SUSE-CU-2025:9660-1: Security update of bci/php-apache
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Dec 24 08:15:09 UTC 2025
SUSE Container Update Advisory: bci/php-apache
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:9660-1
Container Tags : bci/php-apache:8 , bci/php-apache:8.3.23 , bci/php-apache:8.3.23-17.8 , bci/php-apache:latest
Container Release : 17.8
Severity : important
Type : security
References : 1254511 1254512 1254514 1254515 CVE-2025-55753 CVE-2025-58098
CVE-2025-65082 CVE-2025-66200
-----------------------------------------------------------------
The container bci/php-apache was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4518-1
Released: Tue Dec 23 20:07:29 2025
Summary: Security update for apache2
Type: security
Severity: important
References: 1254511,1254512,1254514,1254515,CVE-2025-55753,CVE-2025-58098,CVE-2025-65082,CVE-2025-66200
This update for apache2 fixes the following issues:
- CVE-2025-55753: Fixed mod_md (ACME) unintended retry intervals (bsc#1254511)
- CVE-2025-65082: Fixed CGI environment variable override (bsc#1254514)
- CVE-2025-58098: Fixed Server Side Includes adding query string to #exec cmd=... (bsc#1254512)
- CVE-2025-66200: Fixed mod_userdir+suexec bypass via AllowOverride FileInfo (bsc#1254515)
The following package changes have been done:
- apache2-prefork-2.4.62-150700.4.9.1 updated
- apache2-2.4.62-150700.4.9.1 updated
More information about the sle-container-updates
mailing list