Publishing details
Changelog
apache2 (2.4.29-1ubuntu4.27) bionic-security; urgency=medium
* SECURITY UPDATE: HTTP request splitting with mod_rewrite and mod_proxy
- debian/patches/CVE-2023-25690-1.patch: don't forward invalid query
strings in modules/http2/mod_proxy_http2.c,
modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy_ajp.c,
modules/proxy/mod_proxy_balancer.c, modules/proxy/mod_proxy_http.c,
modules/proxy/mod_proxy_wstunnel.c.
- debian/patches/CVE-2023-25690-2.patch: Fix missing APLOGNO in
modules/http2/mod_proxy_http2.c.
- CVE-2023-25690
-- Marc Deslauriers <email address hidden> Wed, 08 Mar 2023 12:34:33 -0500
Builds
Built packages
-
apache2
Apache HTTP Server
-
apache2-bin
Apache HTTP Server (modules and other binary files)
-
apache2-data
Apache HTTP Server (common files)
-
apache2-dbg
Apache debugging symbols
-
apache2-dev
Apache HTTP Server (development headers)
-
apache2-doc
Apache HTTP Server (on-site documentation)
-
apache2-ssl-dev
Apache HTTP Server (mod_ssl development headers)
-
apache2-suexec-custom
Apache HTTP Server configurable suexec program for mod_suexec
-
apache2-suexec-pristine
Apache HTTP Server standard suexec program for mod_suexec
-
apache2-utils
Apache HTTP Server (utility programs for web servers)
Package files