21 Sep
2017
21 Sep
'17
07:21
On Thu, Sep 21, 2017 at 09:15:25AM +0200, Mathias Homann wrote:
Hi,
just came across https://arstechnica.com/information-technology/2017/09/ apache-bug-leaks-contents-of-server-memory-for-all-to-see-patch-now/, does CVE-2017-9798 affect openSUSE/SLES/SLED?
It affects the Apache 2.4 versions we ship, so SLE12 and Leap 42* This needs a misconfiured .htaccess though to be exploitable. We will release updates. (Apache 2.2 affectedness is not clear.) Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org