Format: 1.8
Date: Wed, 08 Mar 2023 12:32:54 -0500
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: ppc64el
Version: 2.4.41-4ubuntu3.14
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-001.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.41-4ubuntu3.14) focal-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP request splitting with mod_rewrite and mod_proxy
     - debian/patches/CVE-2023-25690-1.patch: don't forward invalid query
       strings in modules/http2/mod_proxy_http2.c,
       modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy_ajp.c,
       modules/proxy/mod_proxy_balancer.c, modules/proxy/mod_proxy_http.c,
       modules/proxy/mod_proxy_wstunnel.c.
     - debian/patches/CVE-2023-25690-2.patch: Fix missing APLOGNO in
       modules/http2/mod_proxy_http2.c.
     - CVE-2023-25690
   * SECURITY UPDATE: mod_proxy_uwsgi HTTP response splitting
     - debian/patches/CVE-2023-27522.patch: stricter backend HTTP response
       parsing/validation in modules/proxy/mod_proxy_uwsgi.c.
     - CVE-2023-27522
Checksums-Sha1:
 52765fce85295f1f83dae915e5305f6b35db39cc 5177552 apache2-bin-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 6e95bf531cf4c6a35db9e4077d5e7153d48c2933 1274140 apache2-bin_2.4.41-4ubuntu3.14_ppc64el.deb
 5be176f5ce23bd7ef1d333aae04c3d863806de1e 179544 apache2-dev_2.4.41-4ubuntu3.14_ppc64el.deb
 bed55d90e9e739007aed44ff35d1dc313af4c834 3152 apache2-ssl-dev_2.4.41-4ubuntu3.14_ppc64el.deb
 02162192bb1bd7668b6991df24a182a70e6abf7a 13112 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 7231626dab6deebf8841d0e9584c412eabb9d927 15524 apache2-suexec-custom_2.4.41-4ubuntu3.14_ppc64el.deb
 dc1a9cf87b515aa18e9c6e62608c41b161baefb7 11868 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 dceef8f2856847e19dd1f7c89b9f137a0223c473 13928 apache2-suexec-pristine_2.4.41-4ubuntu3.14_ppc64el.deb
 d577ba1eef75f066730265e539c7190c1e709456 147368 apache2-utils-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 dc22f86c521956c6092c279a87e805f13efefa05 86760 apache2-utils_2.4.41-4ubuntu3.14_ppc64el.deb
 688503571704c75a53db60c8b5d4800bc46ec030 12131 apache2_2.4.41-4ubuntu3.14_ppc64el.buildinfo
 c68681769bb04e977638afbc7d4d3663057ed7e1 95580 apache2_2.4.41-4ubuntu3.14_ppc64el.deb
 aad5074f74384b9d51257c426f9f6d2475f9be7f 992 libapache2-mod-md_2.4.41-4ubuntu3.14_ppc64el.deb
 e3da0e2363fedc266fbe8cbff3957dbd05e6b5d0 1184 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_ppc64el.deb
Checksums-Sha256:
 0a1786fea9173ecf0698c537f5f1d8f4a75cdd63fd8f8d25cc9fff7dbc628073 5177552 apache2-bin-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 16042f2c12102e1d582ecd8ada417d1a1e3cf69c1706252012baa3ae7f85d897 1274140 apache2-bin_2.4.41-4ubuntu3.14_ppc64el.deb
 f2522da8022df94bb602354e864f5308f51d5de0d4650f7be99b492f6cba8d5b 179544 apache2-dev_2.4.41-4ubuntu3.14_ppc64el.deb
 16acab4c5257e2a3ae1de33fece676cb643a0c573b71b1959d946ddfbb0c88a4 3152 apache2-ssl-dev_2.4.41-4ubuntu3.14_ppc64el.deb
 177b8148403158fb40784b5d07f87d6d34562673019a7dfeed948cce13020a70 13112 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 3feb7f256df6dfb46f0a942a8db12fa76e74ed9cf5c42df8f7e067ead0f918ae 15524 apache2-suexec-custom_2.4.41-4ubuntu3.14_ppc64el.deb
 53ca48f209202faac0a901165478bf2996d50be58182be81b3538ffe78e96ec5 11868 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 b63158ff4c396f66c4febf393e14fc2ca581a5eebe808cf64af5d9ffa1a693e7 13928 apache2-suexec-pristine_2.4.41-4ubuntu3.14_ppc64el.deb
 fa169fdd9faf9633dc7c3fd13e280345cd89759a05bd8af5c561164ab78ef41a 147368 apache2-utils-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 117d72ac4484ba54133f3926f962c89dc3f6ccead0758ccd122b06cd9eb0cd5e 86760 apache2-utils_2.4.41-4ubuntu3.14_ppc64el.deb
 75fcce8376acd88fb8337d7ff80a682ad22136f440167fcd07dae70ba2ed7380 12131 apache2_2.4.41-4ubuntu3.14_ppc64el.buildinfo
 8ccd1a515b8c1fa0841e8a41afae60ae6a4a01804f5502d6aead71654a41150b 95580 apache2_2.4.41-4ubuntu3.14_ppc64el.deb
 d5fac54edb97be82558e6d45aa2c62ad9d19004811622ce94ae31ed6a3630ff2 992 libapache2-mod-md_2.4.41-4ubuntu3.14_ppc64el.deb
 6ff6817cefc174a2d931b8f9d48d5a5d3b5448670d78790a0c7fe4fac8954dae 1184 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_ppc64el.deb
Files:
 6d8798860540a551d1226682fdd9c282 5177552 debug optional apache2-bin-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 ecd4caff4509496ee524d0ef0a5fd9dd 1274140 httpd optional apache2-bin_2.4.41-4ubuntu3.14_ppc64el.deb
 ac2246319c8003856080737b14b776c3 179544 httpd optional apache2-dev_2.4.41-4ubuntu3.14_ppc64el.deb
 649240f34672251ed8095f4644f563b0 3152 httpd optional apache2-ssl-dev_2.4.41-4ubuntu3.14_ppc64el.deb
 f7ee9857c6d7bfa37cc791d22c2466f9 13112 debug optional apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 aaa230de0b5ea09a3e2df7b727a7ed25 15524 httpd optional apache2-suexec-custom_2.4.41-4ubuntu3.14_ppc64el.deb
 07575a44705ee70ffb081c6f004246d8 11868 debug optional apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 cc279b1c52959f1fdc1403df200f7483 13928 httpd optional apache2-suexec-pristine_2.4.41-4ubuntu3.14_ppc64el.deb
 ee3c74592a99dcf319cb839051d92f19 147368 debug optional apache2-utils-dbgsym_2.4.41-4ubuntu3.14_ppc64el.ddeb
 895785da3a1d3b004837d7a3f70e8fc5 86760 httpd optional apache2-utils_2.4.41-4ubuntu3.14_ppc64el.deb
 b5b65b8809587d81c32614f8f77c7f01 12131 httpd optional apache2_2.4.41-4ubuntu3.14_ppc64el.buildinfo
 a83c1df56e62c36b80435b425d47c038 95580 httpd optional apache2_2.4.41-4ubuntu3.14_ppc64el.deb
 d39a20929a0ac34e80e25528461ee9dd 992 oldlibs optional libapache2-mod-md_2.4.41-4ubuntu3.14_ppc64el.deb
 417df221d615c4077678ad1db513ee99 1184 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_ppc64el.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>