Format: 1.8
Date: Tue, 14 Jun 2022 10:30:55 -0300
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: armhf
Version: 2.4.41-4ubuntu3.12
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-062.buildd>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.41-4ubuntu3.12) focal-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP Request Smuggling
     - debian/patches/CVE-2022-26377.patch: changing
       precedence between T-E and C-L in modules/proxy/mod_proxy_ajp.c.
     - CVE-2022-26377
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28614.patch: handle large
       writes in ap_rputs.
       in server/util.c.
     - CVE-2022-28614
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28615.patch: fix types
       in server/util.c.
     - CVE-2022-28615
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-29404.patch: cast first
       in modules/lua/lua_request.c.
     - CVE-2022-29404
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-30522.patch: limit mod_sed
       memory use in modules/filters/mod_sec.c,
       modules/filters/sed1.c.
     - CVE-2022-30522
   * SECURITY UPDATE: Returning point past of the buffer
     - debian/patches/CVE-2022-30556.patch: use filters consistently
       in modules/lua/lua_request.c.
     - CVE-2022-30556
   * SECURITY UPDATE: Bypass IP authentication
     - debian/patches/CVE-2022-31813.patch: to clear
       hop-by-hop first and fixup last in modules/proxy/proxy_util.c.
     - CVE-2022-31813
Checksums-Sha1:
 0f281cb16128715d0918445d97d8d171f052f164 4796144 apache2-bin-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 db16419c1d4fb03c98aaab3fe7456585a6b6c69b 1025184 apache2-bin_2.4.41-4ubuntu3.12_armhf.deb
 2ab9389f46bea4a5a12042e83b27b897f65770c8 179644 apache2-dev_2.4.41-4ubuntu3.12_armhf.deb
 30212fd8ae80071e21e7255d2baf4abb250de50c 3156 apache2-ssl-dev_2.4.41-4ubuntu3.12_armhf.deb
 a08600da8aed0e0ff01b107e0bd5160a8b67ee04 12824 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 5105d6ed583008c6a66b252438af9b19ba72dc14 14584 apache2-suexec-custom_2.4.41-4ubuntu3.12_armhf.deb
 c973542b60c0a2eab4004b05daf8b6a0b984f92f 11564 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 2c46707c4b57f4b9e9aa74a5568491e26ae37fcd 13196 apache2-suexec-pristine_2.4.41-4ubuntu3.12_armhf.deb
 ff769ead507122a31992a61967c1b879d60b0838 141648 apache2-utils-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 0dce931cfdcbce2a067c2d42a33ae1ff767680f6 84560 apache2-utils_2.4.41-4ubuntu3.12_armhf.deb
 a45ab9be63afb065c69ea98d159980f496225664 11838 apache2_2.4.41-4ubuntu3.12_armhf.buildinfo
 212b5d8dea48312886b541e254b33c30355750b5 95592 apache2_2.4.41-4ubuntu3.12_armhf.deb
 cbb5dfaee68a021c6f1f935f098482e73d8f7cc3 988 libapache2-mod-md_2.4.41-4ubuntu3.12_armhf.deb
 dc03457bc9b21de5858688c84d3ca302def7a0c9 1184 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.12_armhf.deb
Checksums-Sha256:
 4ea72249d86e9e07f7205450ae94797596b41e7a46637a448a7061ed91ef3736 4796144 apache2-bin-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 a20b90887449f004f54ef204516662c9d4009eeca181158f659d8892c0d4d1ff 1025184 apache2-bin_2.4.41-4ubuntu3.12_armhf.deb
 cb9f4ad15de707bf37bcb4a7f2563c5e92105a4712fb6756784a098b5df39378 179644 apache2-dev_2.4.41-4ubuntu3.12_armhf.deb
 391e3cea093f9d7c977424cde47300b3384f87d749b763c317e9b7efdf167d16 3156 apache2-ssl-dev_2.4.41-4ubuntu3.12_armhf.deb
 7ecd72b5d584ea0a359c1c0de8892681bf45d56d80dc86406858ae9f563e9fd3 12824 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 92d0c0049f0872ea738167aa3dede4473d2b71c52ff66433c4a0dfcef744cd8a 14584 apache2-suexec-custom_2.4.41-4ubuntu3.12_armhf.deb
 3c0db6a29fb75a1844e6ef59ea02acede404b4b5652471138ab8dffb388d8c3b 11564 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 e8ab3e5e0df3b26d1528cb5b58d8c500989d480614e7bda5aa7fda31d08e2720 13196 apache2-suexec-pristine_2.4.41-4ubuntu3.12_armhf.deb
 d65c7589f1a85fe39a888493aa89493617fb01e94162fd80f9f35b1bfdbbb98b 141648 apache2-utils-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 ea4fa06e15d2e33f149beeaea2633ef351344309187ae6214104e4454d34ac22 84560 apache2-utils_2.4.41-4ubuntu3.12_armhf.deb
 87e313c189fcf960c50ebc7e288100f6dce66671088861b0a7f4c648499ffdde 11838 apache2_2.4.41-4ubuntu3.12_armhf.buildinfo
 13882bde4406c9e0e6799ec4d6591a3f16ffa7e9f908054850c96da581f56714 95592 apache2_2.4.41-4ubuntu3.12_armhf.deb
 af1b849c6c779c9c45a60b1f5682e9e852deacae5d00f772012025a2a622b332 988 libapache2-mod-md_2.4.41-4ubuntu3.12_armhf.deb
 e2dc611549bf982caab4893f3b6a6973ab92db40e32ba844ce5ebaab090bad22 1184 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.12_armhf.deb
Files:
 d2db823bd91600e2d932095d533066a3 4796144 debug optional apache2-bin-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 5ab9bfdee1d53b8501d6782276f7bab6 1025184 httpd optional apache2-bin_2.4.41-4ubuntu3.12_armhf.deb
 836aef5831eb0e25affc8e7baa4d616a 179644 httpd optional apache2-dev_2.4.41-4ubuntu3.12_armhf.deb
 2f1b7cc377849dfee09cedaf70c41e9b 3156 httpd optional apache2-ssl-dev_2.4.41-4ubuntu3.12_armhf.deb
 9d734b348cb28334a029719f413c76b0 12824 debug optional apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 0e0bccbb298ab2273f435ff212146141 14584 httpd optional apache2-suexec-custom_2.4.41-4ubuntu3.12_armhf.deb
 c4d12b11370b1aff25e000e11e0698c5 11564 debug optional apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 1bdc2a50b82b3d883121265ea273a93a 13196 httpd optional apache2-suexec-pristine_2.4.41-4ubuntu3.12_armhf.deb
 0c2625228804c411fe2cb5f711fa333a 141648 debug optional apache2-utils-dbgsym_2.4.41-4ubuntu3.12_armhf.ddeb
 ed36db39c1c5d1ded414b13da41f3fde 84560 httpd optional apache2-utils_2.4.41-4ubuntu3.12_armhf.deb
 5cc554e0307d9a43016af253f0ec60b3 11838 httpd optional apache2_2.4.41-4ubuntu3.12_armhf.buildinfo
 ad9bf0622cbd4d697376152cc751e0f6 95592 httpd optional apache2_2.4.41-4ubuntu3.12_armhf.deb
 ac7e3d371c8bc391453def6d016d8b42 988 oldlibs optional libapache2-mod-md_2.4.41-4ubuntu3.12_armhf.deb
 fe62a77711e04f7a298f82d011ec5db2 1184 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.12_armhf.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>