SUSE-SU-2022:2342-1 -- SLES apache2ID: oval:org.secpod.oval:def:89047384 | Date: (C)2022-11-04 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for apache2 fixes the following issues: - CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp - CVE-2022-28614: Fixed read beyond bounds via ap_rwrite - CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match - CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody - CVE-2022-30556: Fixed information disclosure in mod_lua with websockets - CVE-2022-30522: Fixed mod_sed denial of service - CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism
Platform: |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP3 |