SUSE-SU-2020:2450-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 02 Sept 2020, 09:48
Last modified:04 Feb 2026, 03:10
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
02 Sept 2020, 09:48
Published
Vulnerability first disclosed
04 Feb 2026, 03:10
Last Modified
Vulnerability information updated
Description
Security update for apache2 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request (bsc#1175071). - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite (bsc#1175072). - CVE-2020-11993: When trace/debug was enabled for the HTTP/2 module logging statements were made on the wrong connection (bsc#1175070).
Affected Systems
- suse•apache2&distro=HPE Helion OpenStack 8
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Enterprise Storage 5
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server 12 SP2-BCL
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server 12 SP2-LTSS
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server 12 SP3-BCL
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server 12 SP3-LTSS
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server 12 SP4-LTSS
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server 12 SP5
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE OpenStack Cloud 7
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE OpenStack Cloud 8
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE OpenStack Cloud 9
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE OpenStack Cloud Crowbar 8
< 2.4.23-29.63.1
- suse•apache2&distro=SUSE OpenStack Cloud Crowbar 9
< 2.4.23-29.63.1
References (7)
- https://www.suse.com/support/update/announcement/2020/suse-su-20202450-1/
- https://bugzilla.suse.com/1175070
- https://bugzilla.suse.com/1175071
- https://bugzilla.suse.com/1175072
- https://www.suse.com/security/cve/CVE-2020-11985
- https://www.suse.com/security/cve/CVE-2020-11993
- https://www.suse.com/security/cve/CVE-2020-9490