Format: 1.8 Date: Tue, 09 Apr 2019 12:48:30 -0300 Source: apache2 Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg Architecture: i386 all Version: 2.2.22-1ubuntu1.15 Distribution: precise Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas S. Barbosa Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-itk - multiuser MPM for Apache 2.2 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-bin - Apache HTTP Server common binary files apache2.2-common - Apache HTTP Server common files Changes: apache2 (2.2.22-1ubuntu1.15) precise-security; urgency=medium . [ Marc Deslauriers ] * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig - debian/patches/CVE-2017-15710.patch: fix language long names detection as short name in modules/aaa/mod_authnz_ldap.c. - CVE-2017-15710 * SECURITY UPDATE: DoS via specially-crafted request - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL terminated on any error, not only on buffer full in server/protocol.c. - CVE-2018-1301 * SECURITY UPDATE: insecure nonce generation - debian/patches/CVE-2018-1312-*.patch: actually use the secret when generating nonces in modules/aaa/mod_auth_digest.c. - CVE-2018-1312 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 Checksums-Sha1: 493c366da0ad680de925cbb8761c4031800e7679 225616 apache2.2-common_2.2.22-1ubuntu1.15_i386.deb cb809f28a7779566fdcf8fd547ddc50edecf9ee1 1349562 apache2.2-bin_2.2.22-1ubuntu1.15_i386.deb 85dc1acdcbe5f7b11bf5115bba6cb2df4a0883af 2300 apache2-mpm-worker_2.2.22-1ubuntu1.15_i386.deb 9d4d38652f0124d5b695fd70b69673c66195baf2 2412 apache2-mpm-prefork_2.2.22-1ubuntu1.15_i386.deb e72aafaf9a6734456e81687547b2c0091ab170ab 2368 apache2-mpm-event_2.2.22-1ubuntu1.15_i386.deb abcee807d7b5801f31e5f7489b8d363543dda3b2 2398 apache2-mpm-itk_2.2.22-1ubuntu1.15_i386.deb 329a5db23422a87986b3c66bcf53eefbb04bf802 91002 apache2-utils_2.2.22-1ubuntu1.15_i386.deb 2f4a55b6d83ef535a9bf57a7a4572535ad708054 18374 apache2-suexec_2.2.22-1ubuntu1.15_i386.deb 816d1c0218483944dae65c51feab2568a4e5394c 20046 apache2-suexec-custom_2.2.22-1ubuntu1.15_i386.deb 7dd9cfc96232cb842590b0d54f3f0a9d6c2a0d7d 1494 apache2_2.2.22-1ubuntu1.15_i386.deb 3e018766cb33134b8a41e6ccdd0cbe680adc5d10 2622270 apache2-doc_2.2.22-1ubuntu1.15_all.deb 4e31d0208f96357738e1aeffaaa1f51fa92a2e28 138798 apache2-prefork-dev_2.2.22-1ubuntu1.15_i386.deb c995c2c0915bf339d71949259f6318292636630a 139992 apache2-threaded-dev_2.2.22-1ubuntu1.15_i386.deb 751b0686a38e0b2d06f240b5ddeda68a7e391807 794880 apache2.2-bin-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb 03871ea31cd08d8f879a6d8038b73f4d5f33629e 63458 apache2-utils-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb a7857a3da48d2446dac675252b7e4b244919d22e 7258 apache2-suexec-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb d4dad19ee7eb8781af23a9f6e182e328ffafcf76 7932 apache2-suexec-custom-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb Checksums-Sha256: d10edf6ec1c595b7fbc0748f7aead6de3f624b183cf4ebd52c7a34651cfd6d78 225616 apache2.2-common_2.2.22-1ubuntu1.15_i386.deb 6a65a185b7c4f2f96e360944b96aa0248e9f4a9390bd0d950d88ae0d05b024b5 1349562 apache2.2-bin_2.2.22-1ubuntu1.15_i386.deb cbe5c1d25d4bfa77e015a61f65f6871decd763ff12738a8b3ffa95fd8a5cf410 2300 apache2-mpm-worker_2.2.22-1ubuntu1.15_i386.deb 55c55f583834e21cf791b882e487e99936da6f769f40dcc5573337e850dabfbf 2412 apache2-mpm-prefork_2.2.22-1ubuntu1.15_i386.deb ae0d50fc0e772d2c9bf9b516fdda5a40634eac2fa3501ad1b199169153cbf291 2368 apache2-mpm-event_2.2.22-1ubuntu1.15_i386.deb 6766d1e1364577f9422d91940d7cf6004bba69dd9ef3abea7765b51045750fae 2398 apache2-mpm-itk_2.2.22-1ubuntu1.15_i386.deb fb3a89424caed249346104fb6914961006481763e13804924890b383530149e2 91002 apache2-utils_2.2.22-1ubuntu1.15_i386.deb 04b464b16723ee2c5322a4d02aa040a911c37b7736524cdf29721d2a637aa52c 18374 apache2-suexec_2.2.22-1ubuntu1.15_i386.deb 8067dd10675ff7057a72a55971447ce9081197e9c21674d4e93bc55212568f38 20046 apache2-suexec-custom_2.2.22-1ubuntu1.15_i386.deb ad740207d72322e190d85e67b06eaa170117c96b2e2fc5f62b77f672c5e293b2 1494 apache2_2.2.22-1ubuntu1.15_i386.deb 68347c6c8278f590f65ed1b5390f16f9a3f385dc397cfb69be81d9bdbfce06dc 2622270 apache2-doc_2.2.22-1ubuntu1.15_all.deb 01c7f1caacc6872e36a1f3947ff909f1621e68b8c972be1a29880330cb7659c1 138798 apache2-prefork-dev_2.2.22-1ubuntu1.15_i386.deb c87580fca4feb016c1db37b997ec4905d16ed4824245de570cbac25f062670f7 139992 apache2-threaded-dev_2.2.22-1ubuntu1.15_i386.deb 30c090aa82664b0ee549811c855e4f505b7b59957752ffc77d26528f0575a090 794880 apache2.2-bin-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb 990025eed87c28cae81bad1d953bd4f96a8b89ff021a85d66e4421334fd83bc1 63458 apache2-utils-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb dee819668feb13c7d3a3d12adf8333fd7dd1132e5af24ef5fc6eaa8ee393e72b 7258 apache2-suexec-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb dbc4b7217d28603a4b4750dc8d2c496404699becd94e675c7555489d1b6e9193 7932 apache2-suexec-custom-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb Files: 8c6f64acd187537500abed4d887e2499 225616 httpd optional apache2.2-common_2.2.22-1ubuntu1.15_i386.deb fbb97fcfebbb539a2186abaa99e672f5 1349562 httpd optional apache2.2-bin_2.2.22-1ubuntu1.15_i386.deb 8267d008081dd4de9225e750eacf83bb 2300 httpd optional apache2-mpm-worker_2.2.22-1ubuntu1.15_i386.deb 6698e1abd251775f00e5289bbd3a30d6 2412 httpd optional apache2-mpm-prefork_2.2.22-1ubuntu1.15_i386.deb 7bba6761fcd4fce6fbf2dc8e29c8503c 2368 httpd optional apache2-mpm-event_2.2.22-1ubuntu1.15_i386.deb d700b40687b4b94f71ed8597e1a1e0e9 2398 httpd extra apache2-mpm-itk_2.2.22-1ubuntu1.15_i386.deb b488add2f5103fa61bb1732ef5c4be2e 91002 httpd optional apache2-utils_2.2.22-1ubuntu1.15_i386.deb 0b5275c69283bff7d08227005e639594 18374 httpd optional apache2-suexec_2.2.22-1ubuntu1.15_i386.deb 4222fdfe2d55630c432786a5d318c988 20046 httpd extra apache2-suexec-custom_2.2.22-1ubuntu1.15_i386.deb a9c8b214f8b44a91340cdf89b704aa94 1494 httpd optional apache2_2.2.22-1ubuntu1.15_i386.deb 2c91cfdcc43baeae178533011f8520da 2622270 doc optional apache2-doc_2.2.22-1ubuntu1.15_all.deb 2d4c33f97618dda98ac5bc4a4d775615 138798 httpd extra apache2-prefork-dev_2.2.22-1ubuntu1.15_i386.deb af3426f67980885bef44e322c369c68c 139992 httpd extra apache2-threaded-dev_2.2.22-1ubuntu1.15_i386.deb 15ae7c66d3f1ff8c14dce37d8eebcdb7 794880 httpd extra apache2.2-bin-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb 58eaab50e3cc0a929a7cb80aaaa83c30 63458 httpd extra apache2-utils-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb 7501fc268d34d9db75e8906919bc812a 7258 httpd extra apache2-suexec-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb e957c5c7414a32c0d15b7586f0fd7980 7932 httpd extra apache2-suexec-custom-dbgsym_2.2.22-1ubuntu1.15_i386.ddeb Original-Maintainer: Debian Apache Maintainers Original-Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-apache/apache2.git Original-Vcs-Git: git://git.debian.org/git/pkg-apache/apache2.git