Security update for apache2
This update for apache2 fixes the following issues:
- Enables the patch for CVE-2020-11993 and CVE-2020-9490. The patch was included but
not applied in the previous update. (bsc#1178074)
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1178074
CVE-2020-11993 not actually fixed?
bnc#1175071
VUL-0: CVE-2020-9490: apache2: specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash
bnc#1175070
VUL-0: CVE-2020-11993: apache2: when trace/debug was enabled for the HTTP/2 module logging statements were made on the wrong connection
