Format: 1.8
Date: Wed, 05 Jan 2022 09:38:48 -0500
Source: apache2
Binary: apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Built-For-Profiles: noudeb
Architecture: amd64 all
Version: 2.4.46-4ubuntu1.5
Distribution: hirsute
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-026.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.46-4ubuntu1.5) hirsute-security; urgency=medium
 .
   * SECURITY UPDATE: DoS or SSRF via forward proxy
     - debian/patches/CVE-2021-44224-1.patch: enforce that fully qualified
       uri-paths not to be forward-proxied have an http(s) scheme, and that
       the ones to be forward proxied have a hostname in
       include/http_protocol.h, modules/http/http_request.c,
       modules/http2/h2_request.c, modules/proxy/mod_proxy.c,
       modules/proxy/proxy_util.c, server/protocol.c.
     - debian/patches/CVE-2021-44224-2.patch: don't prevent forwarding URIs
       w/ no hostname in modules/proxy/mod_proxy.c,
       modules/proxy/proxy_util.c.
     - CVE-2021-44224
   * SECURITY UPDATE: overflow in mod_lua multipart parser
     - debian/patches/CVE-2021-44790.patch: improve error handling in
       modules/lua/lua_request.c.
     - CVE-2021-44790
Checksums-Sha1:
 0eb89256e9c7a253073eb13ec219e4c6ba45e3c7 3304532 apache2-bin-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 8d844a315d4543de737811d1ea7616d358d3f0db 1200752 apache2-bin_2.4.46-4ubuntu1.5_amd64.deb
 80720de64698432bc9316e6f0bb9a3b47d952cf5 158436 apache2-data_2.4.46-4ubuntu1.5_all.deb
 6f76b70d98837462ddfa26c99044052a582d5922 180332 apache2-dev_2.4.46-4ubuntu1.5_amd64.deb
 b3bd6c7c3b4bfa5a0c41551186bfba6b7ba97a57 3863300 apache2-doc_2.4.46-4ubuntu1.5_all.deb
 5a846cef2210b280a3a71a9bbf2b106b43698255 3168 apache2-ssl-dev_2.4.46-4ubuntu1.5_amd64.deb
 51389cc57c1daae6f74563c759b6f227e208e05b 12428 apache2-suexec-custom-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 a139c3a43098b44e12fbea4df70adf67f52fe87c 15572 apache2-suexec-custom_2.4.46-4ubuntu1.5_amd64.deb
 bcd87cc8abf8014f97aa746e16768bf047873519 11172 apache2-suexec-pristine-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 5ec39a205ebd2b066607daee05350a2da361fcb0 14032 apache2-suexec-pristine_2.4.46-4ubuntu1.5_amd64.deb
 0e1e982bdf6c25bab34059b4eaee2abaa16d4cbb 116520 apache2-utils-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 2e174d3e2c4e643db8b5b1c107b102373994118a 85188 apache2-utils_2.4.46-4ubuntu1.5_amd64.deb
 bf429cd405bcb4059a616bfb9c0b9df4d2775b5e 12740 apache2_2.4.46-4ubuntu1.5_amd64.buildinfo
 758ffc0880d99234ddf2b53e994c71a474c43d05 95692 apache2_2.4.46-4ubuntu1.5_amd64.deb
 344eaad95c2e4c435797b499cd3c621a4ea9da65 1004 libapache2-mod-md_2.4.46-4ubuntu1.5_amd64.deb
 e106ae9568b07f7614851a6b627ab8b4c87079d1 1180 libapache2-mod-proxy-uwsgi_2.4.46-4ubuntu1.5_amd64.deb
Checksums-Sha256:
 5eb6cdaefff4795a566fc400c3334ad6f24a4775208f4b6d5ee3dbfe65e25eb6 3304532 apache2-bin-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 5b105a2433f53d965125377de9d07b15aff1df0d3456a7d1efb8a11c83758718 1200752 apache2-bin_2.4.46-4ubuntu1.5_amd64.deb
 aaaa98cf5091bba0d0bf6071f3ce90207adb983a2c21cad82b5e2bf4e25cb3c0 158436 apache2-data_2.4.46-4ubuntu1.5_all.deb
 b6fbf2d6533374ceff1debc75d6b07cc80f5c252ee743da8f30952473cdd33e9 180332 apache2-dev_2.4.46-4ubuntu1.5_amd64.deb
 d1216398b7d433b12ca679a501a0d2bfbaa84b03b9a205f8ce449cb88c0cec55 3863300 apache2-doc_2.4.46-4ubuntu1.5_all.deb
 0d135a6de3195fb7a4aeba352827b0be7c62ee8c9f5ba66fdc26359e9bb269f1 3168 apache2-ssl-dev_2.4.46-4ubuntu1.5_amd64.deb
 cc73fa4d958da9066dd82b166ed1ef21631651d0c777a2a6d46ea4567f9eba1f 12428 apache2-suexec-custom-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 442e7e4daba7c2c3726764042ee2ca409dcec0268e54217116dc2ea790d01c4a 15572 apache2-suexec-custom_2.4.46-4ubuntu1.5_amd64.deb
 8195df4e3b3aaeeec1d60b017eba1c1cf8caa7a0aaa55d8ea718083ee6b58c5f 11172 apache2-suexec-pristine-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 3ac2d19c7e00b6d961777a4dbaf7f7865c30773bd9c03a6ffe2d6804c4a2967c 14032 apache2-suexec-pristine_2.4.46-4ubuntu1.5_amd64.deb
 a57b8bf1ff4e7caa11e9ca1dd379a114817de06f6563cd8cab526630219857d1 116520 apache2-utils-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 b22a098e64a8f0f051fc903e10e9ea1c31b2fd52bd37e9013ad3331b69c5ad16 85188 apache2-utils_2.4.46-4ubuntu1.5_amd64.deb
 bb38833718b88ab5cc8718ff85694cc447146162b4ecda29bd944eb0944591d7 12740 apache2_2.4.46-4ubuntu1.5_amd64.buildinfo
 93c28bd3d23bb5c265365622ea1dac28e5546d76df47ad66be09e99701d48c9c 95692 apache2_2.4.46-4ubuntu1.5_amd64.deb
 d9158a9a5bb66ac1e9b75c838c79bbc02cf310955121863540aa6eec3fe5316b 1004 libapache2-mod-md_2.4.46-4ubuntu1.5_amd64.deb
 cbb08ec9c085c779ea514463e93a867c8e8a5a1a55ecf6579a2ebd67a8975077 1180 libapache2-mod-proxy-uwsgi_2.4.46-4ubuntu1.5_amd64.deb
Files:
 37aa55b7b08d1b6aede996a2fd040812 3304532 debug optional apache2-bin-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 51bb24b7b5b853f4eb09e44fab290073 1200752 httpd optional apache2-bin_2.4.46-4ubuntu1.5_amd64.deb
 79aed2aa4b29ae71af97b8e26b637dba 158436 httpd optional apache2-data_2.4.46-4ubuntu1.5_all.deb
 14701b35913b41517c1edcf7e667baaf 180332 httpd optional apache2-dev_2.4.46-4ubuntu1.5_amd64.deb
 c23766b3cf536f3379a3970f6f05f649 3863300 doc optional apache2-doc_2.4.46-4ubuntu1.5_all.deb
 88675980b9d7a16cedb012c92f0083fd 3168 httpd optional apache2-ssl-dev_2.4.46-4ubuntu1.5_amd64.deb
 095338bc046a0560c0b357985c5da4cd 12428 debug optional apache2-suexec-custom-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 ec79b5c99032853e5be49772be79e2ff 15572 httpd optional apache2-suexec-custom_2.4.46-4ubuntu1.5_amd64.deb
 228f25af4bc2c4c8b2ca7a0ae2451115 11172 debug optional apache2-suexec-pristine-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 465e04ca1ad1a7c4fc5abded6c2b89ac 14032 httpd optional apache2-suexec-pristine_2.4.46-4ubuntu1.5_amd64.deb
 e786bae47e64f073e1ab8c02a1eaf200 116520 debug optional apache2-utils-dbgsym_2.4.46-4ubuntu1.5_amd64.ddeb
 1fdb703ea658946cc2b0cc5c0baaf44d 85188 httpd optional apache2-utils_2.4.46-4ubuntu1.5_amd64.deb
 498013663957c4185547669930ccc24e 12740 httpd optional apache2_2.4.46-4ubuntu1.5_amd64.buildinfo
 68b78acf6b0afeabdca5dd47ef596498 95692 httpd optional apache2_2.4.46-4ubuntu1.5_amd64.deb
 d1c1bf2a2c6af475f9b87669f64eca1c 1004 oldlibs optional libapache2-mod-md_2.4.46-4ubuntu1.5_amd64.deb
 999e07e1dc6602adb2a416d47c842155 1180 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.46-4ubuntu1.5_amd64.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>