Format: 1.8 Date: Thu, 18 Apr 2024 11:13:41 -0400 Source: apache2 Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi Built-For-Profiles: noudeb Architecture: armhf Version: 2.4.58-1ubuntu8.1 Distribution: noble Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: apache2 - Apache HTTP Server apache2-bin - Apache HTTP Server (modules and other binary files) apache2-dev - Apache HTTP Server (development headers) apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers) apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) libapache2-mod-md - transitional package libapache2-mod-proxy-uwsgi - transitional package Changes: apache2 (2.4.58-1ubuntu8.1) noble-security; urgency=medium . * SECURITY UPDATE: HTTP response splitting - debian/patches/CVE-2023-38709.patch: header validation after content-* are eval'ed in modules/http/http_filters.c. - CVE-2023-38709 * SECURITY UPDATE: HTTP Response Splitting in multiple modules - debian/patches/CVE-2024-24795.patch: let httpd handle CL/TE for non-http handlers in include/util_script.h, modules/aaa/mod_authnz_fcgi.c, modules/generators/mod_cgi.c, modules/generators/mod_cgid.c, modules/http/http_filters.c, modules/proxy/ajp_header.c, modules/proxy/mod_proxy_fcgi.c, modules/proxy/mod_proxy_scgi.c, modules/proxy/mod_proxy_uwsgi.c. - CVE-2024-24795 * SECURITY UPDATE: HTTP/2 DoS by memory exhaustion on endless continuation frames - debian/patches/CVE-2024-27316.patch: bail after too many failed reads in modules/http2/h2_session.c, modules/http2/h2_stream.c, modules/http2/h2_stream.h. - CVE-2024-27316 Checksums-Sha1: eb79215e9018bb3143ee9b3d129510c0cd974e2d 3265530 apache2-bin-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb bd982675d05c360296f38f7e454fce77d9c2134f 1202630 apache2-bin_2.4.58-1ubuntu8.1_armhf.deb 9c11fc92f94aa623f84868003abe107113f8413e 199238 apache2-dev_2.4.58-1ubuntu8.1_armhf.deb 344f6746e9bcc74c0b4d2072bc10bed6d707c7ea 2984 apache2-ssl-dev_2.4.58-1ubuntu8.1_armhf.deb ae586d555d95245e40f2d5f625409ab147124a82 12146 apache2-suexec-custom-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb ce41487941efe962e8c57036b4291ca0a97aa6ea 15326 apache2-suexec-custom_2.4.58-1ubuntu8.1_armhf.deb 3ce30d80b42a547aadfb292849774312db947566 10954 apache2-suexec-pristine-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb ed050dff1de7a9ef0864c93784484ec64969257c 13758 apache2-suexec-pristine_2.4.58-1ubuntu8.1_armhf.deb 8ca115d03a0a49480cd492d0f3f4b84bde11e5fb 118500 apache2-utils-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 390ab01adbec7b6c885f099a397f8929b5da4122 97266 apache2-utils_2.4.58-1ubuntu8.1_armhf.deb 2099138640ca3acc1ab22776e1aae7199f382b4f 11985 apache2_2.4.58-1ubuntu8.1_armhf.buildinfo 07127a5d499b8f4f0e24cdcf9c07c9b3df52c820 90238 apache2_2.4.58-1ubuntu8.1_armhf.deb a7483a8d4d237dcd0c32d4afdcdaf6fd7f94ab0e 800 libapache2-mod-md_2.4.58-1ubuntu8.1_armhf.deb b5091ba73ea1e59466c704d5b97b98c7bd4690ee 986 libapache2-mod-proxy-uwsgi_2.4.58-1ubuntu8.1_armhf.deb Checksums-Sha256: 233c4d15c704c1820f6a6d2fb8b45bd6ad597a2448555b8c1415744692b56390 3265530 apache2-bin-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 50f6f73617db23c78d6e22bcb0da963471aeebbd0e26b4b69a86738ea5aa38b4 1202630 apache2-bin_2.4.58-1ubuntu8.1_armhf.deb 567ac5a5212c9201d726612074fb7e208ce4d61d73cfd2dcb08e3fbec5bbb0f8 199238 apache2-dev_2.4.58-1ubuntu8.1_armhf.deb 4c16727bdf1217c8ea55600fd27ff450a86786225b0c84cb7c77951155fd8b28 2984 apache2-ssl-dev_2.4.58-1ubuntu8.1_armhf.deb 9e6d1e0a7f049007a2ee653f7ea692ead1b4c0713fe224f6156ce112973f1780 12146 apache2-suexec-custom-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb e9f24b8bfdfb79b081ecc5d796ca6c335af07a3653acc57cf11290079fefaeaa 15326 apache2-suexec-custom_2.4.58-1ubuntu8.1_armhf.deb bed717301f3dd509e89e6044b7bd396547e56849b386766fbde38cbfe4c64b7f 10954 apache2-suexec-pristine-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 836f2009dbe700e08d6394f2e85fb913504ab4488f8cba2d20cca4d4d2b3a64b 13758 apache2-suexec-pristine_2.4.58-1ubuntu8.1_armhf.deb ce2a8b093cc1656f194684485ec11f2887ae27d968b61e0915207eca28a8d041 118500 apache2-utils-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 3d542cc17110019d5b34eb582be120d579dd315f0d4f61de928d4f776ad41bb1 97266 apache2-utils_2.4.58-1ubuntu8.1_armhf.deb 93eebb1e185bf5b844840b8c440ef958bc99c94b9ee123136536ccd6e3993235 11985 apache2_2.4.58-1ubuntu8.1_armhf.buildinfo e365c332309b54981a00d1d5256097f673d119018f5abde0e167d93653bae32a 90238 apache2_2.4.58-1ubuntu8.1_armhf.deb e23b4f97cc492b2c8a4f6be8dd81b2f838eb5976051ad508d789c51d00b0a7ad 800 libapache2-mod-md_2.4.58-1ubuntu8.1_armhf.deb 188623cf966119c4c8902144ceb554f319ac681ed40d45e19c7562d65dc30280 986 libapache2-mod-proxy-uwsgi_2.4.58-1ubuntu8.1_armhf.deb Files: 7a60163220e8f6a3fa41ab4c87b672e0 3265530 debug optional apache2-bin-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 2e54544ab4bb584e928aef3e76f6a86b 1202630 httpd optional apache2-bin_2.4.58-1ubuntu8.1_armhf.deb 259b2201ee15eb45dd65896e06238429 199238 httpd optional apache2-dev_2.4.58-1ubuntu8.1_armhf.deb e0c26a564119ea1cb3b9b864e1a2e024 2984 httpd optional apache2-ssl-dev_2.4.58-1ubuntu8.1_armhf.deb a391d359e446daef3858eec2e367916a 12146 debug optional apache2-suexec-custom-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 25963f25eb4ac05015cf81d096bc0ecf 15326 httpd optional apache2-suexec-custom_2.4.58-1ubuntu8.1_armhf.deb 463267ad301e2c5060423f70b75f1ed4 10954 debug optional apache2-suexec-pristine-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 5b8d918e15f3de7bae94c8391248fd72 13758 httpd optional apache2-suexec-pristine_2.4.58-1ubuntu8.1_armhf.deb 93a85c98f625a260976eb8caf35e7b3d 118500 debug optional apache2-utils-dbgsym_2.4.58-1ubuntu8.1_armhf.ddeb 349b238d7a6aef2c7642cc8f76e42129 97266 httpd optional apache2-utils_2.4.58-1ubuntu8.1_armhf.deb 9aaea9557679b957cc2ab315f29f28fb 11985 httpd optional apache2_2.4.58-1ubuntu8.1_armhf.buildinfo 32132c57f4bd1966885d269405ca45ad 90238 httpd optional apache2_2.4.58-1ubuntu8.1_armhf.deb 637383f7131c3fd6a45f1ac754d61dd4 800 oldlibs optional libapache2-mod-md_2.4.58-1ubuntu8.1_armhf.deb 3f0523f06c033c5c52b81299b79aa32b 986 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.58-1ubuntu8.1_armhf.deb Original-Maintainer: Debian Apache Maintainers