Format: 1.8
Date: Thu, 17 Mar 2022 09:39:54 -0400
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Built-For-Profiles: noudeb
Architecture: s390x
Version: 2.4.52-1ubuntu2
Distribution: jammy-proposed
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-018.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.52-1ubuntu2) jammy; urgency=medium
 .
   * SECURITY UPDATE: OOB read in mod_lua via crafted request body
     - debian/patches/CVE-2022-22719.patch: error out if lua_read_body() or
       lua_write_body() fail in modules/lua/lua_request.c.
     - CVE-2022-22719
   * SECURITY UPDATE: HTTP Request Smuggling via error discarding the
     request body
     - debian/patches/CVE-2022-22720.patch: simpler connection close logic
       if discarding the request body fails in modules/http/http_filters.c,
       server/protocol.c.
     - CVE-2022-22720
   * SECURITY UPDATE: overflow via large LimitXMLRequestBody
     - debian/patches/CVE-2022-22721.patch: make sure and check that
       LimitXMLRequestBody fits in system memory in server/core.c,
       server/util.c, server/util_xml.c.
     - CVE-2022-22721
   * SECURITY UPDATE: out-of-bounds write in mod_sed
     - debian/patches/CVE-2022-23943-1.patch: use size_t to allow for larger
       buffer sizes and unsigned arithmetics in modules/filters/libsed.h,
       modules/filters/mod_sed.c, modules/filters/sed1.c.
     - debian/patches/CVE-2022-23943-2.patch: improve the logic flow in
       modules/filters/mod_sed.c.
     - CVE-2022-23943
Checksums-Sha1:
 ad3c5ad27a25d3f75ea304f5ded82cd8ea2cac2c 3543352 apache2-bin-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 e787f0c56583bd8f5c333242176aacdc0be12e6b 1280374 apache2-bin_2.4.52-1ubuntu2_s390x.deb
 a8fada3eeef8701c2412ddc20ee19ce37ef6df30 190150 apache2-dev_2.4.52-1ubuntu2_s390x.deb
 211e775313cbb436b17ba155a61809c4abf7d482 2978 apache2-ssl-dev_2.4.52-1ubuntu2_s390x.deb
 334d47c615a052cb5ad864f2159564ca348ce96b 12958 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 e341e16a9806c83ba8d557bdd0fc74653ec25f59 16422 apache2-suexec-custom_2.4.52-1ubuntu2_s390x.deb
 476650c152f39b25658962b13d03a9e5437f2eb3 11710 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 13e69fa30f60da067a436d9f5fe3490f189365da 14778 apache2-suexec-pristine_2.4.52-1ubuntu2_s390x.deb
 ca024491ae49cafe64e3653af1e28fa265fc7eb3 118528 apache2-utils-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 5dcba698c2fdadf9769fae28165b5dcf1a0514d2 89102 apache2-utils_2.4.52-1ubuntu2_s390x.deb
 f9424456dd67e5a2aca19811b310d9bd70efef21 11218 apache2_2.4.52-1ubuntu2_s390x.buildinfo
 4b91b492f1846cb6b684e78fbfb443ab740a3725 97834 apache2_2.4.52-1ubuntu2_s390x.deb
 ab7bf8725b51d82d3f445e4357aeb8cf87734897 804 libapache2-mod-md_2.4.52-1ubuntu2_s390x.deb
 9d84f8fa40b7324f4efe3bcb68612cadb4a24f42 986 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu2_s390x.deb
Checksums-Sha256:
 4442b84f60f792108b72d7acb585da97f76ec9e3544ab986f8dcda7f4f35e21f 3543352 apache2-bin-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 741a3ddf121a67335d55d64c3b3ee6466558c85284dabaa763a4400785009579 1280374 apache2-bin_2.4.52-1ubuntu2_s390x.deb
 195918d7a25ef9c528b51ac6f89515eefd08f8312d7bd94ab46f8c40a2f15581 190150 apache2-dev_2.4.52-1ubuntu2_s390x.deb
 2aa1bf5a9105f07080bd15bd47ad5b108e0352e897e16a597bdcedfe72a60b40 2978 apache2-ssl-dev_2.4.52-1ubuntu2_s390x.deb
 02bfff5899d456c0a7014233e0f6824a9f49b7446230cfc36c2fa77acbdf93c5 12958 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 638e5096bd78f7fa92269ad5f5b75b1650b12a7a76a3b0750d63fcf82817df5b 16422 apache2-suexec-custom_2.4.52-1ubuntu2_s390x.deb
 716ea68c29613215b8df634ffc9d1b6e00d4f8360d5dfaa80c29a18defb581f1 11710 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 e389419a593587e9d0b773b6aaac2712c1579c5dea44b45fb05d671b806af2cc 14778 apache2-suexec-pristine_2.4.52-1ubuntu2_s390x.deb
 96578d08c77dd6732f9ffbfab12cb9f83424f826b2c0ed756988c5117785bded 118528 apache2-utils-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 302383649bf75516f48283e4e1f840ee77405f735ac93919c580ac1f776b7b47 89102 apache2-utils_2.4.52-1ubuntu2_s390x.deb
 6e73cdd49f3a0492e064c81f4270cde2e946815fb0e10e42f5e590a6ceb29865 11218 apache2_2.4.52-1ubuntu2_s390x.buildinfo
 4013dfb1ad744bbc085829a5f0ab15dfaf10c7e03a55d59d2c9fa32b5bc0fd4d 97834 apache2_2.4.52-1ubuntu2_s390x.deb
 dd486a85d7ae829c0fdc5cb40be11c1b2a40a524bf588a4b020a9ed6e7d55d6e 804 libapache2-mod-md_2.4.52-1ubuntu2_s390x.deb
 fae42e3d137dc7f4d5a642ec43bc30ff1492f6e6f26fdadc8463ce03d4fe10e6 986 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu2_s390x.deb
Files:
 5ccfd32a7781df9ecf2a727a77983f12 3543352 debug optional apache2-bin-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 ca73d5d31a20dd5fdb7d0152935bdffc 1280374 httpd optional apache2-bin_2.4.52-1ubuntu2_s390x.deb
 0599b964846128d950467e26c5380d90 190150 httpd optional apache2-dev_2.4.52-1ubuntu2_s390x.deb
 decc4128f65f39104aef024400ba9cf9 2978 httpd optional apache2-ssl-dev_2.4.52-1ubuntu2_s390x.deb
 e3dad17bdeac2a457e79249dfe59d806 12958 debug optional apache2-suexec-custom-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 21a48e83c3e2ea33d7d69c502d2145a3 16422 httpd optional apache2-suexec-custom_2.4.52-1ubuntu2_s390x.deb
 1e20305d3f3546f48b2350e3607fcffb 11710 debug optional apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 577567b260bf75983b48182e8b006ac2 14778 httpd optional apache2-suexec-pristine_2.4.52-1ubuntu2_s390x.deb
 90164659c3526d7e5ff948c44759551a 118528 debug optional apache2-utils-dbgsym_2.4.52-1ubuntu2_s390x.ddeb
 fee5986b66cf7544b0539286dc0a685e 89102 httpd optional apache2-utils_2.4.52-1ubuntu2_s390x.deb
 16646a0d9da95f2911b9b3fb399754ad 11218 httpd optional apache2_2.4.52-1ubuntu2_s390x.buildinfo
 8cb829ac0aff65113dd8ab18627c71af 97834 httpd optional apache2_2.4.52-1ubuntu2_s390x.deb
 a3839f5b7ef5a7dc2e6bab9fd73a176f 804 oldlibs optional libapache2-mod-md_2.4.52-1ubuntu2_s390x.deb
 223d9f22aab7eefd12fded5fe3defdfb 986 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu2_s390x.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>