Format: 1.8
Date: Tue, 14 Jun 2022 09:30:21 -0300
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Built-For-Profiles: noudeb
Architecture: i386
Version: 2.4.52-1ubuntu4.1
Distribution: jammy
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-108.buildd>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.52-1ubuntu4.1) jammy-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP Request Smuggling
     - debian/patches/CVE-2022-26377.patch: changing
       precedence between T-E and C-L in modules/proxy/mod_proxy_ajp.c.
     - CVE-2022-26377
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28614.patch: handle large
       writes in ap_rputs.
       in server/util.c.
     - CVE-2022-28614
   * SECURITY UPDATE: Read beyond bounds
     - debian/patches/CVE-2022-28615.patch: fix types
       in server/util.c.
     - CVE-2022-28615
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-29404.patch: cast first
       in modules/lua/lua_request.c.
     - CVE-2022-29404
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2022-30522.patch: limit mod_sed
       memory use in modules/filters/mod_sec.c,
       modules/filters/sed1.c.
     - CVE-2022-30522
   * SECURITY UPDATE: Returning point past of the buffer
     - debian/patches/CVE-2022-30556.patch: use filters consitently
       in modules/lua/lua_request.c.
     - CVE-2022-30556
   * SECURITY UPDATE: Bypass IP authentication
     - debian/patches/CVE-2022-31813.patch: to clear
       hop-by-hop first and fixup last in modules/proxy/proxy_util.c.
     - CVE-2022-31813
Checksums-Sha1:
 573132070d65a11255556494704a136eb11cbe66 3233328 apache2-bin-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 9e13da6aa38b0fa110f269badb587485a1101a25 1429938 apache2-bin_2.4.52-1ubuntu4.1_i386.deb
 aa8f423e3019e3dc006fbd1c5712210e789e1c0e 190522 apache2-dev_2.4.52-1ubuntu4.1_i386.deb
 4bad90a6612742f6d4d8d7f92e5b79619100f10a 2978 apache2-ssl-dev_2.4.52-1ubuntu4.1_i386.deb
 85128d60142417a77b26ba99a90030641452e3a8 11542 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 d7efa2c9d358a542ffd19bbf8b669fbd93315c37 16362 apache2-suexec-custom_2.4.52-1ubuntu4.1_i386.deb
 45b68042f983ac9235ba388fd3b5fe0b795a1d46 10260 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 a2e6bdb3e29ef54e42ce1609043a6c6802eb911b 14770 apache2-suexec-pristine_2.4.52-1ubuntu4.1_i386.deb
 e31f980e2bef49f9b9e97d7f34eddb9880c79f95 109422 apache2-utils-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 9fa10ebb21d16ba7fbe32e6ecf81bc76c2a350e1 93148 apache2-utils_2.4.52-1ubuntu4.1_i386.deb
 a597d972eaa55985cd94e007fc9678e995d057e7 11579 apache2_2.4.52-1ubuntu4.1_i386.buildinfo
 9128b7f999fac62a85332f2fbec77dcb1b9dd8e7 97832 apache2_2.4.52-1ubuntu4.1_i386.deb
 45466236f999fa95e1dd760fef186fe22aac63c7 802 libapache2-mod-md_2.4.52-1ubuntu4.1_i386.deb
 40351c26a40e0047588965bd12ce4b9fe5450cbf 982 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.1_i386.deb
Checksums-Sha256:
 7e472855830407953f070272cb7b025687d8730b0c70f87c00437794ede7bc28 3233328 apache2-bin-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 08f8f5fb4a369fdae822928fb1b6afda814d1cff8159960afdd6ff332ac39a1e 1429938 apache2-bin_2.4.52-1ubuntu4.1_i386.deb
 b55ce3082463a022f4db1a6a01885bc1ee7edea0bc576e67479f6e84c07ea782 190522 apache2-dev_2.4.52-1ubuntu4.1_i386.deb
 32821703fc41792db2aa32df4572f840f7e10f7f277d6db95ecfa71bac0e34cd 2978 apache2-ssl-dev_2.4.52-1ubuntu4.1_i386.deb
 9c894804076081ab00f025f8f11bcf15b4f9ad9397a323d337545027584086fb 11542 apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 c7e17991640796103fbc9c510f4ba1c443ebb8bdf5347616f01e0a89063ba506 16362 apache2-suexec-custom_2.4.52-1ubuntu4.1_i386.deb
 fb23cd3f11402f364131b49ae8abec28274a22f9f86a7fa324b790f5bfb17321 10260 apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 3ca6b1209352edaa43903095c62a61e6486529f47ee16d4e028027fa359e6b88 14770 apache2-suexec-pristine_2.4.52-1ubuntu4.1_i386.deb
 11ad88175944b381b90c25d400bd3afbc5973b6e4bee088604634d9e25fec869 109422 apache2-utils-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 0d8a3c7082470c8bf73edae6eda6f5f07f4d387fa35bd3177866b0dca52f0c72 93148 apache2-utils_2.4.52-1ubuntu4.1_i386.deb
 9ee23d52488978808eb7179100c05baccb0a9b710d1ddff2509d871dba95cc26 11579 apache2_2.4.52-1ubuntu4.1_i386.buildinfo
 211ecc1aff0bdaf9d00f8c294eb19e2b19d14b2349a15f7bda491abe270ec5d6 97832 apache2_2.4.52-1ubuntu4.1_i386.deb
 0e2059254a0dd175be6802bb2ef1a511dc0d954539f8648e1fc44ea769ec8621 802 libapache2-mod-md_2.4.52-1ubuntu4.1_i386.deb
 b149e21a699a632f5b8e4a66412682544e6abdbbe588ef22eac083d3a3246d50 982 libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.1_i386.deb
Files:
 3f72db28a2c28abfa27a1b301c9c4359 3233328 debug optional apache2-bin-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 6b811da764f123860389267d0fe77b1f 1429938 httpd optional apache2-bin_2.4.52-1ubuntu4.1_i386.deb
 6daaf20ef2247ed214ad13ca09c15d10 190522 httpd optional apache2-dev_2.4.52-1ubuntu4.1_i386.deb
 7ee453795b928a6181622ecc14bc0a32 2978 httpd optional apache2-ssl-dev_2.4.52-1ubuntu4.1_i386.deb
 7fb4880a0bdb5f68416b59413b818a65 11542 debug optional apache2-suexec-custom-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 f2961cf23ca2d7895041a72b564f7c39 16362 httpd optional apache2-suexec-custom_2.4.52-1ubuntu4.1_i386.deb
 cb9c495b3331859ca200f3ce79898be6 10260 debug optional apache2-suexec-pristine-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 cfc893e4107fad3738107c49c91e2f69 14770 httpd optional apache2-suexec-pristine_2.4.52-1ubuntu4.1_i386.deb
 30bc426f3b06cb372b7a5faf55d5f24a 109422 debug optional apache2-utils-dbgsym_2.4.52-1ubuntu4.1_i386.ddeb
 3644baa3111e6799d0c9f5441272c5d1 93148 httpd optional apache2-utils_2.4.52-1ubuntu4.1_i386.deb
 019b74df31b51f04187808be357e3648 11579 httpd optional apache2_2.4.52-1ubuntu4.1_i386.buildinfo
 c96a6feb3e5130fa02346507bdc4f75e 97832 httpd optional apache2_2.4.52-1ubuntu4.1_i386.deb
 82f510019d3846db27e4812b2f9b9e9c 802 oldlibs optional libapache2-mod-md_2.4.52-1ubuntu4.1_i386.deb
 db77e230aab5743d48805d79cdd33d10 982 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.52-1ubuntu4.1_i386.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>