Format: 1.8 Date: Fri, 24 Jul 2015 09:56:09 -0400 Source: apache2 Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg Architecture: source Version: 2.4.12-2ubuntu2 Distribution: wily Urgency: medium Maintainer: Ubuntu Developers Changed-By: Marc Deslauriers Description: apache2 - Apache HTTP Server apache2-bin - Apache HTTP Server (modules and other binary files) apache2-data - Apache HTTP Server (common files) apache2-dbg - Apache debugging symbols apache2-dev - Apache HTTP Server (development headers) apache2-doc - Apache HTTP Server (on-site documentation) apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) Changes: apache2 (2.4.12-2ubuntu2) wily; urgency=medium . * SECURITY UPDATE: request smuggling via chunked transfer encoding - debian/patches/CVE-2015-3183.patch: refactor chunk parsing in modules/http/http_filters.c. - CVE-2015-3183 * SECURITY UPDATE: access restriction bypass via deprecated API - debian/patches/CVE-2015-3185.patch: deprecate old API and add new one in include/http_request.h, server/request.c. - CVE-2015-3185 Checksums-Sha1: 6ec7a8767c37218df40368d32dfd35c8b23dd598 2765 apache2_2.4.12-2ubuntu2.dsc 321d38ab835662c3909a3e4235f7b4554c9ac1a0 462604 apache2_2.4.12-2ubuntu2.debian.tar.xz Checksums-Sha256: 17b483ce423c05cc7b2b9046469e668f761d57d98b56510cf7ef08dea7a43f09 2765 apache2_2.4.12-2ubuntu2.dsc 11e3f585f1509dfc6375a86e491f2b976417e7d700174762b913ae757c253ff6 462604 apache2_2.4.12-2ubuntu2.debian.tar.xz Files: 23284d58a83716718ae9d8057d9ad8cb 2765 httpd optional apache2_2.4.12-2ubuntu2.dsc fa812b5db43cedaa2cf7fb069a2ced30 462604 httpd optional apache2_2.4.12-2ubuntu2.debian.tar.xz Original-Maintainer: Debian Apache Maintainers