SUSE-SU-2025:4518-1

UNKNOWN

Security update for apache2

Published Dec 23, 2025

Modified 3 weeks ago

Fix available

This update for apache2 fixes the following issues:

CVE-2025-55753: Fixed mod_md (ACME) unintended retry intervals (bsc#1254511)
CVE-2025-65082: Fixed CGI environment variable override (bsc#1254514)
CVE-2025-58098: Fixed Server Side Includes adding query string to #exec cmd=... (bsc#1254512)
CVE-2025-66200: Fixed mod_userdir+suexec bypass via AllowOverride FileInfo (bsc#1254515)

SUSE:Linux Enterprise Module for Basesystem 15 SP7apache2

Fixed in:

2.4.62-150700.4.9.1

SUSE:Linux Enterprise Module for Basesystem 15 SP7apache2-prefork

Fixed in:

2.4.62-150700.4.9.1

SUSE:Linux Enterprise Module for Package Hub 15 SP7apache2-event

Fixed in:

2.4.62-150700.4.9.1

SUSE:Linux Enterprise Module for Server Applications 15 SP7apache2-devel

Fixed in:

2.4.62-150700.4.9.1

SUSE:Linux Enterprise Module for Server Applications 15 SP7apache2-utils

Fixed in:

2.4.62-150700.4.9.1

SUSE:Linux Enterprise Module for Server Applications 15 SP7apache2-worker

Fixed in:

2.4.62-150700.4.9.1

PublishedDec 23, 2025

ModifiedDec 23, 2025