Format: 1.8
Date: Tue, 14 Jun 2022 10:30:55 -0300
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: riscv64
Version: 2.4.41-4ubuntu3.12
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@riscv64-qemu-lgw01-007.buildd>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.41-4ubuntu3.12) focal-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP Request Smuggling
     - debian/patches/CVE-2022-26377.patch: changing
       precedence between T-E and C-L in modules/proxy/mod_proxy_ajp.c.
     - CVE-2022-26377
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28614.patch: handle large
       writes in ap_rputs.
       in server/util.c.
     - CVE-2022-28614
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28615.patch: fix types
       in server/util.c.
     - CVE-2022-28615
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-29404.patch: cast first
       in modules/lua/lua_request.c.
     - CVE-2022-29404
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-30522.patch: limit mod_sed
       memory use in modules/filters/mod_sec.c,
       modules/filters/sed1.c.
     - CVE-2022-30522
   * SECURITY UPDATE: Returning point past of the buffer
     - debian/patches/CVE-2022-30556.patch: use filters consistently
       in modules/lua/lua_request.c.
     - CVE-2022-30556
   * SECURITY UPDATE: Bypass IP authentication
     - debian/patches/CVE-2022-31813.patch: to clear
       hop-by-hop first and fixup last in modules/proxy/proxy_util.c.
     - CVE-2022-31813
Checksums-Sha1:
 6d6da656cefac06a1a2f77680bd6d30c8974ccfb 4793392 apache2-bin-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 89357697d0aafec8041267000bb663cada9c77cc 1000636 apache2-bin_2.4.41-4ubuntu3.12_riscv64.deb
 65872d572f0d09c373632934d4addb9aa545baa3 179636 apache2-dev_2.4.41-4ubuntu3.12_riscv64.deb
 204004ee9b61c73c9946cb53e02d1c871b282072 3156 apache2-ssl-dev_2.4.41-4ubuntu3.12_riscv64.deb
 c38d62772c0a95097a5654919135f3adc5134465 12800 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 f699493814b4ba76c9cbb998c047f6978a0987ca 14748 apache2-suexec-custom_2.4.41-4ubuntu3.12_riscv64.deb
 63eaf7eb02b28ffca5cf6c1c3f2057b87c578da4 11640 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 2e17f16322017eb3af1cdd4cca1f045093214312 13256 apache2-suexec-pristine_2.4.41-4ubuntu3.12_riscv64.deb
 db41236c5a46be9c187adeecdd48f7e2d9143820 140152 apache2-utils-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 1baea4089febdb7d2822ebc03c1d9df2cab66baa 80004 apache2-utils_2.4.41-4ubuntu3.12_riscv64.deb
 73d4310944396a22eda333e725fe14a7c2289aac 11801 apache2_2.4.41-4ubuntu3.12_riscv64.buildinfo
 e3590cd8d981e1da94336fae0f635b9c39ae6f7b 95600 apache2_2.4.41-4ubuntu3.12_riscv64.deb
 bb58934bc38b006738ece08d80b223eceb3379db 992 libapache2-mod-md_2.4.41-4ubuntu3.12_riscv64.deb
 b773d951a19fb6bce7e2873202606551d95251d2 1188 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.12_riscv64.deb
Checksums-Sha256:
 6cd5ed7cd0cdbdc74790f11278101ebf07d878155035f5584dd12f3ac075d758 4793392 apache2-bin-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 565b34d1661012033e70b925092f41b40ce5cf8d7597d8962930d55504b53cbb 1000636 apache2-bin_2.4.41-4ubuntu3.12_riscv64.deb
 5a7c65762b0267a8d6878cea3d70447ad96bcb70ad911c2b08a7c3aa3d126e94 179636 apache2-dev_2.4.41-4ubuntu3.12_riscv64.deb
 901ca5804d6dec9be09289367cc10e2914830187b0e35a9b38c832323eca0578 3156 apache2-ssl-dev_2.4.41-4ubuntu3.12_riscv64.deb
 92526cf80bcf1ad932794d74a49d93b7770880a8a4c5463fce968057bd4c63b6 12800 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 fb26c5a7d3bf21044183b9737deeee0e68c27607da37422c3fde4262ab006363 14748 apache2-suexec-custom_2.4.41-4ubuntu3.12_riscv64.deb
 07af80d502e2aae52cbd8abe8029ec31bef13b1eb4703810377269bb50770b04 11640 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 5bf687f3b5be3c5429dd36ab2468d1a4b4f95b6a42329255f4940c59c3cb852d 13256 apache2-suexec-pristine_2.4.41-4ubuntu3.12_riscv64.deb
 f7d31408a31c8752b471bf8f533d09c48982966db063e582c352e10b09a8c478 140152 apache2-utils-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 46bb410f59e45884916b64ccd9b6ae8894ab096297932e1f0c10c0db5784a1cc 80004 apache2-utils_2.4.41-4ubuntu3.12_riscv64.deb
 e5494e78cbf8fdc2c83b1ccbeb79f21bd177f9db37dd56615d3205c80c36362e 11801 apache2_2.4.41-4ubuntu3.12_riscv64.buildinfo
 a019502ae29f97dd529ac0a41f3b031f96a98233fb79fc6cb760f9b49d812569 95600 apache2_2.4.41-4ubuntu3.12_riscv64.deb
 1c4bd0a94d666489ae270c88e0606a7622304e2502b7852ff7ff9c7b306e45b8 992 libapache2-mod-md_2.4.41-4ubuntu3.12_riscv64.deb
 b728ab71a361e09451c66b2145a7014ecda63a3bef150761358e10f17682fe1b 1188 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.12_riscv64.deb
Files:
 6154a429735218a9cc939d6209a499db 4793392 debug optional apache2-bin-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 33fc4febee20ff5b33cbb98e354f3549 1000636 httpd optional apache2-bin_2.4.41-4ubuntu3.12_riscv64.deb
 6de9e6e123f3bb9b9dce7e9ec36ea42e 179636 httpd optional apache2-dev_2.4.41-4ubuntu3.12_riscv64.deb
 233cb2b68f6732351108b0f9c33e07c7 3156 httpd optional apache2-ssl-dev_2.4.41-4ubuntu3.12_riscv64.deb
 d8f1caaaae3d5cde5e6423d41ef98030 12800 debug optional apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 c1890b8e2eccdc723adafe2b57d82b33 14748 httpd optional apache2-suexec-custom_2.4.41-4ubuntu3.12_riscv64.deb
 02244de13dc122945051e43ac6e8a5a1 11640 debug optional apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 244f3829ee76d20f435999778f5d2c0f 13256 httpd optional apache2-suexec-pristine_2.4.41-4ubuntu3.12_riscv64.deb
 dca6197893e529650095a69414bcf60d 140152 debug optional apache2-utils-dbgsym_2.4.41-4ubuntu3.12_riscv64.ddeb
 757059382185244df741f788e17678a0 80004 httpd optional apache2-utils_2.4.41-4ubuntu3.12_riscv64.deb
 ec5f743291fe5a5ae0a90c21fcfc5a35 11801 httpd optional apache2_2.4.41-4ubuntu3.12_riscv64.buildinfo
 ee04ddf5e236775e8e259b142bec5f3f 95600 httpd optional apache2_2.4.41-4ubuntu3.12_riscv64.deb
 b577806bbc5b36a1253ed70d0bdedf44 992 oldlibs optional libapache2-mod-md_2.4.41-4ubuntu3.12_riscv64.deb
 f42bc55ab466a745f1622477e2b0da3b 1188 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.12_riscv64.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>