File _patchinfo of Package patchinfo.10078
<patchinfo incident="10078">
<issue tracker="bnc" id="1122838">VUL-1: CVE-2018-17189: apache2: mod_http2, DoS via slow, unneeded request bodies</issue>
<issue tracker="bnc" id="1122839">VUL-1: CVE-2018-17199: apache2: mod_session_cookie does not respect expiry time</issue>
<issue tracker="bnc" id="1121086">/usr/sbin/start_apache2 tries to force-create sysconfd.d dir (even already there)</issue>
<issue tracker="cve" id="2018-17189"/>
<issue tracker="cve" id="2018-17199"/>
<category>security</category>
<rating>moderate</rating>
<packager>pgajdos</packager>
<description>This update for apache2 fixes the following issues:
Security issues fixed:
- CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and unneeded request bodies (bsc#1122838)
- CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry time (bsc#1122839)
Non-security issue fixed:
- sysconfig.d is not created anymore if it already exists (bsc#1121086)
</description>
<summary>Security update for apache2</summary>
</patchinfo>