Format: 1.8
Date: Wed, 08 Mar 2023 12:32:54 -0500
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: arm64
Version: 2.4.41-4ubuntu3.14
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-031.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.41-4ubuntu3.14) focal-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP request splitting with mod_rewrite and mod_proxy
     - debian/patches/CVE-2023-25690-1.patch: don't forward invalid query
       strings in modules/http2/mod_proxy_http2.c,
       modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy_ajp.c,
       modules/proxy/mod_proxy_balancer.c, modules/proxy/mod_proxy_http.c,
       modules/proxy/mod_proxy_wstunnel.c.
     - debian/patches/CVE-2023-25690-2.patch: Fix missing APLOGNO in
       modules/http2/mod_proxy_http2.c.
     - CVE-2023-25690
   * SECURITY UPDATE: mod_proxy_uwsgi HTTP response splitting
     - debian/patches/CVE-2023-27522.patch: stricter backend HTTP response
       parsing/validation in modules/proxy/mod_proxy_uwsgi.c.
     - CVE-2023-27522
Checksums-Sha1:
 a0bbd96975bdaf8132bc608ce85f6f45236d561c 4842584 apache2-bin-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 d3c11577dae4bfdc72f3b41460162b3a1b385430 1076644 apache2-bin_2.4.41-4ubuntu3.14_arm64.deb
 a58058373af2b29ddfd26725e6033e04f8f1d3c5 179528 apache2-dev_2.4.41-4ubuntu3.14_arm64.deb
 bd4da687a7a10eb57433d3826bbef1095bcee051 3152 apache2-ssl-dev_2.4.41-4ubuntu3.14_arm64.deb
 e362e8bfa518686ede0795791510d89b8df516cf 13008 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 e6b91cbd361f54475b4f2ef2df545814b23a1aa6 15204 apache2-suexec-custom_2.4.41-4ubuntu3.14_arm64.deb
 f3a7b4b89efaccddb97538c4ffc958ab30eadee9 11832 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 af1cd9e27a1f67690cbb931c0cabaf07059e6954 13720 apache2-suexec-pristine_2.4.41-4ubuntu3.14_arm64.deb
 de39683898004b3ed12d2ef9f67c1b987d2b8573 140912 apache2-utils-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 d1d9993e61ddeeec5fde8171288efc2c934fc8fd 81288 apache2-utils_2.4.41-4ubuntu3.14_arm64.deb
 f8f3568b7d56ed85bd1410e40f8cef3a0030dc7e 12004 apache2_2.4.41-4ubuntu3.14_arm64.buildinfo
 01c272a02008d35fb5d8ef0d64430c41b19da4f9 95572 apache2_2.4.41-4ubuntu3.14_arm64.deb
 9bcc8717855598a8785526fc8aa707b6ac1ff1fb 988 libapache2-mod-md_2.4.41-4ubuntu3.14_arm64.deb
 3f15676ad2af23d2f94fb5a4430ad9a8c3217896 1180 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_arm64.deb
Checksums-Sha256:
 ae7ee1ff523e557a71265b89b7ea1af7e5893c931cdada4828dd336ee54294e5 4842584 apache2-bin-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 b0efdb4ad55b07e1b0a95d520ae694d4bcd7a09812f2ea6daac53425982e8597 1076644 apache2-bin_2.4.41-4ubuntu3.14_arm64.deb
 0decb93697a1b3ecedb7edad41ee8e249aba829cca36779f368db494230e61c0 179528 apache2-dev_2.4.41-4ubuntu3.14_arm64.deb
 b775a2f93b26e5716d2449748867797c7387818dc758de0f3e58d569c496d998 3152 apache2-ssl-dev_2.4.41-4ubuntu3.14_arm64.deb
 51e35577758a5c1cf3fa664c4c9466d5f776975f315a6a383e375d1b62c79614 13008 apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 e6d5b6453288beb51ba0d85fde8f563463733412c63c7ab49d509a59038bbbc6 15204 apache2-suexec-custom_2.4.41-4ubuntu3.14_arm64.deb
 099a4514d7b682f5f5a54f180143f55980093d85cda07c9ad6ffffa5cfdbb7c6 11832 apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 7de2617caef0badca2f5acb284d5fc85caaaa173ade73d9bff70531939b29aa4 13720 apache2-suexec-pristine_2.4.41-4ubuntu3.14_arm64.deb
 87a70f2e780be3408ec350dbfa097b2410b534009d98c2698f6ad92f54c871ef 140912 apache2-utils-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 1c3f76682f8784d47a117b559d846915a791012e0f81d9ba4a79b0bff450f887 81288 apache2-utils_2.4.41-4ubuntu3.14_arm64.deb
 e4627dc4e67c059ad3d8f49b9c93f6637102e553e51b66d09002c81ddf4864a7 12004 apache2_2.4.41-4ubuntu3.14_arm64.buildinfo
 75b93ec9aaf73b8ac2762c8705f0793bf82cb34c14b83f060dfeb61b123350d6 95572 apache2_2.4.41-4ubuntu3.14_arm64.deb
 5ed886e8643e97172fb9daefd4761f3070d12fa8edd6c5cbb1f33be09c2905f0 988 libapache2-mod-md_2.4.41-4ubuntu3.14_arm64.deb
 c08a956237eceb244917bea4c42cc6a36db5ffa4a71576c9970b29b7a78d01a5 1180 libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_arm64.deb
Files:
 c293ed20184adca4d3ecbca372a969f1 4842584 debug optional apache2-bin-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 0d3d5686ad8983552f563f66fac5f721 1076644 httpd optional apache2-bin_2.4.41-4ubuntu3.14_arm64.deb
 c7dc1d4e528488cddb0a3bfa8ef616fe 179528 httpd optional apache2-dev_2.4.41-4ubuntu3.14_arm64.deb
 5f33826f2386080ce25c8ea9a628bfac 3152 httpd optional apache2-ssl-dev_2.4.41-4ubuntu3.14_arm64.deb
 f0ce73e0332dc699788017a468fd392f 13008 debug optional apache2-suexec-custom-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 309eade6375714fd6ac2f82b55e21d58 15204 httpd optional apache2-suexec-custom_2.4.41-4ubuntu3.14_arm64.deb
 9de501c6d65059e51abf2c4e0d7f23f0 11832 debug optional apache2-suexec-pristine-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 621d585706afbfc3bb58c188f171c9bf 13720 httpd optional apache2-suexec-pristine_2.4.41-4ubuntu3.14_arm64.deb
 b7571c93d6a6adcdc39555eeef4b2ace 140912 debug optional apache2-utils-dbgsym_2.4.41-4ubuntu3.14_arm64.ddeb
 c47b772e71227824243e24acd9302d4c 81288 httpd optional apache2-utils_2.4.41-4ubuntu3.14_arm64.deb
 7eb913f7057e023e4739835d309bce57 12004 httpd optional apache2_2.4.41-4ubuntu3.14_arm64.buildinfo
 916b8d4f5e4bb6d1c6b7aa8f657c773d 95572 httpd optional apache2_2.4.41-4ubuntu3.14_arm64.deb
 76f748277f8d605b8524c772069ac7c8 988 oldlibs optional libapache2-mod-md_2.4.41-4ubuntu3.14_arm64.deb
 d05d781826c82b15e27e85647a46c897 1180 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.14_arm64.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>