Operating System:

[SUSE]

Published:

06 September 2011

Protect yourself against future threats.

//Service

Security Bulletins

Receive up to date and consistent security bulletins across a wide range of vendors, streamlining security patching.

Read more
Resources > Security Bulletins > ESB-2011.0909 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2011.0909
                        Security update for Apache
                             6 September 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Apache HTTP server
Publisher:        SUSE
Operating System: SUSE
Impact/Access:    Denial of Service -- Remote/Unauthenticated
Resolution:       Patch/Upgrade
CVE Names:        CVE-2011-3192 CVE-2010-1452 

Reference:        ASB-2010.0181.2
                  ESB-2011.0901
                  ESB-2011.0870.2

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for Apache
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:1000-1
Rating:             important
References:         #627030 #670027 #690734 #696251 #713966 
Cross-References:   CVE-2010-1452 CVE-2011-3192
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP1
                    SUSE Linux Enterprise Server 11 SP1 for VMware
                    SUSE Linux Enterprise Server 11 SP1
______________________________________________________________________________

   An update that solves two vulnerabilities and has three
   fixes is now available.

Description:


   This update fixes a remote denial of service bug (memory
   exhaustion) in the  Apache 2 HTTP server, that could be
   triggered by remote attackers using  multiple overlapping
   Request Ranges. (CVE-2011-3192)

   It also fixes a issue in mod_dav, where the (1) mod_cache
   and (2) mod_dav  modules in the Apache HTTP Server 2.2.x
   allowed remote attackers to cause a  denial of service
   (process crash) via a request that lacks a path.
   (CVE-2010-1452)

   Also following bugs were fixed:

   * recommend the default MPM (prefork) via Recommends:
   in .spec
   * apache not sending error 304 if mod_deflate is
   enabled.
   * take LimitRequestFieldsize config option into account
   when parsing headers from backend.

   Security Issue references:

   * CVE-2011-3192
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
   >
   * CVE-2010-1452
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
   >

Indications:

   Please install this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP1:

      zypper in -t patch sdksp1-apache2-5090

   - SUSE Linux Enterprise Server 11 SP1 for VMware:

      zypper in -t patch slessp1-apache2-5090

   - SUSE Linux Enterprise Server 11 SP1:

      zypper in -t patch slessp1-apache2-5090

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):

      apache2-devel-2.2.10-2.30.1

   - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):

      apache2-2.2.10-2.30.1
      apache2-doc-2.2.10-2.30.1
      apache2-example-pages-2.2.10-2.30.1
      apache2-prefork-2.2.10-2.30.1
      apache2-utils-2.2.10-2.30.1
      apache2-worker-2.2.10-2.30.1

   - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):

      apache2-2.2.10-2.30.1
      apache2-doc-2.2.10-2.30.1
      apache2-example-pages-2.2.10-2.30.1
      apache2-prefork-2.2.10-2.30.1
      apache2-utils-2.2.10-2.30.1
      apache2-worker-2.2.10-2.30.1

   - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):

      apache2-2.2.10-2.30.1
      apache2-doc-2.2.10-2.30.1
      apache2-example-pages-2.2.10-2.30.1
      apache2-prefork-2.2.10-2.30.1
      apache2-utils-2.2.10-2.30.1
      apache2-worker-2.2.10-2.30.1


References:

   http://support.novell.com/security/cve/CVE-2010-1452.html
   http://support.novell.com/security/cve/CVE-2011-3192.html
   https://bugzilla.novell.com/627030
   https://bugzilla.novell.com/670027
   https://bugzilla.novell.com/690734
   https://bugzilla.novell.com/696251
   https://bugzilla.novell.com/713966
   http://download.novell.com/patch/finder/?keywords=6d016ff9e4b33261dfa077a857856638

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBTmWyxu4yVqjM2NGpAQLFDA//Wast4yZprR8ZXi5qfh6pUmQdqqBLKa5k
4Jglc/rQ4fo9Vyc34NugIYAenjMo2d6vZqVE0EjN+BLokBNbukpuptMHYTHXvYOy
phzBZ+g5GCuq4ZHIJIqCjaZ28MasNlXOXQbG9kukTMdFUJiLAMW804dZGTsfzWBR
5Xnws9LJS/a9XuT0o/kW8z2B+CsdUMkt82yG8ZQ0dtI8KOMuSp1REnhEsDiz03S3
taxvZpng9uuEITxa0eH44sFUPOieAFpDmdVZ8qqCUdjEjehJv03q6mtw93gDr6Jt
sqzLKB6ZFAU4HPpQwpF096j6u4nRY2raZzWVHEFjQ8gNwXm+GDkqNigzcVrFUr1F
SFHF+Mtxosxgb41+n+ZQg3myd+FpCh6TkFcrCilNTsN0+tqIXCj4u0g/BiP1iC3Y
Mzj6VvnQ3qJ2cclCLJ94ovIuIf0XhMC2AphwVUO0k9dGKxlsDSHzSkjzeitMplHK
u8CclIPdHU0visu7z62wuvXHbajNM+50eRRR481eLcz07dxOEfK6Fn/EDzxzr7rX
mVGwuwO/6Bu91a/BxXtmzSHt3sh29PuFih12mYIQnaE5mIYa8iDwnyMppFrwOGON
jxfN00apEabYJhNhEdJqUD5eh8WE7hrzTK35stTfKs7ChslD9DwoF4cGiLOYD66P
Zhl4HadVi+I=
=JVDE
-----END PGP SIGNATURE-----