7731 moderate openSUSE Leap 42.3 Update This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress (closing many connections) the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour (bsc#1048575). - CVE-2017-7659: A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process (bsc#1045160). These non-security issues were fixed: - Use the full path to a2enmod and a2dismod in the apache-22-24-upgrade script (bsc#1042037) - Fall back to 'localhost' as hostname in gensslcert (bsc#1057406) This update was imported from the SUSE:SLE-12-SP2:Update update project. apache2-2.4.23-19.1.i586.rpm apache2-2.4.23-19.1.src.rpm apache2-debuginfo-2.4.23-19.1.i586.rpm apache2-debugsource-2.4.23-19.1.i586.rpm apache2-devel-2.4.23-19.1.i586.rpm apache2-doc-2.4.23-19.1.noarch.rpm apache2-event-2.4.23-19.1.i586.rpm apache2-event-debuginfo-2.4.23-19.1.i586.rpm apache2-example-pages-2.4.23-19.1.i586.rpm apache2-prefork-2.4.23-19.1.i586.rpm apache2-prefork-debuginfo-2.4.23-19.1.i586.rpm apache2-utils-2.4.23-19.1.i586.rpm apache2-utils-debuginfo-2.4.23-19.1.i586.rpm apache2-worker-2.4.23-19.1.i586.rpm apache2-worker-debuginfo-2.4.23-19.1.i586.rpm apache2-2.4.23-19.1.x86_64.rpm apache2-debuginfo-2.4.23-19.1.x86_64.rpm apache2-debugsource-2.4.23-19.1.x86_64.rpm apache2-devel-2.4.23-19.1.x86_64.rpm apache2-event-2.4.23-19.1.x86_64.rpm apache2-event-debuginfo-2.4.23-19.1.x86_64.rpm apache2-example-pages-2.4.23-19.1.x86_64.rpm apache2-prefork-2.4.23-19.1.x86_64.rpm apache2-prefork-debuginfo-2.4.23-19.1.x86_64.rpm apache2-utils-2.4.23-19.1.x86_64.rpm apache2-utils-debuginfo-2.4.23-19.1.x86_64.rpm apache2-worker-2.4.23-19.1.x86_64.rpm apache2-worker-debuginfo-2.4.23-19.1.x86_64.rpm