpod.oval:def:89045728 | Date: (C)2021-10-25 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests. - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy
Platform: |
SUSE Linux Enterprise Server 15 |
SUSE Linux Enterprise Server 15 SP1 |