Описание
Security update for apache2
This update for apache2 fixes the following issues:
- CVE-2023-45802: Fixed regression with previous fix (bsc#1233165).
Список пакетов
Container suse/manager/4.3/proxy-httpd:latest
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Server-4-3
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAP
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAP-Azure
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAP-EC2
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAP-GCE
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAPCAL
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAPCAL-Azure
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAPCAL-EC2
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-SAPCAL-GCE
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP5-SAPCAL-Azure
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP5-SAPCAL-EC2
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP5-SAPCAL-GCE
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
apache2-2.4.51-150400.6.43.1
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
apache2-2.4.51-150400.6.43.1
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
apache2-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
SUSE Linux Enterprise Module for Package Hub 15 SP5
apache2-event-2.4.51-150400.6.43.1
SUSE Linux Enterprise Module for Server Applications 15 SP5
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
SUSE Linux Enterprise Module for Server Applications 15 SP6
apache2-doc-2.4.51-150400.6.43.1
SUSE Linux Enterprise Server 15 SP4-LTSS
apache2-2.4.51-150400.6.43.1
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
apache2-2.4.51-150400.6.43.1
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
SUSE Manager Proxy 4.3
apache2-2.4.51-150400.6.43.1
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
SUSE Manager Server 4.3
apache2-2.4.51-150400.6.43.1
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
openSUSE Leap 15.5
apache2-2.4.51-150400.6.43.1
apache2-devel-2.4.51-150400.6.43.1
apache2-doc-2.4.51-150400.6.43.1
apache2-event-2.4.51-150400.6.43.1
apache2-example-pages-2.4.51-150400.6.43.1
apache2-prefork-2.4.51-150400.6.43.1
apache2-utils-2.4.51-150400.6.43.1
apache2-worker-2.4.51-150400.6.43.1
Ссылки
- Link for SUSE-SU-2024:3999-1
- E-Mail link for SUSE-SU-2024:3999-1
- SUSE Security Ratings
- SUSE Bug 1233165
- SUSE CVE CVE-2023-45802 page
Описание
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue.
Затронутые продукты
Container suse/manager/4.3/proxy-httpd:latest:apache2-2.4.51-150400.6.43.1
Container suse/manager/4.3/proxy-httpd:latest:apache2-prefork-2.4.51-150400.6.43.1
Container suse/manager/4.3/proxy-httpd:latest:apache2-utils-2.4.51-150400.6.43.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure:apache2-2.4.51-150400.6.43.1
Ссылки
- CVE-2023-45802
- SUSE Bug 1216423