apache2 2.4.27-2ubuntu4.1 source package in Ubuntu
Changelog
apache2 (2.4.27-2ubuntu4.1) artful-security; urgency=medium * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig - debian/patches/CVE-2017-15710.patch: fix language long names detection as short name in modules/aaa/mod_authnz_ldap.c. - CVE-2017-15710 * SECURITY UPDATE: incorrect <FilesMatch> matching - debian/patches/CVE-2017-15715.patch: allow to configure global/default options for regexes, like caseless matching or extended format in include/ap_regex.h, server/core.c, server/util_pcre.c. - CVE-2017-15715 * SECURITY UPDATE: mod_session header manipulation - debian/patches/CVE-2018-1283.patch: strip Session header when SessionEnv is on in modules/session/mod_session.c. - CVE-2018-1283 * SECURITY UPDATE: DoS via specially-crafted request - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL terminated on any error, not only on buffer full in server/protocol.c. - CVE-2018-1301 * SECURITY UPDATE: mod_cache_socache DoS - debian/patches/CVE-2018-1303.patch: fix caching of empty headers up to carriage return in modules/cache/mod_cache_socache.c. - CVE-2018-1303 * SECURITY UPDATE: insecure nonce generation - debian/patches/CVE-2018-1312.patch: actually use the secret when generating nonces in modules/aaa/mod_auth_digest.c. - CVE-2018-1312 -- Marc Deslauriers <email address hidden> Wed, 18 Apr 2018 10:20:05 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Artful
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- httpd
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
apache2_2.4.27.orig.tar.bz2 | 6.2 MiB | 71fcc128238a690515bd8174d5330a5309161ef314a326ae45c7c15ed139c13a |
apache2_2.4.27-2ubuntu4.1.debian.tar.xz | 699.3 KiB | e0d1bf643ca528e8477d1ebaef959974c6f0a32f4a048bade9284d9557e038ad |
apache2_2.4.27-2ubuntu4.1.dsc | 3.0 KiB | 3b8c06f3d60b03604b74f5c58a0cf0b03ba682fc8e3b6d1c7651886cc50d9818 |
Available diffs
Binary packages built by this source
- apache2: No summary available for apache2 in ubuntu artful.
No description available for apache2 in ubuntu artful.
- apache2-bin: No summary available for apache2-bin in ubuntu artful.
No description available for apache2-bin in ubuntu artful.
- apache2-data: No summary available for apache2-data in ubuntu artful.
No description available for apache2-data in ubuntu artful.
- apache2-dbg: No summary available for apache2-dbg in ubuntu artful.
No description available for apache2-dbg in ubuntu artful.
- apache2-dev: No summary available for apache2-dev in ubuntu artful.
No description available for apache2-dev in ubuntu artful.
- apache2-doc: No summary available for apache2-doc in ubuntu artful.
No description available for apache2-doc in ubuntu artful.
- apache2-ssl-dev: No summary available for apache2-ssl-dev in ubuntu artful.
No description available for apache2-ssl-dev in ubuntu artful.
- apache2-suexec-custom: No summary available for apache2-suexec-custom in ubuntu artful.
No description available for apache2-
suexec- custom in ubuntu artful.
- apache2-suexec-pristine: No summary available for apache2-suexec-pristine in ubuntu artful.
No description available for apache2-
suexec- pristine in ubuntu artful.
- apache2-utils: No summary available for apache2-utils in ubuntu artful.
No description available for apache2-utils in ubuntu artful.