Format: 1.8
Date: Wed, 08 Mar 2023 12:32:54 -0500
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: armhf
Version: 2.4.41-4ubuntu3.14
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-080.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.41-4ubuntu3.14) focal-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP request splitting with mod_rewrite and mod_proxy
     - debian/patches/CVE-2023-25690-1.patch: don't forward invalid query
       strings in modules/http2/mod_proxy_http2.c,
       modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy_ajp.c,
       modules/proxy/mod_proxy_balancer.c, modules/proxy/mod_proxy_http.c,
       modules/proxy/mod_proxy_wstunnel.c.
     - debian/patches/CVE-2023-25690-2.patch: Fix missing APLOGNO in
       modules/http2/mod_proxy_http2.c.
     - CVE-2023-25690
   * SECURITY UPDATE: mod_proxy_uwsgi HTTP response splitting
     - debian/patches/CVE-2023-27522.patch: stricter backend HTTP response
       parsing/validation in modules/proxy/mod_proxy_uwsgi.c.
     - CVE-2023-27522
Checksums-Sha1:
 59ca3003771746379c29945d6126d62c7f48d6b7 4796784 apache2-bin-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 39fce4a95f6c302990e7f851b8bd81269c4ee201 1025764 apache2-bin_2.4.41-4ubuntu3.14_armhf.deb
 6f6ebf1021be42a30ba31fbef5322a394685e927 179540 apache2-dev_2.4.41-4ubuntu3.14_armhf.deb
 a72289570f75d4adef164f8e2938af6a7ef49af0 3152 apache2-ssl-dev_2.4.41-4ubuntu3.14_armhf.deb
 91e7b4cd43d5e299a03d4963a85d87a865f89db3 12828 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 3b495e40e8e502ec4a14a9a7267e943fe06dd261 14576 apache2-suexec-custom_2.4.41-4ubuntu3.14_armhf.deb
 1844907c5fe8e385cc1ce94ca6b3d8dd30def1fe 11560 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 167a7417af09e5bf58737c4ef42e97956a0501a9 13188 apache2-suexec-pristine_2.4.41-4ubuntu3.14_armhf.deb
 e94001c9ec307eb9c243504af45a2bd16bd6b2bc 141644 apache2-utils-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 d9c52ed4c2b0bc8a2eefaf569a8f0b12b23bf0a9 84576 apache2-utils_2.4.41-4ubuntu3.14_armhf.deb
 a6ac682ed5fe3b722b248743698357b1b612a1a3 11896 apache2_2.4.41-4ubuntu3.14_armhf.buildinfo
 e956477bfebe91d94190af41711340fead4968b8 95572 apache2_2.4.41-4ubuntu3.14_armhf.deb
 6d8bb4befa9e2dfb6f082d55ea4ce930041d67e6 988 libapache2-mod-md_2.4.41-4ubuntu3.14_armhf.deb
 1502c57b70915742a7ca6871343989e6bd493e5f 1180 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_armhf.deb
Checksums-Sha256:
 c38b718842c905f9a38de5337ead1bf3335cdc618ef57b41315aaf8fbeaf1080 4796784 apache2-bin-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 429303a0684ebe3c76c9756b796c745b478bdbe979e0fafba2593a7ab1349746 1025764 apache2-bin_2.4.41-4ubuntu3.14_armhf.deb
 edb71500b2288c044a68216042f273c4f033c3db410fbc2c66cfb6b06a170aeb 179540 apache2-dev_2.4.41-4ubuntu3.14_armhf.deb
 1a0be491785a7b2c4999b90a945330980eca34065089391d5da7c6f3e9e6049b 3152 apache2-ssl-dev_2.4.41-4ubuntu3.14_armhf.deb
 add99d11266c1570ac5cee0663c4236fc54bcdb46d00ed9fea22ed30ce1aba3d 12828 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 15346bc1b2f7276f06cd77bcc739936ae30209d06551745d769026930c4ac990 14576 apache2-suexec-custom_2.4.41-4ubuntu3.14_armhf.deb
 59aca42d927daef3aa42eff78ca93dee82c70d4eff3aed3cb5e26a05b5677ef2 11560 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 eaff892a1b6dba95ed45c88411cd3ece507b5aa7d2fb23507bdc9b78e699801d 13188 apache2-suexec-pristine_2.4.41-4ubuntu3.14_armhf.deb
 9d9e9f7067aa7c8a63d57679d9af211cd97b0a51d9f0404874a0c3114e6c55c1 141644 apache2-utils-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 8b9d1f09bf84260ef87a12ffaeba98c4e6216323d0eb4ff03e6b858d6c65e47f 84576 apache2-utils_2.4.41-4ubuntu3.14_armhf.deb
 f40af35ce91585f35f5f333bea0e366b102552e081af6b91804b9561143748b1 11896 apache2_2.4.41-4ubuntu3.14_armhf.buildinfo
 84064dfe4c35d5041a43ce7603e3eac43a4085a2bafb85fb5f27bed7e44dc240 95572 apache2_2.4.41-4ubuntu3.14_armhf.deb
 6b80351b6f57dc5c5584c379ee1e59ddf5aefcd185839525b272972dc7110f0b 988 libapache2-mod-md_2.4.41-4ubuntu3.14_armhf.deb
 63b11fd1e5de9cd92d123eacbc37669701fdee3b73d7d4483e32d90d023b16e1 1180 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_armhf.deb
Files:
 71bd7225c77b3d2f1613de43df814c12 4796784 debug optional apache2-bin-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 93696d312bae0818e6b5abf14e0b47e5 1025764 httpd optional apache2-bin_2.4.41-4ubuntu3.14_armhf.deb
 f26f3111b6558273e929cc61732bbe9c 179540 httpd optional apache2-dev_2.4.41-4ubuntu3.14_armhf.deb
 269abe7dad6b5710f349a45a4028ddef 3152 httpd optional apache2-ssl-dev_2.4.41-4ubuntu3.14_armhf.deb
 61b057ad3ec45b856eb34d6269b38e55 12828 debug optional apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 f10e6cf676dfdafd1fd67061a7bee4fa 14576 httpd optional apache2-suexec-custom_2.4.41-4ubuntu3.14_armhf.deb
 bd4afa8201e9f72dce42dcf886ee3225 11560 debug optional apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 26694cd11872f0b1fd2d28f242e522e5 13188 httpd optional apache2-suexec-pristine_2.4.41-4ubuntu3.14_armhf.deb
 cbbf2edb355c6d0ce3070981d4a1ac4f 141644 debug optional apache2-utils-dbgsym_2.4.41-4ubuntu3.14_armhf.ddeb
 1d85f3b50c202ef29cef0dfca146ab7a 84576 httpd optional apache2-utils_2.4.41-4ubuntu3.14_armhf.deb
 16c32d066a4cb336a232ab9e33b40aa6 11896 httpd optional apache2_2.4.41-4ubuntu3.14_armhf.buildinfo
 33854e813be0e8e0bbd5be44d68d678b 95572 httpd optional apache2_2.4.41-4ubuntu3.14_armhf.deb
 db0bbadab18420a01b75b71f328d0749 988 oldlibs optional libapache2-mod-md_2.4.41-4ubuntu3.14_armhf.deb
 c0a37824c6686fd73dfe07a7392676ae 1180 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_armhf.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>