SUSE: 2011:0885-1 Important: Apache2 Mod_Fcgid Stack Overflow

Warning: Undefined array key "advisoryid" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/4047543_1edcd913e2b52798c5b9126b8927230e on line 19

   SUSE Security Update: Security update for apache2-mod_fcgid
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0885-1
Rating:             important
References:         #656092 
Cross-References:   CVE-2010-3872
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP1
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:


   A possible stack overflow in apache2-mod_fcgid due to wrong
   pointer  arithmetic has been fixed. CVE-2010-3872 has been
   assigned to this issue.

   Security Issue reference:

   * CVE-2010-3872
   


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP1:

      zypper in -t patch sdksp1-apache2-mod_fcgid-4934

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):

      apache2-mod_fcgid-2.2-31.21.1


References:

   https://www.suse.com/security/cve/CVE-2010-3872.html