{"affected":[{"ecosystem_specific":{"binaries":[{"apache2":"2.4.10-14.31.1","apache2-doc":"2.4.10-14.31.1","apache2-example-pages":"2.4.10-14.31.1","apache2-prefork":"2.4.10-14.31.1","apache2-utils":"2.4.10-14.31.1","apache2-worker":"2.4.10-14.31.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12-LTSS","name":"apache2","purl":"pkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.10-14.31.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for apache2 fixes the following issues:\n\n\n * CVE-2018-1283: when mod_session is configured to forward its session data to CGI applications \n (SessionEnv on, not the default), a remote user may influence their content by \n using a \\'Session\\' header leading to unexpected behavior [bsc#1086814].\n\n * CVE-2018-1301: due to an out of bound access after a size limit being reached by reading the HTTP header, \n a specially crafted request could lead to remote denial of service. [bsc#1086817]\n \n * CVE-2018-1303: a specially crafted HTTP request header could lead to crash due to an out of bound read \n while preparing data to be cached in shared memory.[bsc#1086813]\n \n * CVE-2017-15715: a regular expression could match '$' to a newline character in a malicious filename, \n rather than matching only the end of the filename. leading to corruption of uploaded files.[bsc#1086774]\n \n * CVE-2018-1312: when generating an HTTP Digest authentication challenge, the nonce sent to prevent \n reply attacks was not correctly generated using a pseudo-random seed. \n In a cluster of servers using a common Digest authentication configuration, \n HTTP requests could be replayed across servers by an attacker without detection. [bsc#1086775]\n \n * CVE-2017-15710: mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, \n uses the Accept-Language header value to lookup the right charset encoding when verifying the \n user's credentials. If the header value is not present in the charset conversion table, \n a fallback mechanism is used to truncate it to a two characters value to allow a quick retry \n (for example, 'en-US' is truncated to 'en'). \n A header value of less than two characters forces an out of bound write of one NUL byte to a \n memory location that is not part of the string. In the worst case, quite unlikely, the process \n would crash which could be used as a Denial of Service attack. In the more likely case, this memory \n is already reserved for future use and the issue has no effect at all. [bsc#1086820]\n \n * gensslcert: fall back to 'localhost' as hostname [bsc#1057406]\n","id":"SUSE-SU-2018:0901-1","modified":"2018-04-08T19:40:13Z","published":"2018-04-08T19:40:13Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180901-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1057406"},{"type":"REPORT","url":"https://bugzilla.suse.com/1086774"},{"type":"REPORT","url":"https://bugzilla.suse.com/1086775"},{"type":"REPORT","url":"https://bugzilla.suse.com/1086813"},{"type":"REPORT","url":"https://bugzilla.suse.com/1086814"},{"type":"REPORT","url":"https://bugzilla.suse.com/1086817"},{"type":"REPORT","url":"https://bugzilla.suse.com/1086820"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-15710"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-15715"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1283"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1301"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1303"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1312"}],"related":["CVE-2017-15710","CVE-2017-15715","CVE-2018-1283","CVE-2018-1301","CVE-2018-1303","CVE-2018-1312"],"summary":"Security update for apache2","upstream":["CVE-2017-15710","CVE-2017-15715","CVE-2018-1283","CVE-2018-1301","CVE-2018-1303","CVE-2018-1312"]}