Format: 1.8
Date: Thu, 18 Apr 2024 11:13:41 -0400
Source: apache2
Binary: apache2 apache2-bin apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi
Built-For-Profiles: noudeb
Architecture: riscv64
Version: 2.4.58-1ubuntu8.1
Distribution: noble
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos03-riscv64-022.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.58-1ubuntu8.1) noble-security; urgency=medium
 .
   * SECURITY UPDATE: HTTP response splitting
     - debian/patches/CVE-2023-38709.patch: header validation after
       content-* are eval'ed in modules/http/http_filters.c.
     - CVE-2023-38709
   * SECURITY UPDATE: HTTP Response Splitting in multiple modules
     - debian/patches/CVE-2024-24795.patch: let httpd handle CL/TE for
       non-http handlers in include/util_script.h,
       modules/aaa/mod_authnz_fcgi.c, modules/generators/mod_cgi.c,
       modules/generators/mod_cgid.c, modules/http/http_filters.c,
       modules/proxy/ajp_header.c, modules/proxy/mod_proxy_fcgi.c,
       modules/proxy/mod_proxy_scgi.c, modules/proxy/mod_proxy_uwsgi.c.
     - CVE-2024-24795
   * SECURITY UPDATE: HTTP/2 DoS by memory exhaustion on endless
     continuation frames
     - debian/patches/CVE-2024-27316.patch: bail after too many failed reads
       in modules/http2/h2_session.c, modules/http2/h2_stream.c,
       modules/http2/h2_stream.h.
     - CVE-2024-27316
Checksums-Sha1:
 3421c3e123045af1bce84ea132bfca5b84846568 3195312 apache2-bin-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 5af01aa3c0830d3e77a9a48aafa6c600bc76a05a 1352498 apache2-bin_2.4.58-1ubuntu8.1_riscv64.deb
 4c0374dd7080f713452f4f8e02981ede4e6a064b 199196 apache2-dev_2.4.58-1ubuntu8.1_riscv64.deb
 311ca5507b813edd7d56e91b861d679e5da43320 2984 apache2-ssl-dev_2.4.58-1ubuntu8.1_riscv64.deb
 63464ebd7d563f2597606bafaf7771332cc2ee2a 12432 apache2-suexec-custom-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 2cc094ac0ff149d57f31cf1ecf3c88470a2b091f 15716 apache2-suexec-custom_2.4.58-1ubuntu8.1_riscv64.deb
 6bb5d40ea519d8a4c27d06b9cb5a8726ae4ce162 11162 apache2-suexec-pristine-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 5337d0fabd4e7aa6ef031a7ad9402eb27d0de56f 14074 apache2-suexec-pristine_2.4.58-1ubuntu8.1_riscv64.deb
 1aa927b4ee534070823236f20958bf9ff55b5105 114680 apache2-utils-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 742b5b5ca54d41a0c82eb787e7077d1e71663654 95918 apache2-utils_2.4.58-1ubuntu8.1_riscv64.deb
 bad195ffacc7dedf9a226b0d1855c1d2d16c9964 12050 apache2_2.4.58-1ubuntu8.1_riscv64.buildinfo
 d38bcdae574ad237dee59fe4ee9221709b78a568 90242 apache2_2.4.58-1ubuntu8.1_riscv64.deb
 edb25e33387625ca8c4c2b3d3b69e67c6de157f1 800 libapache2-mod-md_2.4.58-1ubuntu8.1_riscv64.deb
 fa8056ad0ab86495496a873871dadf6c5eea672d 998 libapache2-mod-proxy-uwsgi_2.4.58-1ubuntu8.1_riscv64.deb
Checksums-Sha256:
 d3ea6f0ab128c26a09af303197e797976a92fa8f0ce48bd2abca0a4c7b87a033 3195312 apache2-bin-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 3f268dc3cb1168d00f6b66e16abd70e7161cc600aaa172884de6f9232afe6864 1352498 apache2-bin_2.4.58-1ubuntu8.1_riscv64.deb
 ada965b4bb0f43451d72a4d7c0b9674391c80b69f88341a3af3a60e3e2b5d991 199196 apache2-dev_2.4.58-1ubuntu8.1_riscv64.deb
 6b24be416ddbd3d973062b67099f68e3df4371442171697a4501543e2f92e778 2984 apache2-ssl-dev_2.4.58-1ubuntu8.1_riscv64.deb
 5f8f2c1a90e04c1b66f3ca3f2975ad838bd32338a7d77bb29355a914d42e4b10 12432 apache2-suexec-custom-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 aa0f8052578245d5ff893c27e3e1f74b9244f08af27e27764340567c561dfa19 15716 apache2-suexec-custom_2.4.58-1ubuntu8.1_riscv64.deb
 803f7752d9737ba3370cdc34edaff1037c316a5ef26340d44f07a79c9576d12c 11162 apache2-suexec-pristine-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 8149e521ba939516cf26e90d06097dc14f05b823949e6fce7ad878256fed7e09 14074 apache2-suexec-pristine_2.4.58-1ubuntu8.1_riscv64.deb
 c64dee9fb80486c153ef3badf2cc21d3b9f18fc034b3a4ec6e90595c0d669b27 114680 apache2-utils-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 53e4b775086a75c495de55cdc739fc40e87287b111dfbdd9033013300676fad3 95918 apache2-utils_2.4.58-1ubuntu8.1_riscv64.deb
 44f0e33f6c38e1fc89ec90f0d255b638a43233ca70d0af3325cbc86768d61ce2 12050 apache2_2.4.58-1ubuntu8.1_riscv64.buildinfo
 535079ccad0c1cc539b683dee636acc59a0671ba3cbea4477481668a29a6c703 90242 apache2_2.4.58-1ubuntu8.1_riscv64.deb
 be8be238a46a5de8597c639da15446f987e21f0558152a0c4362ed6a99a6be2e 800 libapache2-mod-md_2.4.58-1ubuntu8.1_riscv64.deb
 d929e9a93eba3d9519a265f4db4dc2424b87aa93a1edfd043817b8aa44432bff 998 libapache2-mod-proxy-uwsgi_2.4.58-1ubuntu8.1_riscv64.deb
Files:
 0bd19cd32764ff61863bc3d3d1c2bb62 3195312 debug optional apache2-bin-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 c50604d0bf62dbc360b066effd27fcce 1352498 httpd optional apache2-bin_2.4.58-1ubuntu8.1_riscv64.deb
 2800399beb603fc06efcc1ecc402e4dd 199196 httpd optional apache2-dev_2.4.58-1ubuntu8.1_riscv64.deb
 f64f4a007b411b43671fcc6a79b9925d 2984 httpd optional apache2-ssl-dev_2.4.58-1ubuntu8.1_riscv64.deb
 44c6c4e4a616b828607dd444914f79c8 12432 debug optional apache2-suexec-custom-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 c66389bff0383384d9316b2c7be454a8 15716 httpd optional apache2-suexec-custom_2.4.58-1ubuntu8.1_riscv64.deb
 c0f52a99588d62c474af884d1aa32b10 11162 debug optional apache2-suexec-pristine-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 1496817c2fe78d76a7462b11767a2bf9 14074 httpd optional apache2-suexec-pristine_2.4.58-1ubuntu8.1_riscv64.deb
 ce2974f181de30bb4a9d0ac000c8dc88 114680 debug optional apache2-utils-dbgsym_2.4.58-1ubuntu8.1_riscv64.ddeb
 36acfde4250bab327601a32df15f2ca0 95918 httpd optional apache2-utils_2.4.58-1ubuntu8.1_riscv64.deb
 b4b5a88a42c0f66a235eb6ec2669c85f 12050 httpd optional apache2_2.4.58-1ubuntu8.1_riscv64.buildinfo
 319859b5f9da880f73a4a74093a71ded 90242 httpd optional apache2_2.4.58-1ubuntu8.1_riscv64.deb
 1072971f3de514a492a778fcf8360219 800 oldlibs optional libapache2-mod-md_2.4.58-1ubuntu8.1_riscv64.deb
 889a15cf17a6464291216771ec60ea20 998 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.58-1ubuntu8.1_riscv64.deb
Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>