Overview
Security update for apache2

This update for apache2 fixes the following issues:

- fixed CVE-2021-30641 [bsc#1187174]: MergeSlashes regression
- fixed CVE-2021-31618 [bsc#1186924]: NULL pointer dereference on specially crafted HTTP/2 request
- fixed CVE-2020-13950 [bsc#1187040]: mod_proxy NULL pointer dereference
- fixed CVE-2020-35452 [bsc#1186922]: Single zero byte stack overflow in mod_auth_digest
- fixed CVE-2021-26690 [bsc#1186923]: mod_session NULL pointer dereference in parser
- fixed CVE-2021-26691 [bsc#1187017]: Heap overflow in mod_session

Fixed bugs
CVE-2021-30641
CVE-2020-35452
CVE-2021-31618
CVE-2020-13950
CVE-2021-26691
CVE-2021-26690
bnc#1187017
VUL-0: CVE-2021-26691: apache2: Heap overflow in mod_session
bnc#1186922
VUL-0: CVE-2020-35452: apache2: Single zero byte stack overflow in mod_auth_digest
bnc#1187040
VUL-0: CVE-2020-13950: apache2: mod_proxy NULL pointer dereference
bnc#1186923
VUL-0: CVE-2021-26690: apache2: mod_session NULL pointer dereference in parser
bnc#1187174
VUL-0: CVE-2021-30641: apache2: MergeSlashes regression
bnc#1186924
VUL-0: CVE-2021-31618: apache2: NULL pointer dereference on specially crafted HTTP/2 request
Selected Binaries
openSUSE Build Service is sponsored by
Places