Format: 1.8 Date: Wed, 08 Mar 2023 12:34:33 -0500 Source: apache2 Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg Architecture: i386 Version: 2.4.29-1ubuntu4.27 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: apache2 - Apache HTTP Server apache2-bin - Apache HTTP Server (modules and other binary files) apache2-data - Apache HTTP Server (common files) apache2-dbg - Apache debugging symbols apache2-dev - Apache HTTP Server (development headers) apache2-doc - Apache HTTP Server (on-site documentation) apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers) apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) Changes: apache2 (2.4.29-1ubuntu4.27) bionic-security; urgency=medium . * SECURITY UPDATE: HTTP request splitting with mod_rewrite and mod_proxy - debian/patches/CVE-2023-25690-1.patch: don't forward invalid query strings in modules/http2/mod_proxy_http2.c, modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy_ajp.c, modules/proxy/mod_proxy_balancer.c, modules/proxy/mod_proxy_http.c, modules/proxy/mod_proxy_wstunnel.c. - debian/patches/CVE-2023-25690-2.patch: Fix missing APLOGNO in modules/http2/mod_proxy_http2.c. - CVE-2023-25690 Checksums-Sha1: 4a76221f97be137d8220c29c2869ee7c574e913b 1139548 apache2-bin_2.4.29-1ubuntu4.27_i386.deb c5f5553b729fa2529560c6aa4ec2fbb01da323c2 3556952 apache2-dbg_2.4.29-1ubuntu4.27_i386.deb a51bfb5355325ce5cedf58b863bf7a575dac3683 177284 apache2-dev_2.4.29-1ubuntu4.27_i386.deb 64c07576f6741698cc30af4a4ca4c0ba3c996bbf 2392 apache2-ssl-dev_2.4.29-1ubuntu4.27_i386.deb e3395f0aa3487a6516791f935b5c130c4f4eee5c 15340 apache2-suexec-custom_2.4.29-1ubuntu4.27_i386.deb 2e6bec9db42fa7998768f5c9b47a03e270b8c2db 13772 apache2-suexec-pristine_2.4.29-1ubuntu4.27_i386.deb 99c1d0fe1fb89cc5164b0f08cf5564ab032254d5 87900 apache2-utils_2.4.29-1ubuntu4.27_i386.deb 88e0911e76d3771312354bf61374496b48cb4f48 10450 apache2_2.4.29-1ubuntu4.27_i386.buildinfo 08e9f0faa127f89fad74704af7560e414243c42c 95136 apache2_2.4.29-1ubuntu4.27_i386.deb Checksums-Sha256: acb42ac2c4a1bf380ed11fbb70f4fb4f01649fd08e89c0ff18381643e234fda0 1139548 apache2-bin_2.4.29-1ubuntu4.27_i386.deb 1d65a1d711d5cd610b752c49f5d65e8e7109fa0a173432893a2373d52883e7e3 3556952 apache2-dbg_2.4.29-1ubuntu4.27_i386.deb 882e62840f5a6ff5bba4cff62ab809de6143af6088ca968e6b908bf267096d48 177284 apache2-dev_2.4.29-1ubuntu4.27_i386.deb f44d8fc9e324f3080c96979a5a47b289e5c52afc0d80530d6750257e908883a1 2392 apache2-ssl-dev_2.4.29-1ubuntu4.27_i386.deb 0e29cf869b26a5ffe35cc78d7f68b51263dbc3212d19c8ce4cb9838c2c149fd3 15340 apache2-suexec-custom_2.4.29-1ubuntu4.27_i386.deb e1a02f3f3381bdc2def6816b5133cfe54132a026e47fbe47a702cd53b4a3d353 13772 apache2-suexec-pristine_2.4.29-1ubuntu4.27_i386.deb 15d07e2c4936e71388663ec2fa4eafc0ba7dc82422b2ecf1feb6a15daacba713 87900 apache2-utils_2.4.29-1ubuntu4.27_i386.deb 66e6b5263d741d43a77992753d3d48dd9d2ebcc649f697d5bcfa29c7765c0b51 10450 apache2_2.4.29-1ubuntu4.27_i386.buildinfo eaab5b5060149dd4a4a4d9ea3c1580fe5f708017992056d23e32b02a23af2adc 95136 apache2_2.4.29-1ubuntu4.27_i386.deb Files: 1d42d405d0793f0f90bbeef51a41c51c 1139548 httpd optional apache2-bin_2.4.29-1ubuntu4.27_i386.deb 06799b939ade5fe5984cabcd41f57200 3556952 debug optional apache2-dbg_2.4.29-1ubuntu4.27_i386.deb 90df6405d829a653b041a8a219f65c15 177284 httpd optional apache2-dev_2.4.29-1ubuntu4.27_i386.deb 3ab37eb5efe5c2fdf9bfac0c98ae0112 2392 httpd optional apache2-ssl-dev_2.4.29-1ubuntu4.27_i386.deb e456e1e3636c4a6ae78f47fd6fe753b3 15340 httpd optional apache2-suexec-custom_2.4.29-1ubuntu4.27_i386.deb 70a7102b3cd020323124b652d9e47fe0 13772 httpd optional apache2-suexec-pristine_2.4.29-1ubuntu4.27_i386.deb 856f28b5509cadb62cf082b737d1985e 87900 httpd optional apache2-utils_2.4.29-1ubuntu4.27_i386.deb 69d764b9fc257100c03d17cb82ca6f3a 10450 httpd optional apache2_2.4.29-1ubuntu4.27_i386.buildinfo 0e0aa2d2e9ae1a4a46650cfd2e22c3ed 95136 httpd optional apache2_2.4.29-1ubuntu4.27_i386.deb Original-Maintainer: Debian Apache Maintainers