Format: 1.8 Date: Wed, 10 Apr 2024 13:45:18 -0400 Source: apache2 Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi Built-For-Profiles: noudeb Architecture: arm64 Version: 2.4.52-1ubuntu4.9 Distribution: jammy Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: apache2 - Apache HTTP Server apache2-bin - Apache HTTP Server (modules and other binary files) apache2-dev - Apache HTTP Server (development headers) apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers) apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) libapache2-mod-md - transitional package libapache2-mod-proxy-uwsgi - transitional package Changes: apache2 (2.4.52-1ubuntu4.9) jammy-security; urgency=medium . * SECURITY UPDATE: HTTP response splitting - debian/patches/CVE-2023-38709.patch: header validation after content-* are eval'ed in modules/http/http_filters.c. - CVE-2023-38709 * SECURITY UPDATE: HTTP Response Splitting in multiple modules - debian/patches/CVE-2024-24795.patch: let httpd handle CL/TE for non-http handlers in include/util_script.h, modules/aaa/mod_authnz_fcgi.c, modules/generators/mod_cgi.c, modules/generators/mod_cgid.c, modules/http/http_filters.c, modules/proxy/ajp_header.c, modules/proxy/mod_proxy_fcgi.c, modules/proxy/mod_proxy_scgi.c, modules/proxy/mod_proxy_uwsgi.c. - CVE-2024-24795 * SECURITY UPDATE: HTTP/2 DoS by memory exhaustion on endless continuation frames - debian/patches/CVE-2024-27316.patch: bail after too many failed reads in modules/http2/h2_session.c, modules/http2/h2_stream.c, modules/http2/h2_stream.h. - CVE-2024-27316 Checksums-Sha1: 851a18695083bef06e56902c53b4c5d3dea18ab0 3908848 apache2-bin-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb f08187423bf274ba7dce1ceb74c14884a0581d79 1303446 apache2-bin_2.4.52-1ubuntu4.9_arm64.deb 53b03d0ec56a25ff7aac5f70dff91e098a2cba25 190458 apache2-dev_2.4.52-1ubuntu4.9_arm64.deb 2675667a9faed8843eec8e687b49af85f42b4e3b 2982 apache2-ssl-dev_2.4.52-1ubuntu4.9_arm64.deb 9e9ccd43331d8d1716474e933e890f056a310368 12852 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb 440875130daac31873e700cffaf1f5e1fb9ba69b 16148 apache2-suexec-custom_2.4.52-1ubuntu4.9_arm64.deb b5dcbe3e84ae7a86d15404ee2084354ef0f50a2d 11570 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb 66f377ab919faa7833506d4c2a66607ec11a8855 14606 apache2-suexec-pristine_2.4.52-1ubuntu4.9_arm64.deb b297e1f41d7d491dfe23a5a8c14476e2c2915e4c 120898 apache2-utils-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb 711bc9b889adc667c35e706d54b9462a186dae36 87374 apache2-utils_2.4.52-1ubuntu4.9_arm64.deb 1974a93af84f4782ad64ccb62951d245bb4624f5 12081 apache2_2.4.52-1ubuntu4.9_arm64.buildinfo 41632db84589042cf7b8c7818316d07f63a86a1b 97878 apache2_2.4.52-1ubuntu4.9_arm64.deb a275afdb50eb2de6467d660a3137c355c55f50e1 802 libapache2-mod-md_2.4.52-1ubuntu4.9_arm64.deb cf91465ee677b32074ea5d822f1306fab49ef4de 988 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.9_arm64.deb Checksums-Sha256: b204f86c2c4c00c6d6429fa736dd7eaff9b7f8668903502f9ad37bc7060ef1e2 3908848 apache2-bin-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb aa18799043c2c808fb3009c4c68debe6dc0860e4ac4a4d8b7271e49279d150a9 1303446 apache2-bin_2.4.52-1ubuntu4.9_arm64.deb 8bb9986cb588fa7b58dead022fd7e8fdfdb724ea102ca5f22b09c0ad8eb400b2 190458 apache2-dev_2.4.52-1ubuntu4.9_arm64.deb e01714006cc68af303c8d666d3d1ebac3d828472e8911557a1daec05d1dab223 2982 apache2-ssl-dev_2.4.52-1ubuntu4.9_arm64.deb 2d218c3934d64b024547fe147b35004e8c238b756bcc158a520bfc7ba7a75161 12852 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb 1ecb90db865fe6f5d701c2b01d2240c6e651f34702da17c1b853213d645749b1 16148 apache2-suexec-custom_2.4.52-1ubuntu4.9_arm64.deb 6ca216289c1869acdb7908ebbb9c9e7b4e5d88cc5a6dacbe10ba4248a08090b8 11570 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb c04ac6a8986f2b4219b8439dbf61a3b0b2322ce4e0dfba45823838e9c19609a0 14606 apache2-suexec-pristine_2.4.52-1ubuntu4.9_arm64.deb 62ce4ea689f62435d53f55afeef3e47d53ae9d6c06441f7f5b8c3883ed52ddd8 120898 apache2-utils-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb 1dee17cac275de9cd8c785bba02eaea0bd516e2c4a0fca0c8a62b45adaabd930 87374 apache2-utils_2.4.52-1ubuntu4.9_arm64.deb 586906b83b4ed20bb933bf99e3569ef025a652e52a338950d3953aa6d0352c1a 12081 apache2_2.4.52-1ubuntu4.9_arm64.buildinfo 452f58486d1fe7e7f262646850c2ae2d02543d3d5c604da8646790bd4edd8f97 97878 apache2_2.4.52-1ubuntu4.9_arm64.deb e01e34b8fc813974e63a681defadff29c98ac50acce84ec5a41192a83db3a416 802 libapache2-mod-md_2.4.52-1ubuntu4.9_arm64.deb 0acdf38c1be8f8fba57213ac28931ef9d7923e8cc0c8127265975c56f14824d4 988 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.9_arm64.deb Files: cccd4dfbba24923726b5402b68de6c78 3908848 debug optional apache2-bin-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb 158e47b4cba8605e4d515dc8c8c0ade7 1303446 httpd optional apache2-bin_2.4.52-1ubuntu4.9_arm64.deb 69b308842eecb2fd164cf201598e831c 190458 httpd optional apache2-dev_2.4.52-1ubuntu4.9_arm64.deb 1cf818eaaa1b6a10c1403b23084e64af 2982 httpd optional apache2-ssl-dev_2.4.52-1ubuntu4.9_arm64.deb 0899cf37718a8bfa8bfcfe8c4925dea1 12852 debug optional apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb a1dbd47319c5dee184cd7f97a74042ea 16148 httpd optional apache2-suexec-custom_2.4.52-1ubuntu4.9_arm64.deb 08fed214d3c5b79af10db700bea37f51 11570 debug optional apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb 51612c5da97daa737c99d2e4ec6514c0 14606 httpd optional apache2-suexec-pristine_2.4.52-1ubuntu4.9_arm64.deb a711089f66e0c9bd88d000ef204bfa89 120898 debug optional apache2-utils-dbgsym_2.4.52-1ubuntu4.9_arm64.ddeb bde6c30677d5a7ce8e7ab5758b5d48e0 87374 httpd optional apache2-utils_2.4.52-1ubuntu4.9_arm64.deb 6f4564c774f3502ef89fc40c85cc94a0 12081 httpd optional apache2_2.4.52-1ubuntu4.9_arm64.buildinfo 079bc04be8e72d804306e5eaedebf355 97878 httpd optional apache2_2.4.52-1ubuntu4.9_arm64.deb 7ff4028c9753dbae3ab14c3b3059bc22 802 oldlibs optional libapache2-mod-md_2.4.52-1ubuntu4.9_arm64.deb 3b098ce85e6b28e5325b94ef0d0ef09f 988 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.9_arm64.deb Original-Maintainer: Debian Apache Maintainers