OPENSUSE-SU-2020:1293-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 30 Aug 2020, 04:23
Last modified:04 Feb 2026, 02:36
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
30 Aug 2020, 04:23
Published
Vulnerability first disclosed
04 Feb 2026, 02:36
Last Modified
Vulnerability information updated
Description
Security update for apache2 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request (bsc#1175071). - CVE-2020-11984: Fixed an information disclosure bug in mod_proxy_uwsgi (bsc#1175074). - CVE-2020-11993: When trace/debug was enabled for the HTTP/2 module logging statements were made on the wrong connection (bsc#1175070). This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•apache2&distro=openSUSE Leap 15.1
< 2.4.33-lp151.8.15.1
References (7)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NHJXJIST4UJVGZOBVCP2BMPPKZUJJ4KS/
- https://bugzilla.suse.com/1175070
- https://bugzilla.suse.com/1175071
- https://bugzilla.suse.com/1175074
- https://www.suse.com/security/cve/CVE-2020-11984
- https://www.suse.com/security/cve/CVE-2020-11993
- https://www.suse.com/security/cve/CVE-2020-9490