{"affected":[{"ecosystem_specific":{"binaries":[{"apache2-event":"2.4.51-3.37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP2","name":"apache2","purl":"pkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.51-3.37.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for apache2 fixes the following issues:\n\nApache2 was updated to the current stable version 2.4.51 (jsc#SLE-22733 jsc#SLE-22849)\n\nIt fixes all CVEs and selected bugs represented by patches found between 2.4.23 and 2.4.51.\n\nSee https://downloads.apache.org/httpd/CHANGES_2.4 for a complete change log.\n\nAlso fixed:\n\n- CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations (bsc#1193943)\n- CVE-2021-44790: Fixed buffer overflow when parsing multipart content in mod_lua (bsc#1193942)\n\n","id":"SUSE-SU-2022:0091-2","modified":"2022-01-20T15:28:01Z","published":"2022-01-20T15:28:01Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20220091-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193943"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-44224"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-44790"}],"related":["CVE-2021-44224","CVE-2021-44790"],"summary":"Security update for apache2","upstream":["CVE-2021-44224","CVE-2021-44790"]}