File _patchinfo of Package patchinfo.12343

<patchinfo incident="12343">
  <issue tracker="bnc" id="1145738">VUL-1: CVE-2019-10098: apache2: mod_rewrite configurations vulnerable to open redirect</issue>
  <issue tracker="bnc" id="1145739">VUL-0: CVE-2019-10097: apache2: mod_remoteip stack buffer overflow and NULL pointer dereference</issue>
  <issue tracker="bnc" id="1145575">VUL-0: CVE-2019-9517: apache2: HTTP/2 implementations are vulnerable to unconstrained interal data buffering</issue>
  <issue tracker="bnc" id="1145741">VUL-0: CVE-2019-10082: apache2: mod_http2, read-after-free in h2 connection shutdown</issue>
  <issue tracker="bnc" id="1145740">VUL-0: CVE-2019-10092: apache2: Limited cross-site scripting in mod_proxy</issue>
  <issue tracker="bnc" id="1145742">VUL-0: CVE-2019-10081: apache2: mod_http2, memory corruption on early pushes</issue>
  <issue tracker="cve" id="2019-10098"/>
  <issue tracker="cve" id="2019-10092"/>
  <issue tracker="cve" id="2019-10097"/>
  <issue tracker="cve" id="2019-10081"/>
  <issue tracker="cve" id="2019-10082"/>
  <issue tracker="cve" id="2019-9517"/>
  <category>security</category>
  <rating>important</rating>
  <packager>pgajdos</packager>
  <description>This update for apache2 fixes the following issues:

Security issues fixed:

- CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1145575).
- CVE-2019-10081: Fixed mod_http2 that is vulnerable to memory corruption on early pushes (bsc#1145742).
- CVE-2019-10082: Fixed mod_http2 that is vulnerable to read-after-free in h2 connection shutdown (bsc#1145741).
- CVE-2019-10092: Fixed limited cross-site scripting in mod_proxy (bsc#1145740).
- CVE-2019-10097: Fixed mod_remoteip stack buffer overflow and NULL pointer dereference (bsc#1145739).
- CVE-2019-10098: Fixed mod_rewrite configuration vulnerablility to open redirect (bsc#1145738).
</description>
  <summary>Security update for apache2</summary>
</patchinfo>