Format: 1.8
Date: Fri, 05 May 2017 12:52:21 -0400
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: i386 all
Version: 2.4.7-1ubuntu4.15
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-19.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (binary files and modules)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-mpm-event - transitional event MPM package for apache2
 apache2-mpm-itk - transitional itk MPM package for apache2
 apache2-mpm-prefork - transitional prefork MPM package for apache2
 apache2-mpm-worker - transitional worker MPM package for apache2
 apache2-suexec - transitional package for apache2-suexec-pristine
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 apache2.2-bin - Transitional package for apache2-bin
 libapache2-mod-macro - Transitional package for apache2-bin
 libapache2-mod-proxy-html - Transitional package for apache2-bin
Changes: 
 apache2 (2.4.7-1ubuntu4.15) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: mod_sessioncrypto padding oracle attack issue
     - debian/patches/CVE-2016-0736.patch: authenticate the session
       data/cookie with a MAC in modules/session/mod_session_crypto.c.
     - CVE-2016-0736
   * SECURITY UPDATE: denial of service via malicious mod_auth_digest input
     - debian/patches/CVE-2016-2161.patch: improve memory handling in
       modules/aaa/mod_auth_digest.c.
     - CVE-2016-2161
   * SECURITY UPDATE: response splitting and cache pollution issue via
     incomplete RFC7230 HTTP request grammar enforcing
     - debian/patches/CVE-2016-8743.patch: enfore stricter parsing in
       include/http_core.h, include/http_protocol.h, include/httpd.h,
       modules/http/http_filters.c, server/core.c, server/gen_test_char.c,
       server/protocol.c, server/util.c, server/vhost.c.
     - debian/patches/hostnames_with_underscores.diff: relax hostname
       restrictions in server/vhost.c.
     - CVE-2016-8743
   * WARNING: The fix for CVE-2016-8743 introduces a behavioural change and
     may introduce compatibility issues with clients that do not strictly
     follow specifications. A new configuration directive,
     "HttpProtocolOptions Unsafe" can be used to re-enable some of the less
     strict parsing restrictions, at the expense of security.
Checksums-Sha1: 
 b60731e559e18f41ee36312eb6b9fe560ac8d0d1 1464 libapache2-mod-proxy-html_2.4.7-1ubuntu4.15_i386.deb
 ac1280a38ea8450c19dfee628a90daff1ef70f68 1458 libapache2-mod-macro_2.4.7-1ubuntu4.15_i386.deb
 b3f5c3aa93c1761d1652bb26f4a01cb85db6fc23 87492 apache2_2.4.7-1ubuntu4.15_i386.deb
 7bd4130fc5dba5e475734e4f0c9af7ac47f592b2 159496 apache2-data_2.4.7-1ubuntu4.15_all.deb
 db8c861fc44b71b1b94f3bb22f9565002f3d912d 831248 apache2-bin_2.4.7-1ubuntu4.15_i386.deb
 8ff86426c2cc9f6be52e8b0352c1d2a44e2cd6a0 1464 apache2-mpm-worker_2.4.7-1ubuntu4.15_i386.deb
 0fc88aac7ba8937a1862717519eb50d936e5fbda 1466 apache2-mpm-prefork_2.4.7-1ubuntu4.15_i386.deb
 9b39fac4439f307cc5209ec848979f52815c1c5b 1460 apache2-mpm-event_2.4.7-1ubuntu4.15_i386.deb
 f259c29edf6df796ac06775cc2203370ae94ac79 1462 apache2-mpm-itk_2.4.7-1ubuntu4.15_i386.deb
 f2b671b1281e61f396993801bf445e04bd456b18 1478 apache2.2-bin_2.4.7-1ubuntu4.15_i386.deb
 58f32cc0030987aee5980a8bfb86233886b9f546 83360 apache2-utils_2.4.7-1ubuntu4.15_i386.deb
 5202584f3d6cb7a00c145b593bb4624820283fe3 1440 apache2-suexec_2.4.7-1ubuntu4.15_i386.deb
 905cc6a50c7f2c7a478e25e6d33a933fca3f5141 13578 apache2-suexec-pristine_2.4.7-1ubuntu4.15_i386.deb
 eff277aac9929aa47069a5bd0d16349592409313 15056 apache2-suexec-custom_2.4.7-1ubuntu4.15_i386.deb
 37edb0e03baa5f3e1c2dfbc9dd965c90b1007dde 2646748 apache2-doc_2.4.7-1ubuntu4.15_all.deb
 c3df9c38b9e4940224f08d11450262fd7e111bb2 166650 apache2-dev_2.4.7-1ubuntu4.15_i386.deb
 b77ca4991078859ba4177af0655261abc70bc133 1866398 apache2-dbg_2.4.7-1ubuntu4.15_i386.deb
 8fba4b3f522d51abf331986f7e6c89854ea44dbd 1761896 apache2-bin-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 b5bd75c229d0ba184c567fc60debb6b49ff1a070 95172 apache2-utils-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 7c9d6a608c09a4d25a5317c4c6bdea8b5a128cfc 9148 apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 cfab7c11f942953772d26ccdc8cfcee5375bab9c 10062 apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
Checksums-Sha256: 
 ec14148de5abaa304a8188340b1e07b6ad645ff2d1f4642a9c71220550dfc1c2 1464 libapache2-mod-proxy-html_2.4.7-1ubuntu4.15_i386.deb
 9f47a01bf84f43b07c2b9e0ab4335edc45e3a0c2d1379d2adc1c88fc76858064 1458 libapache2-mod-macro_2.4.7-1ubuntu4.15_i386.deb
 e9de290878e66f530b22f1470df6a9167ff0bda21863570d2c28ac568b1b9c5b 87492 apache2_2.4.7-1ubuntu4.15_i386.deb
 cdcf875d8e0d0303787eccdd50f5d692dd6ddb96b2184b22cca57e2756af2f48 159496 apache2-data_2.4.7-1ubuntu4.15_all.deb
 9c5f0157f954a6e2edc8729529a71fb5df8586fdc7cd504f60131772390e4313 831248 apache2-bin_2.4.7-1ubuntu4.15_i386.deb
 de61cf82dc4f873a8a723d5ead5aec7dbe6496245052ca889be4f0d79d6310c2 1464 apache2-mpm-worker_2.4.7-1ubuntu4.15_i386.deb
 17479b5074167a15dd50e6bb675f19770900c421b73ea5293432cce5370d706e 1466 apache2-mpm-prefork_2.4.7-1ubuntu4.15_i386.deb
 9c880777c9562c0a884e6c14638dd76f810543069b8b3ec686e57b412850e140 1460 apache2-mpm-event_2.4.7-1ubuntu4.15_i386.deb
 fc432c687afa2d47711aa371a8e089dc42d5c90da5a92c761c564e7dc0039c8f 1462 apache2-mpm-itk_2.4.7-1ubuntu4.15_i386.deb
 2a75640b60e549b399fdd57212172e37dd193f57856f71e3a5b1f01a7802d701 1478 apache2.2-bin_2.4.7-1ubuntu4.15_i386.deb
 6c8fd5fdaa4b83ebb5b156bf83505fbc3e52278f090b71c148b54dc3da9bbf04 83360 apache2-utils_2.4.7-1ubuntu4.15_i386.deb
 bd4d950135eaf7771c5b4dd1917780d634baa05ba9915afa3db316ed944980fc 1440 apache2-suexec_2.4.7-1ubuntu4.15_i386.deb
 e36c6c6fa299f1a0e85f5e4bbeeab1f445f857a30b5fd4c6d9aebd6ab7287931 13578 apache2-suexec-pristine_2.4.7-1ubuntu4.15_i386.deb
 54c9c1bf2fa123465631b24349d6914f1cfec3191ddbe72b467d5cf702131c9a 15056 apache2-suexec-custom_2.4.7-1ubuntu4.15_i386.deb
 f22775aab45e187bcb269b4d6349329677ea5ddcabd4b0b98f78fa4824357e6b 2646748 apache2-doc_2.4.7-1ubuntu4.15_all.deb
 2e7e148911b541d96dd9f358d315588b894dc8788d25aa270e64acabf070a12c 166650 apache2-dev_2.4.7-1ubuntu4.15_i386.deb
 e220dacab04f231c618ff35561f3d4180a841e91ff5474d73ff4526f1f248076 1866398 apache2-dbg_2.4.7-1ubuntu4.15_i386.deb
 9e1d5dd08ac39016186c6b131897e267ce3af8905c0cabbba8817536e245be72 1761896 apache2-bin-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 0be9450fd5f0ecca9a298f76d08fe39e93834e70e8beef8ddc431d944741a7c1 95172 apache2-utils-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 cb0f0de3a2b3c940d952d85ddb73db1576a8b33d7d15dd7e27000173e8b1b0f8 9148 apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 cf33cf77e0d1b578e6ff26f1db775fbd648ab23fa1dfb8154dcc233adfd79392 10062 apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
Files: 
 a692648eac77dff747d2ce67c2d768e7 1464 oldlibs extra libapache2-mod-proxy-html_2.4.7-1ubuntu4.15_i386.deb
 85061ba47a78bb24383350e5d820bc6b 1458 oldlibs extra libapache2-mod-macro_2.4.7-1ubuntu4.15_i386.deb
 deb4798d7f69fa1979d7c46a605a7556 87492 httpd optional apache2_2.4.7-1ubuntu4.15_i386.deb
 0eeb6874f4932b3028c47f1accb7fd07 159496 httpd optional apache2-data_2.4.7-1ubuntu4.15_all.deb
 f17818df67f5625d05750f524dabb825 831248 httpd optional apache2-bin_2.4.7-1ubuntu4.15_i386.deb
 1cd44cb47f40f0ca2d7e3b1f4c762d0a 1464 oldlibs extra apache2-mpm-worker_2.4.7-1ubuntu4.15_i386.deb
 6b7e75007f0f46d23ffd55427236e0ec 1466 oldlibs extra apache2-mpm-prefork_2.4.7-1ubuntu4.15_i386.deb
 6403dc3be9e3874215f91c37a8da992d 1460 oldlibs extra apache2-mpm-event_2.4.7-1ubuntu4.15_i386.deb
 2282f97b856ec7d1b6119963bb7260a8 1462 oldlibs extra apache2-mpm-itk_2.4.7-1ubuntu4.15_i386.deb
 ed0fcbe156b4b053c1b8e8f407613a70 1478 oldlibs extra apache2.2-bin_2.4.7-1ubuntu4.15_i386.deb
 f45a2590ce3050208c4befb7c906f700 83360 httpd optional apache2-utils_2.4.7-1ubuntu4.15_i386.deb
 0e620a8464f25b4072ece77f38cc94e2 1440 oldlibs extra apache2-suexec_2.4.7-1ubuntu4.15_i386.deb
 12ce188785740e31c10ef8df2196bfe1 13578 httpd optional apache2-suexec-pristine_2.4.7-1ubuntu4.15_i386.deb
 0b1ffc171fdb7a09b096889894a0000b 15056 httpd extra apache2-suexec-custom_2.4.7-1ubuntu4.15_i386.deb
 4a99fb1789ecd457e5be2b8d0b317381 2646748 doc optional apache2-doc_2.4.7-1ubuntu4.15_all.deb
 9d764793acb05fd50b7ead0ebc1d6135 166650 httpd optional apache2-dev_2.4.7-1ubuntu4.15_i386.deb
 c9cbcbdc8c9772dbef097ea414dc6ae0 1866398 debug extra apache2-dbg_2.4.7-1ubuntu4.15_i386.deb
 9755a6300fb14d21473ae8410655e60e 1761896 httpd extra apache2-bin-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 35513484be9d6b76e870cc9783230382 95172 httpd extra apache2-utils-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 a312003eda9ffb087e9e332cd890e23e 9148 httpd extra apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
 983aa1ff11c2dd079d7257203bdd1583 10062 httpd extra apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.15_i386.ddeb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>