Security update for apache2
This update for apache2 fixes the following issues:
The following security vulnerabilities were fixed:
- CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial
of service via specially crafted HTTP/2 requests (bsc#1101689).
- CVE-2018-8011: Fixed a null pointer dereference in mod_md, which could have
lead to a denial of service via specially crafted HTTP requests (bsc#1101688).
Note: We are currently not shipping this modules, since it is still considered
experimental, but we might start to ship it with future releases.
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1101688
VUL-1: CVE-2018-8011: apache2: mod_md DoS
bnc#1101689
VUL-1: CVE-2018-1333: apache2: HTTP/2 DoS
