SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3173

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3173

Security update for apache2

Type: security

Severity: important

Issued: 2024-09-09

Description:

This update for apache2 fixes the following issues:

- CVE-2024-38474: Fixed substitution encoding issue in mod_rewrite (bsc#1227278)
- CVE-2024-38473: Fixed encoding problem in mod_proxy (bsc#1227276)
- CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType (bsc#1227353)

References

CVE: CVE-2024-39884
CVE: CVE-2024-38474
CVE: CVE-2024-38473
Bugzilla: 1227353 VUL-0: CVE-2024-39884: apache2: source code disclosure with handlers configured via AddType
Bugzilla: 1227278 VUL-0: CVE-2024-38474: apache2: Substitution encoding issue in mod_rewrite
Bugzilla: 1227276 VUL-0: CVE-2024-38473: apache2: Encoding problem in mod_proxy

Packages

apache2-2.4.51-150400.6.34.1