Publishing details

• Removed from disk on 2022-03-18.
• Removal requested on 2022-03-18.
• Superseded on 2022-03-17 by apache2 - 2.4.48-3.1ubuntu3.3
• Published on 2022-01-06
• Copied from ubuntu impish in PPA for Ubuntu Security Proposed by Marc Deslauriers

Changelog

apache2 (2.4.48-3.1ubuntu3.2) impish-security; urgency=medium

  * SECURITY UPDATE: DoS or SSRF via forward proxy
    - debian/patches/CVE-2021-44224-1.patch: enforce that fully qualified
      uri-paths not to be forward-proxied have an http(s) scheme, and that
      the ones to be forward proxied have a hostname in
      include/http_protocol.h, modules/http/http_request.c,
      modules/http2/h2_request.c, modules/proxy/mod_proxy.c,
      modules/proxy/proxy_util.c, server/protocol.c.
    - debian/patches/CVE-2021-44224-2.patch: don't prevent forwarding URIs
      w/ no hostname in modules/proxy/mod_proxy.c,
      modules/proxy/proxy_util.c.
    - CVE-2021-44224
  * SECURITY UPDATE: overflow in mod_lua multipart parser
    - debian/patches/CVE-2021-44790.patch: improve error handling in
      modules/lua/lua_request.c.
    - CVE-2021-44790

 -- Marc Deslauriers <email address hidden>  Wed, 05 Jan 2022 09:29:15 -0500

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• riscv64
• s390x

Package files

• apache2-bin-dbgsym_2.4.48-3.1ubuntu3.2_amd64.ddeb (3.7 MiB)
• apache2-bin-dbgsym_2.4.48-3.1ubuntu3.2_arm64.ddeb (3.7 MiB)
• apache2-bin-dbgsym_2.4.48-3.1ubuntu3.2_armhf.ddeb (3.1 MiB)
• apache2-bin-dbgsym_2.4.48-3.1ubuntu3.2_i386.ddeb (3.1 MiB)
• apache2-bin-dbgsym_2.4.48-3.1ubuntu3.2_ppc64el.ddeb (3.7 MiB)
• apache2-bin-dbgsym_2.4.48-3.1ubuntu3.2_riscv64.ddeb (3.5 MiB)
• apache2-bin-dbgsym_2.4.48-3.1ubuntu3.2_s390x.ddeb (3.3 MiB)
• apache2-bin_2.4.48-3.1ubuntu3.2_amd64.deb (1.3 MiB)
• apache2-bin_2.4.48-3.1ubuntu3.2_arm64.deb (1.2 MiB)
• apache2-bin_2.4.48-3.1ubuntu3.2_armhf.deb (1.1 MiB)
• apache2-bin_2.4.48-3.1ubuntu3.2_i386.deb (1.3 MiB)
• apache2-bin_2.4.48-3.1ubuntu3.2_ppc64el.deb (1.5 MiB)
• apache2-bin_2.4.48-3.1ubuntu3.2_riscv64.deb (1.1 MiB)
• apache2-bin_2.4.48-3.1ubuntu3.2_s390x.deb (1.2 MiB)
• apache2-data_2.4.48-3.1ubuntu3.2_all.deb (161.1 KiB)
• apache2-dev_2.4.48-3.1ubuntu3.2_amd64.deb (183.1 KiB)
• apache2-dev_2.4.48-3.1ubuntu3.2_arm64.deb (183.1 KiB)
• apache2-dev_2.4.48-3.1ubuntu3.2_armhf.deb (183.0 KiB)
• apache2-dev_2.4.48-3.1ubuntu3.2_i386.deb (183.0 KiB)
• apache2-dev_2.4.48-3.1ubuntu3.2_ppc64el.deb (183.1 KiB)
• apache2-dev_2.4.48-3.1ubuntu3.2_riscv64.deb (183.0 KiB)
• apache2-dev_2.4.48-3.1ubuntu3.2_s390x.deb (183.1 KiB)
• apache2-doc_2.4.48-3.1ubuntu3.2_all.deb (3.7 MiB)
• apache2-ssl-dev_2.4.48-3.1ubuntu3.2_amd64.deb (2.9 KiB)
• apache2-ssl-dev_2.4.48-3.1ubuntu3.2_arm64.deb (2.9 KiB)
• apache2-ssl-dev_2.4.48-3.1ubuntu3.2_armhf.deb (2.9 KiB)
• apache2-ssl-dev_2.4.48-3.1ubuntu3.2_i386.deb (2.9 KiB)
• apache2-ssl-dev_2.4.48-3.1ubuntu3.2_ppc64el.deb (2.9 KiB)
• apache2-ssl-dev_2.4.48-3.1ubuntu3.2_riscv64.deb (2.9 KiB)
• apache2-ssl-dev_2.4.48-3.1ubuntu3.2_s390x.deb (2.9 KiB)
• apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.2_amd64.ddeb (12.6 KiB)
• apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.2_arm64.ddeb (12.6 KiB)
• apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.2_armhf.ddeb (12.2 KiB)
• apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.2_i386.ddeb (11.3 KiB)
• apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.2_ppc64el.ddeb (13.1 KiB)
• apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.2_riscv64.ddeb (12.4 KiB)
• apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.2_s390x.ddeb (12.7 KiB)
• apache2-suexec-custom_2.4.48-3.1ubuntu3.2_amd64.deb (16.1 KiB)
• apache2-suexec-custom_2.4.48-3.1ubuntu3.2_arm64.deb (15.8 KiB)
• apache2-suexec-custom_2.4.48-3.1ubuntu3.2_armhf.deb (15.1 KiB)
• apache2-suexec-custom_2.4.48-3.1ubuntu3.2_i386.deb (16.0 KiB)
• apache2-suexec-custom_2.4.48-3.1ubuntu3.2_ppc64el.deb (16.1 KiB)
• apache2-suexec-custom_2.4.48-3.1ubuntu3.2_riscv64.deb (15.2 KiB)
• apache2-suexec-custom_2.4.48-3.1ubuntu3.2_s390x.deb (16.0 KiB)
• apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.2_amd64.ddeb (11.3 KiB)
• apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.2_arm64.ddeb (11.3 KiB)
• apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.2_armhf.ddeb (10.9 KiB)
• apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.2_i386.ddeb (10.1 KiB)
• apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.2_ppc64el.ddeb (11.7 KiB)
• apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.2_riscv64.ddeb (11.2 KiB)
• apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.2_s390x.ddeb (11.5 KiB)
• apache2-suexec-pristine_2.4.48-3.1ubuntu3.2_amd64.deb (14.5 KiB)
• apache2-suexec-pristine_2.4.48-3.1ubuntu3.2_arm64.deb (14.3 KiB)
• apache2-suexec-pristine_2.4.48-3.1ubuntu3.2_armhf.deb (13.7 KiB)
• apache2-suexec-pristine_2.4.48-3.1ubuntu3.2_i386.deb (14.4 KiB)
• apache2-suexec-pristine_2.4.48-3.1ubuntu3.2_ppc64el.deb (14.4 KiB)
• apache2-suexec-pristine_2.4.48-3.1ubuntu3.2_riscv64.deb (13.7 KiB)
• apache2-suexec-pristine_2.4.48-3.1ubuntu3.2_s390x.deb (14.5 KiB)
• apache2-utils-dbgsym_2.4.48-3.1ubuntu3.2_amd64.ddeb (117.4 KiB)
• apache2-utils-dbgsym_2.4.48-3.1ubuntu3.2_arm64.ddeb (118.1 KiB)
• apache2-utils-dbgsym_2.4.48-3.1ubuntu3.2_armhf.ddeb (116.8 KiB)
• apache2-utils-dbgsym_2.4.48-3.1ubuntu3.2_i386.ddeb (106.9 KiB)
• apache2-utils-dbgsym_2.4.48-3.1ubuntu3.2_ppc64el.ddeb (126.9 KiB)
• apache2-utils-dbgsym_2.4.48-3.1ubuntu3.2_riscv64.ddeb (116.4 KiB)
• apache2-utils-dbgsym_2.4.48-3.1ubuntu3.2_s390x.ddeb (115.8 KiB)
• apache2-utils_2.4.48-3.1ubuntu3.2_amd64.deb (86.8 KiB)
• apache2-utils_2.4.48-3.1ubuntu3.2_arm64.deb (85.5 KiB)
• apache2-utils_2.4.48-3.1ubuntu3.2_armhf.deb (88.0 KiB)
• apache2-utils_2.4.48-3.1ubuntu3.2_i386.deb (90.8 KiB)
• apache2-utils_2.4.48-3.1ubuntu3.2_ppc64el.deb (92.4 KiB)
• apache2-utils_2.4.48-3.1ubuntu3.2_riscv64.deb (81.6 KiB)
• apache2-utils_2.4.48-3.1ubuntu3.2_s390x.deb (87.1 KiB)
• apache2_2.4.48-3.1ubuntu3.2.debian.tar.xz (893.4 KiB)
• apache2_2.4.48-3.1ubuntu3.2.dsc (3.3 KiB)
• apache2_2.4.48-3.1ubuntu3.2_amd64.deb (95.5 KiB)
• apache2_2.4.48-3.1ubuntu3.2_arm64.deb (95.5 KiB)
• apache2_2.4.48-3.1ubuntu3.2_armhf.deb (95.5 KiB)
• apache2_2.4.48-3.1ubuntu3.2_i386.deb (95.5 KiB)
• apache2_2.4.48-3.1ubuntu3.2_ppc64el.deb (95.5 KiB)
• apache2_2.4.48-3.1ubuntu3.2_riscv64.deb (95.5 KiB)
• apache2_2.4.48-3.1ubuntu3.2_s390x.deb (95.5 KiB)
• apache2_2.4.48.orig.tar.gz (9.0 MiB)
• libapache2-mod-md_2.4.48-3.1ubuntu3.2_amd64.deb (806 bytes)
• libapache2-mod-md_2.4.48-3.1ubuntu3.2_arm64.deb (804 bytes)
• libapache2-mod-md_2.4.48-3.1ubuntu3.2_armhf.deb (806 bytes)
• libapache2-mod-md_2.4.48-3.1ubuntu3.2_i386.deb (804 bytes)
• libapache2-mod-md_2.4.48-3.1ubuntu3.2_ppc64el.deb (808 bytes)
• libapache2-mod-md_2.4.48-3.1ubuntu3.2_riscv64.deb (810 bytes)
• libapache2-mod-md_2.4.48-3.1ubuntu3.2_s390x.deb (808 bytes)
• libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.2_amd64.deb (988 bytes)
• libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.2_arm64.deb (988 bytes)
• libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.2_armhf.deb (988 bytes)
• libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.2_i386.deb (990 bytes)
• libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.2_ppc64el.deb (990 bytes)
• libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.2_riscv64.deb (992 bytes)
• libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.2_s390x.deb (992 bytes)