The remote openSUSE host is missing a security update.
This update for apache2 fixes several issues. These security issues were fixed : - CVE-2017-9789: When under stress (closing many connections) the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour (bsc#1048575). - CVE-2017-7659: A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process (bsc#1045160). These non-security issues were fixed : - Use the full path to a2enmod and a2dismod in the apache-22-24-upgrade script (bsc#1042037) - Fall back to 'localhost' as hostname in gensslcert (bsc#1057406) This update was imported from the SUSE:SLE-12-SP2:Update update project.