Security update for apache2 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:2342-1 Final 1 1 2022-07-08T14:12:34Z current 2022-07-08T14:12:34Z 2022-07-08T14:12:34Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for apache2 This update for apache2 fixes the following issues: - CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338) - CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340) - CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341) - CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345) - CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350) - CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352) - CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure-2022-2342,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM-2022-2342,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE-2022-2342,Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure-2022-2342,Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM-2022-2342,Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE-2022-2342,Image SLES15-SP3-SAPCAL-Azure-2022-2342,Image SLES15-SP3-SAPCAL-EC2-HVM-2022-2342,Image SLES15-SP3-SAPCAL-GCE-2022-2342,SUSE-2022-2342,SUSE-SLE-Module-Basesystem-15-SP3-2022-2342,SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2342,SUSE-SLE-Module-Server-Applications-15-SP3-2022-2342,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2342,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2342,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2342,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2342,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2342,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2342,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2342,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2342,SUSE-Storage-7-2022-2342,openSUSE-SLE-15.3-2022-2342 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ Link for SUSE-SU-2022:2342-1 https://lists.suse.com/pipermail/sle-security-updates/2022-July/011488.html E-Mail link for SUSE-SU-2022:2342-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1200338 SUSE Bug 1200338 https://bugzilla.suse.com/1200340 SUSE Bug 1200340 https://bugzilla.suse.com/1200341 SUSE Bug 1200341 https://bugzilla.suse.com/1200345 SUSE Bug 1200345 https://bugzilla.suse.com/1200348 SUSE Bug 1200348 https://bugzilla.suse.com/1200350 SUSE Bug 1200350 https://bugzilla.suse.com/1200352 SUSE Bug 1200352 https://www.suse.com/security/cve/CVE-2022-26377/ SUSE CVE CVE-2022-26377 page https://www.suse.com/security/cve/CVE-2022-28614/ SUSE CVE CVE-2022-28614 page https://www.suse.com/security/cve/CVE-2022-28615/ SUSE CVE CVE-2022-28615 page https://www.suse.com/security/cve/CVE-2022-29404/ SUSE CVE CVE-2022-29404 page https://www.suse.com/security/cve/CVE-2022-30522/ SUSE CVE CVE-2022-30522 page https://www.suse.com/security/cve/CVE-2022-30556/ SUSE CVE CVE-2022-30556 page https://www.suse.com/security/cve/CVE-2022-31813/ SUSE CVE CVE-2022-31813 page Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Package Hub 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Server 15 SP2-BCL SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 openSUSE Leap 15.3 apache2-2.4.51-150200.3.48.1 apache2-prefork-2.4.51-150200.3.48.1 apache2-utils-2.4.51-150200.3.48.1 apache2-devel-2.4.51-150200.3.48.1 apache2-doc-2.4.51-150200.3.48.1 apache2-event-2.4.51-150200.3.48.1 apache2-example-pages-2.4.51-150200.3.48.1 apache2-worker-2.4.51-150200.3.48.1 apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-Azure apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-Azure apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-Azure apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM apache2-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-GCE apache2-prefork-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-GCE apache2-utils-2.4.51-150200.3.48.1 as a component of Image SLES15-SP3-SAPCAL-GCE apache2-2.4.51-150200.3.48.1 as a component of SUSE Enterprise Storage 7 apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Enterprise Storage 7 apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Enterprise Storage 7 apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Enterprise Storage 7 apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Enterprise Storage 7 apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Enterprise Storage 7 apache2-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS apache2-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS apache2-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 apache2-event-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP3 apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 apache2-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-BCL apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-BCL apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-BCL apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-BCL apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-BCL apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-BCL apache2-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS apache2-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 apache2-2.4.51-150200.3.48.1 as a component of SUSE Manager Proxy 4.1 apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Manager Proxy 4.1 apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Manager Proxy 4.1 apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Manager Proxy 4.1 apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Manager Proxy 4.1 apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Manager Proxy 4.1 apache2-2.4.51-150200.3.48.1 as a component of SUSE Manager Retail Branch Server 4.1 apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Manager Retail Branch Server 4.1 apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Manager Retail Branch Server 4.1 apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Manager Retail Branch Server 4.1 apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Manager Retail Branch Server 4.1 apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Manager Retail Branch Server 4.1 apache2-2.4.51-150200.3.48.1 as a component of SUSE Manager Server 4.1 apache2-devel-2.4.51-150200.3.48.1 as a component of SUSE Manager Server 4.1 apache2-doc-2.4.51-150200.3.48.1 as a component of SUSE Manager Server 4.1 apache2-prefork-2.4.51-150200.3.48.1 as a component of SUSE Manager Server 4.1 apache2-utils-2.4.51-150200.3.48.1 as a component of SUSE Manager Server 4.1 apache2-worker-2.4.51-150200.3.48.1 as a component of SUSE Manager Server 4.1 apache2-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 apache2-devel-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 apache2-doc-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 apache2-event-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 apache2-example-pages-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 apache2-prefork-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 apache2-utils-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 apache2-worker-2.4.51-150200.3.48.1 as a component of openSUSE Leap 15.3 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. CVE-2022-26377 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-devel-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-doc-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-prefork-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Package Hub 15 SP3:apache2-event-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-worker-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-devel-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-doc-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-event-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-example-pages-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-prefork-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-utils-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-worker-2.4.51-150200.3.48.1 important 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ https://www.suse.com/security/cve/CVE-2022-26377.html CVE-2022-26377 https://bugzilla.suse.com/1200338 SUSE Bug 1200338 The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue. CVE-2022-28614 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-devel-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-doc-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-prefork-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Package Hub 15 SP3:apache2-event-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-worker-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-devel-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-doc-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-event-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-example-pages-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-prefork-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-utils-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-worker-2.4.51-150200.3.48.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ https://www.suse.com/security/cve/CVE-2022-28614.html CVE-2022-28614 https://bugzilla.suse.com/1200340 SUSE Bug 1200340 Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected. CVE-2022-28615 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-devel-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-doc-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-prefork-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Package Hub 15 SP3:apache2-event-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-worker-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-devel-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-doc-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-event-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-example-pages-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-prefork-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-utils-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-worker-2.4.51-150200.3.48.1 important 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ https://www.suse.com/security/cve/CVE-2022-28615.html CVE-2022-28615 https://bugzilla.suse.com/1200341 SUSE Bug 1200341 In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. CVE-2022-29404 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-devel-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-doc-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-prefork-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Package Hub 15 SP3:apache2-event-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-worker-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-devel-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-doc-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-event-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-example-pages-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-prefork-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-utils-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-worker-2.4.51-150200.3.48.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ https://www.suse.com/security/cve/CVE-2022-29404.html CVE-2022-29404 https://bugzilla.suse.com/1200345 SUSE Bug 1200345 If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort. CVE-2022-30522 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-devel-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-doc-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-prefork-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Package Hub 15 SP3:apache2-event-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-worker-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-devel-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-doc-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-event-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-example-pages-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-prefork-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-utils-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-worker-2.4.51-150200.3.48.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ https://www.suse.com/security/cve/CVE-2022-30522.html CVE-2022-30522 https://bugzilla.suse.com/1200352 SUSE Bug 1200352 Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. CVE-2022-30556 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-devel-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-doc-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-prefork-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Package Hub 15 SP3:apache2-event-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-worker-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-devel-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-doc-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-event-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-example-pages-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-prefork-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-utils-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-worker-2.4.51-150200.3.48.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ https://www.suse.com/security/cve/CVE-2022-30556.html CVE-2022-30556 https://bugzilla.suse.com/1200350 SUSE Bug 1200350 Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. CVE-2022-31813 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-Azure:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-EC2-HVM:apache2-utils-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-prefork-2.4.51-150200.3.48.1 Image SLES15-SP3-SAPCAL-GCE:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-devel-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-doc-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-prefork-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-utils-2.4.51-150200.3.48.1 SUSE Enterprise Storage 7:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Package Hub 15 SP3:apache2-event-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-BCL:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server 15 SP2-LTSS:apache2-worker-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-devel-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-doc-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-prefork-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-utils-2.4.51-150200.3.48.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Proxy 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Retail Branch Server 4.1:apache2-worker-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-devel-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-doc-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-prefork-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-utils-2.4.51-150200.3.48.1 SUSE Manager Server 4.1:apache2-worker-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-devel-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-doc-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-event-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-example-pages-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-prefork-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-utils-2.4.51-150200.3.48.1 openSUSE Leap 15.3:apache2-worker-2.4.51-150200.3.48.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222342-1/ https://www.suse.com/security/cve/CVE-2022-31813.html CVE-2022-31813 https://bugzilla.suse.com/1200348 SUSE Bug 1200348 https://bugzilla.suse.com/1219585 SUSE Bug 1219585 https://bugzilla.suse.com/1225670 SUSE Bug 1225670