Format: 1.8
Date: Tue, 14 Jun 2022 09:30:21 -0300
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Built-For-Profiles: noudeb
Architecture: arm64
Version: 2.4.52-1ubuntu4.1
Distribution: jammy
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-016.buildd>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.52-1ubuntu4.1) jammy-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP Request Smuggling
     - debian/patches/CVE-2022-26377.patch: changing
       precedence between T-E and C-L in modules/proxy/mod_proxy_ajp.c.
     - CVE-2022-26377
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28614.patch: handle large
       writes in ap_rputs.
       in server/util.c.
     - CVE-2022-28614
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28615.patch: fix types
       in server/util.c.
     - CVE-2022-28615
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-29404.patch: cast first
       in modules/lua/lua_request.c.
     - CVE-2022-29404
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-30522.patch: limit mod_sed
       memory use in modules/filters/mod_sec.c,
       modules/filters/sed1.c.
     - CVE-2022-30522
   * SECURITY UPDATE: Returning point past of the buffer
     - debian/patches/CVE-2022-30556.patch: use filters consitently
       in modules/lua/lua_request.c.
     - CVE-2022-30556
   * SECURITY UPDATE: Bypass IP authentication
     - debian/patches/CVE-2022-31813.patch: to clear
       hop-by-hop first and fixup last in modules/proxy/proxy_util.c.
     - CVE-2022-31813
Checksums-Sha1:
 e69c8b338be01b06665cac04e5eed1ee089a9915 3926680 apache2-bin-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 9a4d8ff894a7bb1bf3cf3b6782a06a640fbcd35a 1299664 apache2-bin_2.4.52-1ubuntu4.1_arm64.deb
 6f383a12df34e1955d2bc071ba77a91f1ffdd3db 190534 apache2-dev_2.4.52-1ubuntu4.1_arm64.deb
 b48ff0079816a11d0795253d5d03c9ea1bf5a7f3 2980 apache2-ssl-dev_2.4.52-1ubuntu4.1_arm64.deb
 ed56d0e1f2d50866f20a59085dabe893e857488a 12850 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 e4ff09159f816021a5bb3469161ce6d3ac3cde95 16132 apache2-suexec-custom_2.4.52-1ubuntu4.1_arm64.deb
 98aa5caa4ac836f97c12a5849955e77084a6ee7c 11564 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 7cf504d00683efd29c4f4e443908801ddcfae502 14612 apache2-suexec-pristine_2.4.52-1ubuntu4.1_arm64.deb
 3d1e9b8fc362cd8f07acade21dfc5df3a5adcc04 120862 apache2-utils-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 133a4064c80fb09823af34fd61f112272c142bbb 87750 apache2-utils_2.4.52-1ubuntu4.1_arm64.deb
 203c16c9e4d060d3831896d6c9e91bea8f6fd423 11689 apache2_2.4.52-1ubuntu4.1_arm64.buildinfo
 f64ff4bc637dc2ebb2d5ec5bb510b0a14278d648 97832 apache2_2.4.52-1ubuntu4.1_arm64.deb
 60ac2af5689d15106eb995f70d91cb65a0ac9929 802 libapache2-mod-md_2.4.52-1ubuntu4.1_arm64.deb
 7965d239b02b55290b47b9886780266ad82fd00c 982 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.1_arm64.deb
Checksums-Sha256:
 a9b9f8e3aa6ca477f85e29c77eb4b7f2b7c24dc985968c34b2caaf656159be19 3926680 apache2-bin-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 58dc5a457283f0576040736e1dca830939fd896a7192f296c537430c405e9e6f 1299664 apache2-bin_2.4.52-1ubuntu4.1_arm64.deb
 e687650b551ba25c3940f5be8f1ee77ca19b27315cd7dd2fd3b9a4fddc62b4ae 190534 apache2-dev_2.4.52-1ubuntu4.1_arm64.deb
 86d86a80b57c36e9420c9e7f55a6f3c6d9c4629a633f81ec16de24f2d156e4a0 2980 apache2-ssl-dev_2.4.52-1ubuntu4.1_arm64.deb
 61cb11881c88ea095a38efbfc0b33ea132541e891391564f5436565f1f4dc5ef 12850 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 0986a8da3a909ee4d8042f971d7ae4a21f5643257278525da53d300cb3063208 16132 apache2-suexec-custom_2.4.52-1ubuntu4.1_arm64.deb
 49b74165795a3eb6b764c887cec1c35ab26d6d011a5d93cbedce6975541977bc 11564 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 da7ee4ea63c4e0c319bb0ee5e767d6238dbf3bf61854e96bba764e17934d0cfc 14612 apache2-suexec-pristine_2.4.52-1ubuntu4.1_arm64.deb
 ff82af48663dcf6806a2f2bfb122771d2ad7714284715173b71eaf1d08e09a90 120862 apache2-utils-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 84215ea0e05c5ee07b2127901536785ffa0b6c936b95a2104e0839880765b933 87750 apache2-utils_2.4.52-1ubuntu4.1_arm64.deb
 b2d71e041b16add51d37c602dded9475e935708e383d679118272b68dc4d91ec 11689 apache2_2.4.52-1ubuntu4.1_arm64.buildinfo
 ddff98691f693763fcdcdb9b9200432a9849174eb86397af26953be6de10e784 97832 apache2_2.4.52-1ubuntu4.1_arm64.deb
 dee1af4ed565cc4fecce1693090e60f14e95c2e6123cb4932335200fe838d09d 802 libapache2-mod-md_2.4.52-1ubuntu4.1_arm64.deb
 97608c4fb46befbd6841fec99d9afba1be4abbb73cb478af150b14a49d09363f 982 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.1_arm64.deb
Files:
 1759559f8ada95057b97ffc96168f5bd 3926680 debug optional apache2-bin-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 9389c3b749afe87dc0ce5c52d7d415c6 1299664 httpd optional apache2-bin_2.4.52-1ubuntu4.1_arm64.deb
 b5c1865857d1c74eb5f7ba05b68b77c1 190534 httpd optional apache2-dev_2.4.52-1ubuntu4.1_arm64.deb
 2d5be2da17bcb27823fa0d749f538e36 2980 httpd optional apache2-ssl-dev_2.4.52-1ubuntu4.1_arm64.deb
 4f9f2664e4397d8ab20789411d93c0ea 12850 debug optional apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 23155a5dabaa6ad923f206256d3d5f2d 16132 httpd optional apache2-suexec-custom_2.4.52-1ubuntu4.1_arm64.deb
 c291ce2ee859f7432ad047f572725272 11564 debug optional apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 d18dce06043aa6cef15a1366dce80ae9 14612 httpd optional apache2-suexec-pristine_2.4.52-1ubuntu4.1_arm64.deb
 e32b53fa3d078996e3d898756aae7c7c 120862 debug optional apache2-utils-dbgsym_2.4.52-1ubuntu4.1_arm64.ddeb
 5617c0605f969a714ca1a0caa8bd000b 87750 httpd optional apache2-utils_2.4.52-1ubuntu4.1_arm64.deb
 a17cd26e510f9e3fd321c7b600d69fe6 11689 httpd optional apache2_2.4.52-1ubuntu4.1_arm64.buildinfo
 9ef658e9f69828f0fd48c92b780ef5e9 97832 httpd optional apache2_2.4.52-1ubuntu4.1_arm64.deb
 daac962f790e3701b9f2d5d810c8f5f3 802 oldlibs optional libapache2-mod-md_2.4.52-1ubuntu4.1_arm64.deb
 4669e22d8ac29d7d56a7c7576445183f 982 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.1_arm64.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>