Ubuntu
apache2 package

apache2 2.4.18-2ubuntu4.2 source package in Ubuntu

Changelog

apache2 (2.4.18-2ubuntu4.2) yakkety-security; urgency=medium

  * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
    - debian/patches/CVE-2017-3167.patch: deprecate and replace
      ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
      server/protocol.c, server/request.c.
    - CVE-2017-3167
  * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
    - debian/patches/CVE-2017-3169.patch: fix ctx passed to
      ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
    - CVE-2017-3169
  * SECURITY UPDATE: denial of service and possible incorrect value return
    in HTTP strict parsing changes
    - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
      server/util.c.
    - CVE-2017-7668
  * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
    - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
      modules/http/mod_mime.c.
    - CVE-2017-7679

 -- Marc Deslauriers <email address hidden>  Mon, 26 Jun 2017 07:57:04 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Yakkety
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
httpd
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
apache2_2.4.18.orig.tar.bz2 4.9 MiB 0644b050de41f5c9f67c825285049b144690421acb709b06fe53eddfa8a9fd4c
apache2_2.4.18-2ubuntu4.2.debian.tar.xz 377.4 KiB d82001fa136f50780335965d9e248b28751a7b435780a9b9709a0da579f25a51
apache2_2.4.18-2ubuntu4.2.dsc 2.8 KiB 6fcd2a21ade0453b8ed2865fbee219194189e3646c2794f312385fab7156774b

View changes file

Binary packages built by this source

apache2: No summary available for apache2 in ubuntu yakkety.

No description available for apache2 in ubuntu yakkety.

apache2-bin: No summary available for apache2-bin in ubuntu yakkety.

No description available for apache2-bin in ubuntu yakkety.

apache2-bin-dbgsym: No summary available for apache2-bin-dbgsym in ubuntu yakkety.

No description available for apache2-bin-dbgsym in ubuntu yakkety.

apache2-data: No summary available for apache2-data in ubuntu yakkety.

No description available for apache2-data in ubuntu yakkety.

apache2-dbg: No summary available for apache2-dbg in ubuntu yakkety.

No description available for apache2-dbg in ubuntu yakkety.

apache2-dbgsym: No summary available for apache2-dbgsym in ubuntu yakkety.

No description available for apache2-dbgsym in ubuntu yakkety.

apache2-dev: No summary available for apache2-dev in ubuntu yakkety.

No description available for apache2-dev in ubuntu yakkety.

apache2-dev-dbgsym: No summary available for apache2-dev-dbgsym in ubuntu yakkety.

No description available for apache2-dev-dbgsym in ubuntu yakkety.

apache2-doc: No summary available for apache2-doc in ubuntu yakkety.

No description available for apache2-doc in ubuntu yakkety.

apache2-suexec-custom: No summary available for apache2-suexec-custom in ubuntu yakkety.

No description available for apache2-suexec-custom in ubuntu yakkety.

apache2-suexec-custom-dbgsym: No summary available for apache2-suexec-custom-dbgsym in ubuntu yakkety.

No description available for apache2-suexec-custom-dbgsym in ubuntu yakkety.

apache2-suexec-pristine: No summary available for apache2-suexec-pristine in ubuntu yakkety.

No description available for apache2-suexec-pristine in ubuntu yakkety.

apache2-suexec-pristine-dbgsym: No summary available for apache2-suexec-pristine-dbgsym in ubuntu yakkety.

No description available for apache2-suexec-pristine-dbgsym in ubuntu yakkety.

apache2-utils: No summary available for apache2-utils in ubuntu yakkety.

No description available for apache2-utils in ubuntu yakkety.

apache2-utils-dbgsym: No summary available for apache2-utils-dbgsym in ubuntu yakkety.

No description available for apache2-utils-dbgsym in ubuntu yakkety.