Security update for apache2
SUSE Security Update: Security update for apache2
This update fixes the following security issues with
apache2 httpd:
* Improper LD_LIBRARY_PATH handling (CVE-2012-0883
> )
* Filename escaping problem (CVE-2012-2687
> )
Additionally, some non-security bugs have been fixed as
enumerated in the changelog of the RPM.
| Announcement ID: | SUSE-SU-2013:0387-1 |
| Rating: | low |
| References: | #722545 #757710 #777260 |
| Affected Products: |
An update that solves two vulnerabilities and has one errata is now available.
Description:
This update fixes the following security issues with
apache2 httpd:
* Improper LD_LIBRARY_PATH handling (CVE-2012-0883
* Filename escaping problem (CVE-2012-2687
Additionally, some non-security bugs have been fixed as
enumerated in the changelog of the RPM.
Indications:
Everyone using apache2 httpd should update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
- apache2-2.2.3-16.46.1
- apache2-devel-2.2.3-16.46.1
- apache2-doc-2.2.3-16.46.1
- apache2-example-pages-2.2.3-16.46.1
- apache2-prefork-2.2.3-16.46.1
- apache2-worker-2.2.3-16.46.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
- apache2-2.2.3-16.46.1
- apache2-devel-2.2.3-16.46.1
- apache2-doc-2.2.3-16.46.1
- apache2-example-pages-2.2.3-16.46.1
- apache2-prefork-2.2.3-16.46.1
- apache2-worker-2.2.3-16.46.1
References:
- http://support.novell.com/security/cve/CVE-2012-0883.html
- http://support.novell.com/security/cve/CVE-2012-2687.html
- https://bugzilla.novell.com/722545
- https://bugzilla.novell.com/757710
- https://bugzilla.novell.com/777260
- http://download.suse.com/patch/finder/?keywords=f43eb058005728c7f0f35af643e86652