Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1031


Security update for apache2


Type: security
Severity: important
Issued: 2022-03-29
Description:
This update for apache2 fixes the following issues:

- CVE-2022-23943: heap out-of-bounds write in mod_sed (bsc#1197098).
- CVE-2022-22720: HTTP request smuggling due to incorrect error handling (bsc#1197095).
- CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua (bsc#1197091).
- CVE-2022-22721: possible buffer overflow with very large or unlimited LimitXMLRequestBody (bsc#1197096).


              

Packages


  • apache2-2.4.51-150200.3.42.1