Format: 1.8
Date: Tue, 14 Jun 2022 09:33:28 -0300
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Built-For-Profiles: noudeb
Architecture: armhf
Version: 2.4.48-3.1ubuntu3.5
Distribution: impish
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-014.buildd>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.48-3.1ubuntu3.5) impish-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP Request Smuggling
     - debian/patches/CVE-2022-26377.patch: changing
       precedence between T-E and C-L in modules/proxy/mod_proxy_ajp.c.
     - CVE-2022-26377
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28614.patch: handle large
       writes in ap_rputs.
       in server/util.c.
     - CVE-2022-28614
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28615.patch: fix types
       in server/util.c.
     - CVE-2022-28615
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-29404.patch: cast first
       in modules/lua/lua_request.c.
     - CVE-2022-29404
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-30522.patch: limit mod_sed
       memory use in modules/filters/mod_sec.c,
       modules/filters/sed1.c.
     - CVE-2022-30522
   * SECURITY UPDATE: Returning point past of the buffer
     - debian/patches/CVE-2022-30556.patch: use filters consitently
       in modules/lua/lua_request.c.
     - CVE-2022-30556
   * SECURITY UPDATE: Bypass IP authentication
     - debian/patches/CVE-2022-31813.patch: to clear
       hop-by-hop first and fixup last in modules/proxy/proxy_util.c.
     - CVE-2022-31813
Checksums-Sha1:
 afcb554eb47480c00107b76a060e47b2ab3cb704 3296142 apache2-bin-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 985caacb0dcdfb5402e2b0325a6b05712e261279 1180270 apache2-bin_2.4.48-3.1ubuntu3.5_armhf.deb
 a8a287ada41cc08ad910152b7c22d39b13e3e09c 187904 apache2-dev_2.4.48-3.1ubuntu3.5_armhf.deb
 a3e14a240aeaa4c948ef061bca22a6518a0219fe 2980 apache2-ssl-dev_2.4.48-3.1ubuntu3.5_armhf.deb
 fcb1ce074112204d5b71757a68b1b32f04df07be 12484 apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 336a40d7e4f7db67295db55f92681ad1718c5fe7 15506 apache2-suexec-custom_2.4.48-3.1ubuntu3.5_armhf.deb
 d8c9e69b30129d38494a8763e504bf70a800d571 11148 apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 2a18c60c086da8d77825be9c6802e5d96f182330 14014 apache2-suexec-pristine_2.4.48-3.1ubuntu3.5_armhf.deb
 be0cf8e6751c6017f8ffebce56d97652d7c37eca 119544 apache2-utils-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 1294eb4e6fa1d0fbffb0e38ab265fac042977e47 90532 apache2-utils_2.4.48-3.1ubuntu3.5_armhf.deb
 ee1e7c4c8801161dc41509edfb96577a919ae97a 11850 apache2_2.4.48-3.1ubuntu3.5_armhf.buildinfo
 316e522b685b6209847d7dc89d79bde0aeee084a 97852 apache2_2.4.48-3.1ubuntu3.5_armhf.deb
 12240791e3c6ac299c5dbf2877e40ecdcc44e448 804 libapache2-mod-md_2.4.48-3.1ubuntu3.5_armhf.deb
 b419845a1e3cf0123476de2e60a4bc5340a923be 986 libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.5_armhf.deb
Checksums-Sha256:
 ac52c1f9d50ac1cb6604f552ca1655ea45cdc0a67bbcf95ca3cf02a442872db9 3296142 apache2-bin-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 795d416162413af32e28fe7dbf8dadc2f2385179430a5d238119d93122ce8675 1180270 apache2-bin_2.4.48-3.1ubuntu3.5_armhf.deb
 4d4e52fd0bf67c588d53c17506df4b6c6eb80a55ee239ba5d2e2652d849632c6 187904 apache2-dev_2.4.48-3.1ubuntu3.5_armhf.deb
 b2a90f8bff210f25fa43457ef214b081c29818fc0712bc93bb1b5d3513de52ef 2980 apache2-ssl-dev_2.4.48-3.1ubuntu3.5_armhf.deb
 1b7a99580556d1ac4a41b48c0a352281a3c30bf21965eeebd61a868e337a350a 12484 apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 1b35270d1f51f6dcefa6a3fa9a8888f0ba02a67eab92ab698a0f30fefd0d9b3f 15506 apache2-suexec-custom_2.4.48-3.1ubuntu3.5_armhf.deb
 285c647dbe875d50bdd548e5f50d1169b0d06b0ecca5f4b9013874e41c121ca5 11148 apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 bbe21a62acd7aeb784dab77c9112ab8e51a636ef3ac65d8aabd005ade364f4fb 14014 apache2-suexec-pristine_2.4.48-3.1ubuntu3.5_armhf.deb
 5967fcd29b345611cdecc3e507835a8f5b0d604cba1084596793a27a50c64cd6 119544 apache2-utils-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 c84dfd9c3f223d3eabe791afda74336eefd4b27e69f29b7e613034e96cafa414 90532 apache2-utils_2.4.48-3.1ubuntu3.5_armhf.deb
 1e8865214710d320c54416c84a6920f6c7545d8bab7f955fc479ecc62134b1bb 11850 apache2_2.4.48-3.1ubuntu3.5_armhf.buildinfo
 b5e1f5bb908c95778ddacb517a8376f59e186ced39bfbc285a60deb6bd4adb4d 97852 apache2_2.4.48-3.1ubuntu3.5_armhf.deb
 715e1c23e81c686e23fa96d3431bb9ea7e02722bf0b7196ede928fba6c3a6c38 804 libapache2-mod-md_2.4.48-3.1ubuntu3.5_armhf.deb
 8298f08ff95f072b402b348b925c9924dbdfe1004fe8aeaf07c21f583414e174 986 libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.5_armhf.deb
Files:
 7fb35ee5027c62bbd5f6dfc21a7f4fc2 3296142 debug optional apache2-bin-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 f5ce479f2fd512b80df1323156fbb0d1 1180270 httpd optional apache2-bin_2.4.48-3.1ubuntu3.5_armhf.deb
 422f3ac7888e697ee7d2464a52fe1967 187904 httpd optional apache2-dev_2.4.48-3.1ubuntu3.5_armhf.deb
 65d77911d00b8456c8726680b2659207 2980 httpd optional apache2-ssl-dev_2.4.48-3.1ubuntu3.5_armhf.deb
 987f7a589f97d2b713a74bd1db4b2ca1 12484 debug optional apache2-suexec-custom-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 0779fdb234c9630a0c480ead11c26e22 15506 httpd optional apache2-suexec-custom_2.4.48-3.1ubuntu3.5_armhf.deb
 8efc23366d7d6be8cb6a972426b8ec39 11148 debug optional apache2-suexec-pristine-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 0671e5da3b2e936d7bf7a388b4bead8e 14014 httpd optional apache2-suexec-pristine_2.4.48-3.1ubuntu3.5_armhf.deb
 84c2f3df05a83dd4f4411302b38f9e73 119544 debug optional apache2-utils-dbgsym_2.4.48-3.1ubuntu3.5_armhf.ddeb
 17aa7636d26fabce3922f6eb073185a1 90532 httpd optional apache2-utils_2.4.48-3.1ubuntu3.5_armhf.deb
 2960858c1ad91f57fed1b5f109b4975b 11850 httpd optional apache2_2.4.48-3.1ubuntu3.5_armhf.buildinfo
 2441b128c53db55491f63cb27a6d6550 97852 httpd optional apache2_2.4.48-3.1ubuntu3.5_armhf.deb
 9131103232f4655079a4d171d9b85d8b 804 oldlibs optional libapache2-mod-md_2.4.48-3.1ubuntu3.5_armhf.deb
 b3f8624bdb7079b57feaeb453a1d16ce 986 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.48-3.1ubuntu3.5_armhf.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>