The remote openSUSE host is missing a security update.
apache2 was updated to fix : - fix for cross site scripting vulnerability in mod_balancer. This is CVE-2012-4558 [bnc#807152] - fixes for low profile cross site scripting vulnerabilities, known as CVE-2012-3499 [bnc#806458] - Escape filename for the case that uploads are allowed with untrusted user's control over filenames and mod_negotiation enabled on the same directory. CVE-2012-2687 [bnc#777260] And also these bugs : - httpd-2.2.x-bnc798733-SNI_ignorecase.diff: ignore case when checking against SNI server names. [bnc#798733]