SUSE Security Update: Security update for apache2 ______________________________________________________________________________
Announcement ID: SUSE-SU-2014:1080-1 Rating: important References: #859916 #869105 #869106 #887765 #887768 Cross-References: CVE-2013-6438 CVE-2014-0098 CVE-2014-0226 CVE-2014-0231 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS ______________________________________________________________________________
An update that solves four vulnerabilities and has one errata is now available.
Description:
This apache2 update fixes the following security and non security issues:
* mod_cgid denial of service (CVE-2014-0231, bnc#887768) * mod_status heap-based buffer overflow (CVE-2014-0226, bnc#887765) * mod_dav denial of service (CVE-2013-6438, bnc#869105) * log_cookie mod_log_config.c remote denial of service (CVE-2014-0098, bnc#869106) * Support ECDH in Apache2 (bnc#859916)