www.suse.com
Open in
urlscan Pro
18.66.97.25
Public Scan
URL:
https://www.suse.com/support/update/announcement/2023/suse-su-20230764-1/
Submission: On July 11 via api from CH — Scanned from DE
Submission: On July 11 via api from CH — Scanned from DE
Form analysis
1 forms found in the DOMhttps://www.suse.com/search/
<form id="searchform" action="https://www.suse.com/search/">
<input type="text" class="search-text" name="s" placeholder="Search">
<button type="submit" class="fa fa-search search-submit" aria-hidden="true"></button>
</form>
Text Content
Exit SUSE Federal > Customer Center Contact Us Account HI Update Your Account Log Out Login Create an Account Update Your Account English LANGUAGE Choose Your Language Deutsch English Español Français 中文(简体) 日本語 Português (Brasil) EXPLORE See what's happening around the world Israel Polska 대한민국 Shop View Cart Exit SUSE Federal > Shop Federal Solutions Back IT Modernization SAP Solutions AI and Analytics Hybrid Cloud Solutions Nonstop IT Exit Federal Government Products Back BUSINESS-CRITICAL LINUX * SUSE Linux Enterprise Server Run your business-critical apps in any environment * SUSE Enterprise Linux for SAP #1 operating system to run SAP workloads * SUSE Manager Infrastructure Management ENTERPRISE CONTAINER MANAGEMENT * Rancher Kubernetes Management * Harvester Hyperconverged Infrastructure * NeuVector Zero Trust Container Security EDGE * K3s Lightweight Kubernetes built for Edge use cases * SUSE Linux Enterprise Micro Ultra-reliable, immutable Linux operating system * SUSE Linux Enterprise Real Time Reduce system latencies & boost response times All Products * Run SAP * SUSE for Public Cloud * Security Solutions Back SOLUTIONS Business-critical Linux Run & secure cloud and on-prem workloads Run SAP Deliver mission-critical SAP solutions Enterprise Container Management Orchestrate cloud-native apps Edge Deploy intelligent devices to the edge SUSE for Public Cloud Accelerate innovation across your clouds Security Secure your digital enterprise INDUSTRIES * Automotive * Telecom * Banking and Financial Services * Healthcare * Manufacturing * Retail * Technology & Software * Federal * Pharma * Energy Support Back SUPPORT Product Support Premium Support Services Dedicated support services from a premium team Long Term Service Support Stay on your existing product version SUSE Liberty Linux Mixed Linux Environment Support Renew Your Support Subscription SERVICES Consulting Services Training & Certification Premium Technical Advisory Services RESOURCES SUSE Support User Guide Patches & Updates Product Documentation Knowledgebase SUSE Customer Center Product Support Life Cycle Licensing Package Hub Community packages for SUSE Linux Enterprise Server Driver Search Support Forums Developer Services Beta Program Security Partners Back PARTNERS Partner Program Find a Partner Become a Partner Login to the SUSE Partner Portal Communities Back COMMUNITIES Community Blog Forum Academic Open Source Projects openSUSE.org SUSE Israel SUSE Polska About Back ABOUT About Us Leadership Careers Newsroom Success Stories Investor Relations Social Impact SUSE Logo and Brand Events & Webinars Merchandise Store Communications Preferences Free Downloads X SECURITY UPDATE FOR APACHE2 SECURITY UPDATE FOR APACHE2 Announcement ID: SUSE-SU-2023:0764-1 Rating: important References: * #1207327 * #1208708 * #1209047 * #1209049 Cross-References: * CVE-2023-25690 * CVE-2023-27522 CVSS scores: * CVE-2023-25690 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-25690 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-27522 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-27522 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities and has two fixes can now be installed. DESCRIPTION: This update for apache2 fixes the following issues: * CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi (bsc#1209049). * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy (bsc#1209047). The following non-security bugs were fixed: * Fixed passing health check does not recover worker from its error state (bsc#1209047) * Fixed mod_proxy handling of very long urls (bsc#1207327). PATCH INSTRUCTIONS: To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-764=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-764=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-764=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-764=1 PACKAGE LIST: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-35.25.1 * apache2-devel-2.4.51-35.25.1 * apache2-debuginfo-2.4.51-35.25.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * apache2-worker-debuginfo-2.4.51-35.25.1 * apache2-utils-debuginfo-2.4.51-35.25.1 * apache2-debugsource-2.4.51-35.25.1 * apache2-worker-2.4.51-35.25.1 * apache2-utils-2.4.51-35.25.1 * apache2-debuginfo-2.4.51-35.25.1 * apache2-prefork-debuginfo-2.4.51-35.25.1 * apache2-prefork-2.4.51-35.25.1 * apache2-example-pages-2.4.51-35.25.1 * apache2-2.4.51-35.25.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * apache2-doc-2.4.51-35.25.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-35.25.1 * apache2-utils-debuginfo-2.4.51-35.25.1 * apache2-debugsource-2.4.51-35.25.1 * apache2-worker-2.4.51-35.25.1 * apache2-utils-2.4.51-35.25.1 * apache2-debuginfo-2.4.51-35.25.1 * apache2-prefork-debuginfo-2.4.51-35.25.1 * apache2-prefork-2.4.51-35.25.1 * apache2-example-pages-2.4.51-35.25.1 * apache2-2.4.51-35.25.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * apache2-doc-2.4.51-35.25.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * apache2-worker-debuginfo-2.4.51-35.25.1 * apache2-utils-debuginfo-2.4.51-35.25.1 * apache2-debugsource-2.4.51-35.25.1 * apache2-worker-2.4.51-35.25.1 * apache2-utils-2.4.51-35.25.1 * apache2-debuginfo-2.4.51-35.25.1 * apache2-prefork-debuginfo-2.4.51-35.25.1 * apache2-prefork-2.4.51-35.25.1 * apache2-example-pages-2.4.51-35.25.1 * apache2-2.4.51-35.25.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * apache2-doc-2.4.51-35.25.1 REFERENCES: * https://www.suse.com/security/cve/CVE-2023-25690.html * https://www.suse.com/security/cve/CVE-2023-27522.html * https://bugzilla.suse.com/show_bug.cgi?id=1207327 * https://bugzilla.suse.com/show_bug.cgi?id=1208708 * https://bugzilla.suse.com/show_bug.cgi?id=1209047 * https://bugzilla.suse.com/show_bug.cgi?id=1209049 LANGUAGE Choose Your Language Deutsch English Español Français 中文(简体) 日本語 Português (Brasil) EXPLORE See what's happening around the world Israel Polska 대한민국 HI Update Your Account Log Out Login Create an Account Update Your Account * Careers * Legal * Anti-Slavery Statement * Anti-slavery * About * Communications Preferences * Contact Us * Let's Chat * * * Sales Number: 49-911-740-53-0 Support: Open a Support Case © 2023 SUSE, All Rights Reserved Cookie Settings Privacy and Cookie Policy × Give Us Feedback Got some feedback about the website? Let us know so we can fix it. For support information, please visit Support. Sales: 49-911-740-53-0 Support: Open a Support Case CONNECT WITH US Feedback Form We adapt, you succeed. Read Privacy Policy Required Fields* × 2023-03-16 PRIVACY PREFERENCE CENTER When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information Allow All MANAGE CONSENT PREFERENCES TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. STRICTLY NECESSARY COOKIES Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. FLAGGED Flagged Recategorised cookies as of 17 June 2020 BACK BUTTON BACK Vendor Search Search Icon Filter Icon Clear checkbox label label Apply Cancel Consent Leg.Interest checkbox label label checkbox label label checkbox label label Confirm My Choices HOW WE USE COOKIES We use cookies to give you a better experience, improve performance and analyze traffic. Please visit our privacy policy for more information. Accept Only Technical Cookies Accept All Cookies View and Change Cookie Preferences