Format: 1.8
Date: Tue, 14 Jun 2022 14:52:48 -0300
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg
Architecture: s390x
Version: 2.4.29-1ubuntu4.24
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-014.buildd>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Changes:
 apache2 (2.4.29-1ubuntu4.24) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP Request Smuggling
     - debian/patches/CVE-2022-26377.patch: changing
       precedence between T-E and C-L in modules/proxy/mod_proxy_ajp.c.
     - CVE-2022-26377
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28614.patch: handle large
       writes in ap_rputs.
       in server/util.c.
     - CVE-2022-28614
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28615.patch: fix types
       in server/util.c.
     - CVE-2022-28615
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-29404.patch: cast first
       in modules/lua/lua_request.c.
     - CVE-2022-29404
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-30522.patch: limit mod_sed
       memory use in modules/filters/mod_sec.c,
       modules/filters/sed1.c.
     - CVE-2022-30522
   * SECURITY UPDATE: Returning point past of the buffer
     - debian/patches/CVE-2022-30556.patch: use filters consistently
       in modules/lua/lua_request.c.
     - CVE-2022-30556
   * SECURITY UPDATE: Bypass IP authentication
     - debian/patches/CVE-2022-31813.patch: to clear
       hop-by-hop first and fixup last in modules/proxy/proxy_util.c.
     - CVE-2022-31813
Checksums-Sha1:
 b225e0740d64dad4079396e5cdbe7151e78a29a8 979692 apache2-bin_2.4.29-1ubuntu4.24_s390x.deb
 e61741f980dd7df5d28c9029c1509f9c80380167 4082076 apache2-dbg_2.4.29-1ubuntu4.24_s390x.deb
 17913adc655dfd84a80318828eb9f87047962b51 178056 apache2-dev_2.4.29-1ubuntu4.24_s390x.deb
 2f32b23b0c2909694dea403a1c5c184a5702c25f 2396 apache2-ssl-dev_2.4.29-1ubuntu4.24_s390x.deb
 0e790e334765e2185708fa69af7575dd0c43d944 15116 apache2-suexec-custom_2.4.29-1ubuntu4.24_s390x.deb
 6e5b21e6bb6f4db41e6123024255f1344b9973d6 13596 apache2-suexec-pristine_2.4.29-1ubuntu4.24_s390x.deb
 585911720772b5ae5fdeb91ff809abdb58d1ca8e 81812 apache2-utils_2.4.29-1ubuntu4.24_s390x.deb
 5fe7b60cc8dddd01d27e2558bd359b91173468cd 10216 apache2_2.4.29-1ubuntu4.24_s390x.buildinfo
 bcc152dbcf352531a9cd6ffd40251711355c9e1d 95124 apache2_2.4.29-1ubuntu4.24_s390x.deb
Checksums-Sha256:
 747f2446442a964ef95ae09ebbf2aa568df528ea0530ece51a9faa2f016c431b 979692 apache2-bin_2.4.29-1ubuntu4.24_s390x.deb
 d5abf5d1d4c37b447c70cd0c1238598cacc870752b902911263e2558839dea25 4082076 apache2-dbg_2.4.29-1ubuntu4.24_s390x.deb
 20dfb1a6652ebb8c8113e998c4155d89171ef222fe1743086b57d12df909154a 178056 apache2-dev_2.4.29-1ubuntu4.24_s390x.deb
 49dbcae1cb8ef7acbf495be5cfe7d29e3635d61d09a8d959c47407bf4d64645b 2396 apache2-ssl-dev_2.4.29-1ubuntu4.24_s390x.deb
 35b0e6cb00404477fd33f3ce19d2b2f7c029724714f82c6cad8a323030bbf4f3 15116 apache2-suexec-custom_2.4.29-1ubuntu4.24_s390x.deb
 660c25b3ae1bc16424ed40d11ad74f8e03de4bb1fb6cb3cdd43c04a108d37925 13596 apache2-suexec-pristine_2.4.29-1ubuntu4.24_s390x.deb
 6bd0152a68712fa01bf5991d3b687475ce80d1c3bfbd03d3f7b03276fcdb2a9b 81812 apache2-utils_2.4.29-1ubuntu4.24_s390x.deb
 a4044eec503833dea748d76f071a61a5bc3b4319ef951d800da86f0bdbdda91d 10216 apache2_2.4.29-1ubuntu4.24_s390x.buildinfo
 177c39f98d07bc662154a774a56ae694ead91645427bce57b287b7346f351fce 95124 apache2_2.4.29-1ubuntu4.24_s390x.deb
Files:
 10e0b2659ab68b2dc5f55b6f7ef8d227 979692 httpd optional apache2-bin_2.4.29-1ubuntu4.24_s390x.deb
 244cdb8a9bdab11b561bba14d2915eba 4082076 debug optional apache2-dbg_2.4.29-1ubuntu4.24_s390x.deb
 a902c4f222d7729d52a5c95500e2936e 178056 httpd optional apache2-dev_2.4.29-1ubuntu4.24_s390x.deb
 443fa700a6d603b08d7f45ac8447a83e 2396 httpd optional apache2-ssl-dev_2.4.29-1ubuntu4.24_s390x.deb
 0e6fc5366ebe782cc5cdf46840827d89 15116 httpd optional apache2-suexec-custom_2.4.29-1ubuntu4.24_s390x.deb
 dc85a3331c53c0501b6ee5a9c8c789aa 13596 httpd optional apache2-suexec-pristine_2.4.29-1ubuntu4.24_s390x.deb
 554b56f96cdde36b8ff2735b7cc947b8 81812 httpd optional apache2-utils_2.4.29-1ubuntu4.24_s390x.deb
 f789dfd4db15a2ba04e173bde1e327eb 10216 httpd optional apache2_2.4.29-1ubuntu4.24_s390x.buildinfo
 a2c1e9289714063adde4317ad2db131e 95124 httpd optional apache2_2.4.29-1ubuntu4.24_s390x.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>