Package Release Info

apache2-event-2.4.58-150600.5.18.1

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2597
Available in Package Hub : 15 SP5 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

apache2-event

Change Logs

* Wed Jul 17 2024 martin.schreiner@suse.com

- Security fix:
  - CVE-2024-36387, bsc#1227272: DoS by null pointer in websocket over HTTP/2
  * Added apache2-CVE-2024-36387.patch

Version: 2.4.58-150600.5.11.1

* Mon Jul 08 2024 david.anes@suse.com

- Security fix:
  - CVE-2024-39573, bsc#1227271: potential SSRF in mod_rewrite
  * Added apache2-CVE-2024-39573.patch
  - CVE-2024-38477, bsc#1227270: null pointer dereference in mod_proxy
  * Added apache2-CVE-2024-38477.patch
  - CVE-2024-38475, bsc#1227268: Improper escaping of output in mod_rewrite
  * Added apache2-CVE-2024-38475-1.patch
  * Added apache2-CVE-2024-38475-2.patch
  * Added apache2-CVE-2024-38475-3.patch
  - CVE-2024-38476, bsc#1227269: Server may use exploitable/malicious
  backend application output to run local handlers via internal
  redirect
  * Added apache2-CVE-2024-38476-1.patch
  * Added apache2-CVE-2024-38476-2.patch
  * Added apache2-CVE-2024-38476-3.patch
  * Added apache2-CVE-2024-38476-4.patch
  * Added apache2-CVE-2024-38476-5.patch
  * Added apache2-CVE-2024-38476-6.patch
  * Added apache2-CVE-2024-38476-7.patch
  * Added apache2-CVE-2024-38476-8.patch
  * Added apache2-CVE-2024-38476-9.patch
  * Added apache2-CVE-2024-38476-10.patch
  * Added apache2-CVE-2024-38476-11.patch