This update of apache2 fixes regressions and several
security problems:
bnc#728876, fix graceful reload
bnc#741243, CVE-2012-0031: Fixed a scoreboard corruption
(shared mem segment) by child causes crash of privileged
parent (invalid free()) during shutdown.
bnc#743743, CVE-2012-0053: Fixed an issue in error
responses that could expose "httpOnly" cookies when no
custom ErrorDocument is specified for status code 400".
bnc#738855, CVE-2007-6750: The "mod_reqtimeout" module was
backported from Apache 2.2.21 to help mitigate the
"Slowloris" Denial of Service attack.
You need to enable the "mod_reqtimeout" module in your
existing apache configuration to make it effective, e.g. in
the APACHE_MODULES line in /etc/sysconfig/apache2.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 11.4 | x86_64 | apache2-itk | <ย 2.2.17-4.13.1 | apache2-itk-2.2.17-4.13.1.x86_64.rpm |
openSUSE | 11.4 | x86_64 | apache2-utils | <ย 2.2.17-4.13.1 | apache2-utils-2.2.17-4.13.1.x86_64.rpm |
openSUSE | 11.4 | i586 | apache2-itk | <ย 2.2.17-4.13.1 | apache2-itk-2.2.17-4.13.1.i586.rpm |
openSUSE | 11.4 | i586 | apache2-worker | <ย 2.2.17-4.13.1 | apache2-worker-2.2.17-4.13.1.i586.rpm |
openSUSE | 11.4 | i586 | apache2-prefork | <ย 2.2.17-4.13.1 | apache2-prefork-2.2.17-4.13.1.i586.rpm |
openSUSE | 11.4 | i586 | apache2-example-certificates | <ย 2.2.17-4.13.1 | apache2-example-certificates-2.2.17-4.13.1.i586.rpm |
openSUSE | 11.4 | x86_64 | apache2-worker | <ย 2.2.17-4.13.1 | apache2-worker-2.2.17-4.13.1.x86_64.rpm |
openSUSE | 11.4 | x86_64 | apache2-example-pages | <ย 2.2.17-4.13.1 | apache2-example-pages-2.2.17-4.13.1.x86_64.rpm |
openSUSE | 11.4 | x86_64 | apache2-prefork | <ย 2.2.17-4.13.1 | apache2-prefork-2.2.17-4.13.1.x86_64.rpm |
openSUSE | 11.4 | i586 | apache2-example-pages | <ย 2.2.17-4.13.1 | apache2-example-pages-2.2.17-4.13.1.i586.rpm |