pool/apache2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1060983 from home:david.anes:branches:Apache

Browse Source 
- This update fixes te following security issues.
  * fix CVE-2022-37436 [bsc#1207251], mod_proxy backend HTTP response splitting
  * fix CVE-2022-36760 [bsc#1207250], mod_proxy_ajp Possible request smuggling
  * fix CVE-2006-20001 [bsc#1207247], mod_dav out of bounds read, or write of zero byte

OBS-URL: https://build.opensuse.org/request/show/1060983
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=685
This commit is contained in:
David Anes 2023-01-25 16:37:03 +00:00 committed by Git OBS Bridge
parent 0415ee3d0e
commit 208a7dc602
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apache2.changes
View File

@ -1,6 +1,11 @@
-------------------------------------------------------------------
Wed Jan 18 21:54:41 UTC 2023 - David Anes <david.anes@suse.com>
- This update fixes te following security issues.
* fix CVE-2022-37436 [bsc#1207251], mod_proxy backend HTTP response splitting
* fix CVE-2022-36760 [bsc#1207250], mod_proxy_ajp Possible request smuggling
* fix CVE-2006-20001 [bsc#1207247], mod_dav out of bounds read, or write of zero byte
- Update to 2.4.55:
*) SECURITY: CVE-2022-37436: Apache HTTP Server: mod_proxy prior to
2.4.55 allows a backend to trigger HTTP response splitting