Format: 1.8
Date: Fri, 05 May 2017 12:52:21 -0400
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: arm64
Version: 2.4.7-1ubuntu4.15
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-019.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (binary files and modules)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-mpm-event - transitional event MPM package for apache2
 apache2-mpm-itk - transitional itk MPM package for apache2
 apache2-mpm-prefork - transitional prefork MPM package for apache2
 apache2-mpm-worker - transitional worker MPM package for apache2
 apache2-suexec - transitional package for apache2-suexec-pristine
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 apache2.2-bin - Transitional package for apache2-bin
 libapache2-mod-macro - Transitional package for apache2-bin
 libapache2-mod-proxy-html - Transitional package for apache2-bin
Changes: 
 apache2 (2.4.7-1ubuntu4.15) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: mod_sessioncrypto padding oracle attack issue
     - debian/patches/CVE-2016-0736.patch: authenticate the session
       data/cookie with a MAC in modules/session/mod_session_crypto.c.
     - CVE-2016-0736
   * SECURITY UPDATE: denial of service via malicious mod_auth_digest input
     - debian/patches/CVE-2016-2161.patch: improve memory handling in
       modules/aaa/mod_auth_digest.c.
     - CVE-2016-2161
   * SECURITY UPDATE: response splitting and cache pollution issue via
     incomplete RFC7230 HTTP request grammar enforcing
     - debian/patches/CVE-2016-8743.patch: enfore stricter parsing in
       include/http_core.h, include/http_protocol.h, include/httpd.h,
       modules/http/http_filters.c, server/core.c, server/gen_test_char.c,
       server/protocol.c, server/util.c, server/vhost.c.
     - debian/patches/hostnames_with_underscores.diff: relax hostname
       restrictions in server/vhost.c.
     - CVE-2016-8743
   * WARNING: The fix for CVE-2016-8743 introduces a behavioural change and
     may introduce compatibility issues with clients that do not strictly
     follow specifications. A new configuration directive,
     "HttpProtocolOptions Unsafe" can be used to re-enable some of the less
     strict parsing restrictions, at the expense of security.
Checksums-Sha1: 
 8dbf4ca958b3102a532b277bf35d2e30da802c09 1460 libapache2-mod-proxy-html_2.4.7-1ubuntu4.15_arm64.deb
 cbf757f00859dc238a3c43d178424559b254570b 1452 libapache2-mod-macro_2.4.7-1ubuntu4.15_arm64.deb
 61c85d6ca1fc85677742a301b7ee1794c567c78e 87398 apache2_2.4.7-1ubuntu4.15_arm64.deb
 b00cb41ff47cc599565a49060e3937112005bbe8 706474 apache2-bin_2.4.7-1ubuntu4.15_arm64.deb
 2202fe5dc386dbe44762d20f0655ea3c0b4a50d8 1460 apache2-mpm-worker_2.4.7-1ubuntu4.15_arm64.deb
 7eb8b442d215e8e1e245f80ac8b0ae21ae53ca5c 1460 apache2-mpm-prefork_2.4.7-1ubuntu4.15_arm64.deb
 fd230ad4916b2d4a2d3ff1d7a27e13a5134bd7ef 1458 apache2-mpm-event_2.4.7-1ubuntu4.15_arm64.deb
 629a44d516bb308f50d700d0c588a00c08e9e525 1456 apache2-mpm-itk_2.4.7-1ubuntu4.15_arm64.deb
 e996f164c8db2d340f42f03d9716a76fc40a2799 1478 apache2.2-bin_2.4.7-1ubuntu4.15_arm64.deb
 7869d8baf983d241b50ea87583fb2bcf8d3b98a6 77196 apache2-utils_2.4.7-1ubuntu4.15_arm64.deb
 802da3a2b561df7fe9d69d71acf4dd7d06d2ca22 1434 apache2-suexec_2.4.7-1ubuntu4.15_arm64.deb
 fb069ec8efc731c8baae58f50dcedb0e8d673f50 13454 apache2-suexec-pristine_2.4.7-1ubuntu4.15_arm64.deb
 7605cda47ca3e5aeba7e81b50a5e930a7db9ed03 14922 apache2-suexec-custom_2.4.7-1ubuntu4.15_arm64.deb
 0ae46f71977ada58f6f661030932ca96821849c2 166768 apache2-dev_2.4.7-1ubuntu4.15_arm64.deb
 9a1a3d0105250553b9f7137830011c3a0c654748 2006162 apache2-dbg_2.4.7-1ubuntu4.15_arm64.deb
 5e85431e45fe6c08167608859648d16162e1a114 1898974 apache2-bin-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 72428120e05b1e48d3367622a7385f77216aae43 99062 apache2-utils-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 71fe1f9847db0be5398bff01ddecf8a117f5f6e7 9610 apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 e97bd06130c60a3614c851fd8df6f7078e1dfb4f 10596 apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
Checksums-Sha256: 
 5f2a9bb22c6b4c4e1de3dbe25fe031f9d4edbf52eb712bd6edd409176a1d03ca 1460 libapache2-mod-proxy-html_2.4.7-1ubuntu4.15_arm64.deb
 64e3ac9deac421d6d9512a7b0a5bb13acceda87be353eea8af367882687c24c7 1452 libapache2-mod-macro_2.4.7-1ubuntu4.15_arm64.deb
 b1bcbab6215ebe7be91f077a15010585a47cbb84e59bf674c46e9a3a62b95a5b 87398 apache2_2.4.7-1ubuntu4.15_arm64.deb
 1599702a5d0f3f143041a78d041eecd0e8f926a9d51684faf12ae71030dea776 706474 apache2-bin_2.4.7-1ubuntu4.15_arm64.deb
 8b8ffa86c60924ebf55c21d5c7288e58b24582af77008a8feec234b44a863da8 1460 apache2-mpm-worker_2.4.7-1ubuntu4.15_arm64.deb
 e231e518829bc911d58e7a701d1a2ef6a6d08234574a0adcf96202d7f2a764de 1460 apache2-mpm-prefork_2.4.7-1ubuntu4.15_arm64.deb
 d35ec1aa833ab2c71a7e55989ed361c74124273ecf4a44be29d03969a9105368 1458 apache2-mpm-event_2.4.7-1ubuntu4.15_arm64.deb
 d9d61ccd1fc6c059e549b3f9feddbe61257c6346615c11a13e37c757655e7600 1456 apache2-mpm-itk_2.4.7-1ubuntu4.15_arm64.deb
 0a4b081099ad500f53dfdbce89ce9ec1c447f666177b0f2cd1c969928eeee57b 1478 apache2.2-bin_2.4.7-1ubuntu4.15_arm64.deb
 94ba1d66f80db571d4c1693dc7f21af9eb0ab6de9c55c9f024caa61cd5cf62af 77196 apache2-utils_2.4.7-1ubuntu4.15_arm64.deb
 78292b287eb4c37f33a013763610bf1ce72bbebefa18477b2c6ff94768347213 1434 apache2-suexec_2.4.7-1ubuntu4.15_arm64.deb
 2be1994a1f1128ff68fb16edaea55fe08d68fc280dfb876647e3a9cd9cf1ab7c 13454 apache2-suexec-pristine_2.4.7-1ubuntu4.15_arm64.deb
 073c46c6bc4aa6e3cbfd5d37745220d578e7639340d2ebb0d6b310904821036d 14922 apache2-suexec-custom_2.4.7-1ubuntu4.15_arm64.deb
 5189958e701fee23ee5e0ddf1b326ff82f209157e9fc5089b02f56e9d398e2a4 166768 apache2-dev_2.4.7-1ubuntu4.15_arm64.deb
 d2492029c90ce1e674ca280888abab1e8793a7127a86f1fb8f7026c3abb97c94 2006162 apache2-dbg_2.4.7-1ubuntu4.15_arm64.deb
 14ba39547535505f43bf4c19ea4c0dfa48f96dafdca2302540accd81261ff9eb 1898974 apache2-bin-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 e75bf4d6de8dd97895ba94fc42edacac7daecc01e2719ae740b8cccaf1891c56 99062 apache2-utils-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 4bb4c62b503705a2ab62a10c99f1dc85e7d31c8da43eec6caec368f94e501bb9 9610 apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 b4914b31fbe1cc5d6469589d13834854c2e85b1d9df837c71e9f443e7fd6f1f1 10596 apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
Files: 
 430edcd92e82352c4558bec8ca6e1255 1460 oldlibs extra libapache2-mod-proxy-html_2.4.7-1ubuntu4.15_arm64.deb
 8c9331545a3bbe5407be39e915598fe1 1452 oldlibs extra libapache2-mod-macro_2.4.7-1ubuntu4.15_arm64.deb
 d168e88ce1acb611b940f0ac459ebafa 87398 httpd optional apache2_2.4.7-1ubuntu4.15_arm64.deb
 9280a6783658e3e9a3d6d5f23a8d860b 706474 httpd optional apache2-bin_2.4.7-1ubuntu4.15_arm64.deb
 51f12af88b7616955da628bb7723af9e 1460 oldlibs extra apache2-mpm-worker_2.4.7-1ubuntu4.15_arm64.deb
 a264e8e17ff19bb95ceaafbf4d767c7d 1460 oldlibs extra apache2-mpm-prefork_2.4.7-1ubuntu4.15_arm64.deb
 56d2c0695d9aab9610e541d1aca278ab 1458 oldlibs extra apache2-mpm-event_2.4.7-1ubuntu4.15_arm64.deb
 d93d3ba53ce9c149171545e1c61974ab 1456 oldlibs extra apache2-mpm-itk_2.4.7-1ubuntu4.15_arm64.deb
 10d413860097940e0f69f1bc4631a334 1478 oldlibs extra apache2.2-bin_2.4.7-1ubuntu4.15_arm64.deb
 443fdc70ce9ba4a3e49e0a831ca31c13 77196 httpd optional apache2-utils_2.4.7-1ubuntu4.15_arm64.deb
 764c0299b00cd1cd3d7b9fe99a88f41c 1434 oldlibs extra apache2-suexec_2.4.7-1ubuntu4.15_arm64.deb
 bcd7da6d290631678b206b998def73d1 13454 httpd optional apache2-suexec-pristine_2.4.7-1ubuntu4.15_arm64.deb
 fb5db1eefc2cb574e506347b2f52e0a3 14922 httpd extra apache2-suexec-custom_2.4.7-1ubuntu4.15_arm64.deb
 2649f8fa12d93cf202a30c371e1d6135 166768 httpd optional apache2-dev_2.4.7-1ubuntu4.15_arm64.deb
 df2110c8cab3a2dab2906cc60bd62e95 2006162 debug extra apache2-dbg_2.4.7-1ubuntu4.15_arm64.deb
 10ab60150e76b05219a7e3403c17c225 1898974 httpd extra apache2-bin-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 bb768d373e26b3822165612c5d428853 99062 httpd extra apache2-utils-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 72cba6ef3bee8736e79b84432af8c762 9610 httpd extra apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
 4d20c7656afefb563c02fcc38aaca857 10596 httpd extra apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.15_arm64.ddeb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>