SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3172

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3172

Security update for apache2

Type: security

Severity: important

Issued: 2024-09-09

Description:

This update for apache2 fixes the following issues:

- CVE-2024-38474: Fixed substitution encoding issue in mod_rewrite (bsc#1227278)
- CVE-2024-38473: Fixed encoding problem in mod_proxy (bsc#1227276)
- CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType (bsc#1227353)

References

CVE: CVE-2024-39884
CVE: CVE-2024-38474
CVE: CVE-2024-38473
Bugzilla: 1227353 VUL-0: CVE-2024-39884: apache2: source code disclosure with handlers configured via AddType
Bugzilla: 1227278 VUL-0: CVE-2024-38474: apache2: Substitution encoding issue in mod_rewrite
Bugzilla: 1227276 VUL-0: CVE-2024-38473: apache2: Encoding problem in mod_proxy

Packages

apache2-2.4.58-150600.5.23.1

apache2-event-2.4.58-150600.5.23.1