Format: 1.8
Date: Wed, 18 Apr 2018 10:53:04 -0400
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: powerpc
Version: 2.4.18-2ubuntu3.8
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-powerpc-008.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Changes:
 apache2 (2.4.18-2ubuntu3.8) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
     - debian/patches/CVE-2017-15710.patch: fix language long names
       detection as short name in modules/aaa/mod_authnz_ldap.c.
     - CVE-2017-15710
   * SECURITY UPDATE: incorrect <FilesMatch> matching
     - debian/patches/CVE-2017-15715-pre.patch: add ap_cstr_casecmp[n]() to
       include/httpd.h, server/util.c.
     - debian/patches/CVE-2017-15715.patch: allow to configure
       global/default options for regexes, like caseless matching or
       extended format in include/ap_regex.h, server/core.c,
       server/util_pcre.c.
     - CVE-2017-15715
   * SECURITY UPDATE: mod_session header manipulation
     - debian/patches/CVE-2018-1283.patch: strip Session header when
       SessionEnv is on in modules/session/mod_session.c.
     - CVE-2018-1283
   * SECURITY UPDATE: DoS via specially-crafted request
     - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL
       terminated on any error, not only on buffer full in
       server/protocol.c.
     - CVE-2018-1301
   * SECURITY UPDATE: mod_cache_socache DoS
     - debian/patches/CVE-2018-1303.patch: fix caching of empty headers up
       to carriage return in modules/cache/mod_cache_socache.c.
     - CVE-2018-1303
   * SECURITY UPDATE: insecure nonce generation
     - debian/patches/CVE-2018-1312.patch: actually use the secret when
       generating nonces in modules/aaa/mod_auth_digest.c.
     - CVE-2018-1312
Checksums-Sha1:
 ef7bec50206fdddb76e6fc17b9f8246f74423705 994 apache2-bin-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 ea2e11bac862d28ab6a891c9b5232cdb886c82c6 811068 apache2-bin_2.4.18-2ubuntu3.8_powerpc.deb
 62a3e18894f352d7eb8ca29866abe181de5bf420 2004348 apache2-dbg_2.4.18-2ubuntu3.8_powerpc.deb
 a326fe6bb4caa533e2c24315a906e3337df33f06 974 apache2-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 8a459d0f6e401d9ff1b7f35d4967bb618cab25cd 1114 apache2-dev-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 aa6aa5d1beb40cf3b63570fa87444e6595d48721 173150 apache2-dev_2.4.18-2ubuntu3.8_powerpc.deb
 0d2bcd5cfb77f78973d50e606a704247acf3aece 980 apache2-suexec-custom-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 1c8d6b4f09ef63986b6677ceaafd018345bde6c3 14980 apache2-suexec-custom_2.4.18-2ubuntu3.8_powerpc.deb
 a7d3aeff187d9f497935bfa8042ab67d9016c730 922 apache2-suexec-pristine-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 6aa549e29df7f4fda1a0e4331b6916fef909ce10 13442 apache2-suexec-pristine_2.4.18-2ubuntu3.8_powerpc.deb
 4833ebc1eab3ba5c8135b160c6957fa1a03e7ebc 1194 apache2-utils-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 80641b0528921abf1074403bb2eca6cf4c6298da 83876 apache2-utils_2.4.18-2ubuntu3.8_powerpc.deb
 2e3a07292fe894b935044879cee834cc199fc6c5 86834 apache2_2.4.18-2ubuntu3.8_powerpc.deb
Checksums-Sha256:
 f45b2c28e35da485db8ad7c075b917ff9eaa55cd52a4050eb0abc9dda8ffca7a 994 apache2-bin-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 ac27b952728fd43dd99de48c1e1e81677246981f475fa71c26d796999138aae7 811068 apache2-bin_2.4.18-2ubuntu3.8_powerpc.deb
 390f46f3c7a820fd57cfdb50627b00777e53f9672f7537d58996ca1bd35f3972 2004348 apache2-dbg_2.4.18-2ubuntu3.8_powerpc.deb
 97d7b5275b42195e4dcd5ae76dbb3d32bba7145829dacff1c7004f92dfdd15f4 974 apache2-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 4e7b11ea055571da080f090ec8717c6d97f153080c3fadb16f3b2f9144b3ad1d 1114 apache2-dev-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 f18a6e77591232025b68a5f82228886414f3be5f8960e0e2443c011c3dc90e27 173150 apache2-dev_2.4.18-2ubuntu3.8_powerpc.deb
 f3027717e2eafb3a65bffd791eaf4ec4f0ecde5fdec64365b5a1a3b948738431 980 apache2-suexec-custom-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 ba4e9131e4155c5eb1e2b4dd7bc5ec84d426188600ed81f125d6dbcd9f8e24b9 14980 apache2-suexec-custom_2.4.18-2ubuntu3.8_powerpc.deb
 be1cbe2f4e4561d0ff82d671cad399318f3aba2297b62bf9bd99e0c1e91413f1 922 apache2-suexec-pristine-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 44e67b7ee7634134eba81819fde8fd38c39f3888f52ce34adb4041e0d66c4890 13442 apache2-suexec-pristine_2.4.18-2ubuntu3.8_powerpc.deb
 2e3a9f33708fea6d92621c90317b764f65e479bf099457fae428e2303cc66864 1194 apache2-utils-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 5e4c205213e76bcf2af104298db8a04e6b6967b49aaeb700894507eb18aae2f2 83876 apache2-utils_2.4.18-2ubuntu3.8_powerpc.deb
 e4e82ce4d728c7ce1fc0ebc61d6fed158c9747ff7012a5a24ba9a1b80cf6b777 86834 apache2_2.4.18-2ubuntu3.8_powerpc.deb
Files:
 139e06a7e42b3503cfaad88eeeaeb7e1 994 httpd extra apache2-bin-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 d92ced19981bcf2ee8c2aa0d94893f86 811068 httpd optional apache2-bin_2.4.18-2ubuntu3.8_powerpc.deb
 4712637326da99dd632eaddc9b2a5687 2004348 debug extra apache2-dbg_2.4.18-2ubuntu3.8_powerpc.deb
 d1aa5fe9fc4c0dd996820d38c8ad25b2 974 httpd extra apache2-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 4f60d39cb13f3d2b2b47b82e2a15d99f 1114 httpd extra apache2-dev-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 9d49042142101a34f6b60ee080266925 173150 httpd optional apache2-dev_2.4.18-2ubuntu3.8_powerpc.deb
 5e0d4707543a7eea70b928f10fbdd2af 980 httpd extra apache2-suexec-custom-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 8d0f1b597e862487340f0518c35c707e 14980 httpd extra apache2-suexec-custom_2.4.18-2ubuntu3.8_powerpc.deb
 da83cd16b4cfa9315dc426887d08b70b 922 httpd extra apache2-suexec-pristine-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 69f9b5e2da891dce1a3437d10a7eb606 13442 httpd optional apache2-suexec-pristine_2.4.18-2ubuntu3.8_powerpc.deb
 5810f849f3ac0541f2159399c7902c40 1194 httpd extra apache2-utils-dbgsym_2.4.18-2ubuntu3.8_powerpc.ddeb
 07e32280167868ecda7598451304b0e7 83876 httpd optional apache2-utils_2.4.18-2ubuntu3.8_powerpc.deb
 3e2764dd153dbc19e17f32b56432b5ff 86834 httpd optional apache2_2.4.18-2ubuntu3.8_powerpc.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>