OPENSUSE-SU-2019:0296-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2018-17189 CVE-2018-17199

Published: 23 Mar 2019, 11:11

Last modified:04 Feb 2026, 03:16

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 Mar 2019, 11:11

Published

Vulnerability first disclosed

04 Feb 2026, 03:16

Last Modified

Vulnerability information updated

Description

Security update for apache2 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and unneeded request bodies (bsc#1122838) - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry time (bsc#1122839) Non-security issue fixed: - sysconfig.d is not created anymore if it already exists (bsc#1121086) This update was imported from the SUSE:SLE-15:Update update project.

Affected Systems

opensuse•apache2&distro=openSUSE Leap 15.0
< 2.4.33-lp150.2.9.1

OPENSUSE-SU-2019:0296-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (6)