Security update for apache2
This update for apache2 fixes the following issues:
Security issue fixed:
- CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. (bsc#1048576)
Bug fixes:
- Include individual sysconfig.d files instead of the whole sysconfig.d directory.
- Include sysconfig.d/include.conf after httpd.conf is processed. (bsc#1023616, bsc#1043055)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1043055
Apache2 cannot handle IfModule in included config files from APACHE_CONF_INCLUDE_*
bnc#1023616
APACHE_CONF_INCLUDE_DIRS order change wrt. loadmodules, from 13.1 to tumbleweed
bnc#1048576
VUL-0: CVE-2017-9788: apache2: Uninitialized memory reflection in mod_auth_digest
