Format: 1.8
Date: Wed, 18 Apr 2018 11:13:36 -0400
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: i386 all
Version: 2.4.7-1ubuntu4.20
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-058.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (binary files and modules)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-mpm-event - transitional event MPM package for apache2
 apache2-mpm-itk - transitional itk MPM package for apache2
 apache2-mpm-prefork - transitional prefork MPM package for apache2
 apache2-mpm-worker - transitional worker MPM package for apache2
 apache2-suexec - transitional package for apache2-suexec-pristine
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 apache2.2-bin - Transitional package for apache2-bin
 libapache2-mod-macro - Transitional package for apache2-bin
 libapache2-mod-proxy-html - Transitional package for apache2-bin
Changes: 
 apache2 (2.4.7-1ubuntu4.20) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
     - debian/patches/CVE-2017-15710.patch: fix language long names
       detection as short name in modules/aaa/mod_authnz_ldap.c.
     - CVE-2017-15710
   * SECURITY UPDATE: incorrect <FilesMatch> matching
     - debian/patches/CVE-2017-15715-pre.patch: add ap_cstr_casecmp[n]() to
       include/httpd.h, server/util.c.
     - debian/patches/CVE-2017-15715.patch: allow to configure
       global/default options for regexes, like caseless matching or
       extended format in include/ap_regex.h, server/core.c,
       server/util_pcre.c.
     - CVE-2017-15715
   * SECURITY UPDATE: mod_session header manipulation
     - debian/patches/CVE-2018-1283.patch: strip Session header when
       SessionEnv is on in modules/session/mod_session.c.
     - CVE-2018-1283
   * SECURITY UPDATE: DoS via specially-crafted request
     - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL
       terminated on any error, not only on buffer full in
       server/protocol.c.
     - CVE-2018-1301
   * SECURITY UPDATE: mod_cache_socache DoS
     - debian/patches/CVE-2018-1303.patch: fix caching of empty headers up
       to carriage return in modules/cache/mod_cache_socache.c.
     - CVE-2018-1303
   * SECURITY UPDATE: insecure nonce generation
     - debian/patches/CVE-2018-1312.patch: actually use the secret when
       generating nonces in modules/aaa/mod_auth_digest.c.
     - CVE-2018-1312
Checksums-Sha1: 
 b54a35121615637ab2fcb38d256f4c36fe21b77e 1466 libapache2-mod-proxy-html_2.4.7-1ubuntu4.20_i386.deb
 c067b01aaa54145d993960a5008e2e02934f54c0 1452 libapache2-mod-macro_2.4.7-1ubuntu4.20_i386.deb
 c044b68314f94347c06957adcb60ff3227e74d60 87550 apache2_2.4.7-1ubuntu4.20_i386.deb
 f31fc3ae3345e24c49ba991b3f9229488971ab3f 159900 apache2-data_2.4.7-1ubuntu4.20_all.deb
 ec93ff14df8c969a7792d6f25516e61aadef6a8b 828592 apache2-bin_2.4.7-1ubuntu4.20_i386.deb
 14d1b6f30f182d1b48ae8520fcc9c2156c06b0c2 1460 apache2-mpm-worker_2.4.7-1ubuntu4.20_i386.deb
 53cb6d162d7a5da5e104c4cceb1072d3706d2ddc 1462 apache2-mpm-prefork_2.4.7-1ubuntu4.20_i386.deb
 5a284ce5425d2a83a3cc35e2124837e1b3ec05ca 1458 apache2-mpm-event_2.4.7-1ubuntu4.20_i386.deb
 b4577109b44a6b0e9735ac559b562b7bab28d75c 1462 apache2-mpm-itk_2.4.7-1ubuntu4.20_i386.deb
 8227b8af6a5366a7bf90753b953afd2d6de167d2 1478 apache2.2-bin_2.4.7-1ubuntu4.20_i386.deb
 cbf2ee99792038483b6969c8e6a901bf2ece8948 83236 apache2-utils_2.4.7-1ubuntu4.20_i386.deb
 8060b03db6358d28f762ec49a5dfcf68007f894e 1434 apache2-suexec_2.4.7-1ubuntu4.20_i386.deb
 87c9a374369ddc80e3ad4a4c3f4fec28d66211ba 13590 apache2-suexec-pristine_2.4.7-1ubuntu4.20_i386.deb
 228340f7ee07aceebbf8f9cfd3a214d5c0174469 15058 apache2-suexec-custom_2.4.7-1ubuntu4.20_i386.deb
 edbbef53496d8b4c63d62b4b64de96dfabc4e8aa 2637040 apache2-doc_2.4.7-1ubuntu4.20_all.deb
 be2e6b434c014a17c614e63d738da77d832eafd8 167412 apache2-dev_2.4.7-1ubuntu4.20_i386.deb
 3e353e49c3f3081ad675fc74f4504642e472d33f 1862876 apache2-dbg_2.4.7-1ubuntu4.20_i386.deb
 d5ee160a2bb23251e47e0cefed90e9c19445a04c 1756984 apache2-bin-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 28baacbfe13f28181dbff1949f272dfc42784405 95362 apache2-utils-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 c859c9f3fed18bb43cdb186f946eb8da3fb7a554 9144 apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 1f68aded1dce2a8c8cbc8aa26084fc54d6ae9c44 10052 apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
Checksums-Sha256: 
 4e5232d451461ce2344ae7b11d2010151bf7c9e11779abf35b85db406f6fcb26 1466 libapache2-mod-proxy-html_2.4.7-1ubuntu4.20_i386.deb
 174ecaf7d203671c1c6b4d7d42f2ac3f096e98ff752a08da0912d46d27af1aec 1452 libapache2-mod-macro_2.4.7-1ubuntu4.20_i386.deb
 d45ede07f50d51bc94aaec27c3bba259d2ebb18d88070de2dc867347697cd636 87550 apache2_2.4.7-1ubuntu4.20_i386.deb
 d18b0e7aabecef5ee6bccae44c6babe076144d2b4532121873552efae479bb46 159900 apache2-data_2.4.7-1ubuntu4.20_all.deb
 7db283a77c9bf1b46a5fd965f471db6081ee72dd02004b53fabfd7dd96f9b8ec 828592 apache2-bin_2.4.7-1ubuntu4.20_i386.deb
 cda5a8f29bf812bb59bbd9e1072b6fa51dbc8dfb81d19788928c07846d48aa5b 1460 apache2-mpm-worker_2.4.7-1ubuntu4.20_i386.deb
 cfe69471c5c38cad89c32c67febf484aa75027c8755a61b66797805ed0b38e11 1462 apache2-mpm-prefork_2.4.7-1ubuntu4.20_i386.deb
 8f8abe556494589e48de1e4065c1010fa228d6a26c42419c91429b087f6d25d9 1458 apache2-mpm-event_2.4.7-1ubuntu4.20_i386.deb
 931349fe6e5725cbbaa5822b1d6306d2a59cf17f59a7a58b39fce557ae27360d 1462 apache2-mpm-itk_2.4.7-1ubuntu4.20_i386.deb
 4ba2643da48763e97ec5093093e848050da08401cd82b590c91cf56b805c5d67 1478 apache2.2-bin_2.4.7-1ubuntu4.20_i386.deb
 c310fb637a90c0eddc2ede4264c7ffcf8301aef871dc97e473f0879dac32f97a 83236 apache2-utils_2.4.7-1ubuntu4.20_i386.deb
 298f2c11e558e1513eef1890fdbce898e4a998e03e9485255678986e06856d1e 1434 apache2-suexec_2.4.7-1ubuntu4.20_i386.deb
 f075eecee5487aea1d789042c2e32479b9005cdfefec3e3dbd4303e0278145e7 13590 apache2-suexec-pristine_2.4.7-1ubuntu4.20_i386.deb
 d6247d38d6fd8f28894589ac6165c9c85542b569ba6ffffc21196ff5cfd3906a 15058 apache2-suexec-custom_2.4.7-1ubuntu4.20_i386.deb
 3c28c61e00130176b0f36a55296edb0bb0936858aabf1addce5ed99ce75473cd 2637040 apache2-doc_2.4.7-1ubuntu4.20_all.deb
 bd2fcb83255898d68b9e8ca5451f9fb5d24099ad1f46e0e18532d5a225032650 167412 apache2-dev_2.4.7-1ubuntu4.20_i386.deb
 2873864a1f5f7bfe28aa2aa5be0a41cdf2145f968977e0b4e5e121bc444dc9c1 1862876 apache2-dbg_2.4.7-1ubuntu4.20_i386.deb
 d8e5d99efa0626a273a920011a9fb0cc89ff383dfc70d79a21222bed76d6150a 1756984 apache2-bin-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 4f0c1096311a91c433d420abe14a8636acceb962d6ea817245aafc92c88f6e20 95362 apache2-utils-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 4b883058bc69d4fc45721ba9d02e8b9b0691dd580d697b30111aca6f7af2b57a 9144 apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 83cdb1d4c2af2a285fd3b70777b2fa87ea4d8cc834dd7e52281da93ca1bab7e2 10052 apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
Files: 
 ad8578ce938d2d70f07557c77d209542 1466 oldlibs extra libapache2-mod-proxy-html_2.4.7-1ubuntu4.20_i386.deb
 88b295e8aed29a1634ad14a1877342f0 1452 oldlibs extra libapache2-mod-macro_2.4.7-1ubuntu4.20_i386.deb
 060835b0df08008441268ffcb2a0ad75 87550 httpd optional apache2_2.4.7-1ubuntu4.20_i386.deb
 534d9ab4415fa6e12b0a7ed90881baea 159900 httpd optional apache2-data_2.4.7-1ubuntu4.20_all.deb
 393cbbe4b99b0487f31f45fa123d5de7 828592 httpd optional apache2-bin_2.4.7-1ubuntu4.20_i386.deb
 a1d2e8e2c4fb5c11aea1259ba4dfa161 1460 oldlibs extra apache2-mpm-worker_2.4.7-1ubuntu4.20_i386.deb
 b7b6b0156e1da1ed1fb3d309125e7e62 1462 oldlibs extra apache2-mpm-prefork_2.4.7-1ubuntu4.20_i386.deb
 a01fea0b12b32ab9c9ef607eb752c031 1458 oldlibs extra apache2-mpm-event_2.4.7-1ubuntu4.20_i386.deb
 2e30ea3f3ddee8e913c6883b99f52836 1462 oldlibs extra apache2-mpm-itk_2.4.7-1ubuntu4.20_i386.deb
 47c27b78b9bf8ca6daf78db7e063e3cc 1478 oldlibs extra apache2.2-bin_2.4.7-1ubuntu4.20_i386.deb
 46ce045d361e3579294d8d38487bdd38 83236 httpd optional apache2-utils_2.4.7-1ubuntu4.20_i386.deb
 08c51080cb684a668374b852ed8bd43a 1434 oldlibs extra apache2-suexec_2.4.7-1ubuntu4.20_i386.deb
 7237105030b42d8f20f677be68340cdd 13590 httpd optional apache2-suexec-pristine_2.4.7-1ubuntu4.20_i386.deb
 2ffb703404078eaefb46a3e568990bb0 15058 httpd extra apache2-suexec-custom_2.4.7-1ubuntu4.20_i386.deb
 a69791170ff5b16b50ea01b90afb11b6 2637040 doc optional apache2-doc_2.4.7-1ubuntu4.20_all.deb
 632e7460cf7fe18d916e6aadd0bf228c 167412 httpd optional apache2-dev_2.4.7-1ubuntu4.20_i386.deb
 ec2553f64c602bb105aa905300586fbe 1862876 debug extra apache2-dbg_2.4.7-1ubuntu4.20_i386.deb
 9dd820a0723814f945d48210343345d4 1756984 httpd extra apache2-bin-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 fc7f11ce889cb9abddf68260bcccadb9 95362 httpd extra apache2-utils-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 7928054c3efda792355e2769b0a73424 9144 httpd extra apache2-suexec-pristine-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
 57e78cf646d7b942d2c1815ed1593dac 10052 httpd extra apache2-suexec-custom-dbgsym_2.4.7-1ubuntu4.20_i386.ddeb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>