I’ve just added new apache2 builds for both SUSE 9.3 and 10.0. These packages address a couple of low-grade security issues (details below). As with any security update, it is recommended for all users.
The following updated packages are available for SUSE 10.0:
apache2-2.0.54-11.3.vm.i586.rpm
apache2-example-pages-2.0.54-11.3.vm.i586.rpm
apache2-debuginfo-2.0.54-11.3.vm.i586.rpm
apache2-prefork-2.0.54-11.3.vm.i586.rpm
apache2-devel-2.0.54-11.3.vm.i586.rpm
apache2-worker-2.0.54-11.3.vm.i586.rpm
apache2-doc-2.0.54-11.3.vm.i586.rpm
libapr0-2.0.54-11.3.vm.i586.rpm
The following updated packages are available for SUSE 9.3:
apache2-2.0.53-9.10.vm.i586.rpm
apache2-example-pages-2.0.53-9.10.vm.i586.rpm
apache2-debuginfo-2.0.53-9.10.vm.i586.rpm
apache2-prefork-2.0.53-9.10.vm.i586.rpm
apache2-devel-2.0.53-9.10.vm.i586.rpm
apache2-worker-2.0.53-9.10.vm.i586.rpm
apache2-doc-2.0.53-9.10.vm.i586.rpm
libapr0-2.0.53-9.10.vm.i586.rpm
From the SUSE security report, this update fixes:
-
a cross-site-scripting bug in the imagemap module mod_imap
(CVE-2005-3352) -
a bug in mod_ssl that allowed attackers to crash apache
(CVE-2005-3357)