This update fixes several security issues in the Apache
webserver.
The patch for the ByteRange remote denial of service attack
(CVE-2011-3192) was refined and the configuration options
used by upstream were added. Introduce new config option:
Allow MaxRanges Number of ranges requested, if exceeded,
the complete content is served. default: 200 0|unlimited:
unlimited none: Range headers are ignored. This option is a
backport from 2.2.21.
Also fixed: CVE-2011-3348: Denial of service in proxy_ajp
when using a undefined method.
CVE-2011-3368: Exposure of internal servers via reverse
proxy methods with mod_proxy enabled and incorrect Rewrite
or Proxy Rules.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 11.4 | i586 | apache2-worker | < 2.2.17-4.9.1 | apache2-worker-2.2.17-4.9.1.i586.rpm |
openSUSE | 11.4 | x86_64 | apache2-itk | < 2.2.17-4.9.1 | apache2-itk-2.2.17-4.9.1.x86_64.rpm |
openSUSE | 11.3 | x86_64 | apache2-prefork | < 2.2.15-4.7.1 | apache2-prefork-2.2.15-4.7.1.x86_64.rpm |
openSUSE | 11.3 | x86_64 | apache2-utils | < 2.2.15-4.7.1 | apache2-utils-2.2.15-4.7.1.x86_64.rpm |
openSUSE | 11.4 | i586 | apache2-prefork | < 2.2.17-4.9.1 | apache2-prefork-2.2.17-4.9.1.i586.rpm |
openSUSE | 11.4 | x86_64 | apache2-worker | < 2.2.17-4.9.1 | apache2-worker-2.2.17-4.9.1.x86_64.rpm |
openSUSE | 11.3 | x86_64 | apache2-example-certificates | < 2.2.15-4.7.1 | apache2-example-certificates-2.2.15-4.7.1.x86_64.rpm |
openSUSE | 11.3 | i586 | apache2-worker | < 2.2.15-4.7.1 | apache2-worker-2.2.15-4.7.1.i586.rpm |
openSUSE | 11.4 | i586 | apache2-example-certificates | < 2.2.17-4.9.1 | apache2-example-certificates-2.2.17-4.9.1.i586.rpm |
openSUSE | 11.4 | i586 | apache2 | < 2.2.17-4.9.1 | apache2-2.2.17-4.9.1.i586.rpm |