openSUSE Security Update : apache2 (openSUSE-2018-907)
Medium Nessus Plugin ID 112006
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for apache2 fixes the following issues :
The following security vulnerabilities were fixed :
- CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests (bsc#1101689).
- CVE-2018-8011: Fixed a NULL pointer dereference in mod_md, which could have lead to a denial of service via specially crafted HTTP requests (bsc#1101688). Note: We are currently not shipping this modules, since it is still considered experimental, but we might start to ship it with future releases.
This update was imported from the SUSE:SLE-15:Update update project.
SolutionUpdate the affected apache2 packages.