[ubuntu/cosmic-proposed] apache2 2.4.34-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Oct 3 16:42:59 UTC 2018 

apache2 (2.4.34-1ubuntu2) cosmic; urgency=medium

  * SECURITY UPDATE: denial of service in HTTP/2 via large SETTINGS frames
    - debian/patches/CVE-2018-11763.patch: rework connection IO event
      handling in modules/http2/h2_session.c, modules/http2/h2_session.h,
      modules/http2/h2_version.h.
    - CVE-2018-11763

Date: Wed, 03 Oct 2018 09:57:22 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/apache2/2.4.34-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 03 Oct 2018 09:57:22 -0400
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg libapache2-mod-proxy-uwsgi
Architecture: source
Version: 2.4.34-1ubuntu2
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.34-1ubuntu2) cosmic; urgency=medium
 .
   * SECURITY UPDATE: denial of service in HTTP/2 via large SETTINGS frames
     - debian/patches/CVE-2018-11763.patch: rework connection IO event
       handling in modules/http2/h2_session.c, modules/http2/h2_session.h,
       modules/http2/h2_version.h.
     - CVE-2018-11763
Checksums-Sha1:
 1bdeb637b223b5d124d827ed78214c2c8c1a80cb 3270 apache2_2.4.34-1ubuntu2.dsc
 41b24d561ff766f4405992604dea3f4f5efb7f3e 807264 apache2_2.4.34-1ubuntu2.debian.tar.xz
 ab00a5df272f3b6bc339f7388ce95d16b57ea4a7 8526 apache2_2.4.34-1ubuntu2_source.buildinfo
Checksums-Sha256:
 40c38b08fb9086d1ad4c8b8d6ec338b07564fa951c3ecca8f5d9b27ef06f04db 3270 apache2_2.4.34-1ubuntu2.dsc
 14b98182e9230c15859b06b4622bfd60aeeb6c2c1604db58918e2cdb4b96fdc3 807264 apache2_2.4.34-1ubuntu2.debian.tar.xz
 d54d71634c22a9d5d3f3f89330cecf75ea6da437fca18ec61cb3ca820a672421 8526 apache2_2.4.34-1ubuntu2_source.buildinfo
Files:
 1d6371a9b1f8a1601f74a5dc836da78d 3270 httpd optional apache2_2.4.34-1ubuntu2.dsc
 760511f13636146947f62a276b5d711a 807264 httpd optional apache2_2.4.34-1ubuntu2.debian.tar.xz
 3549d508c33ee88d2e4dd2ac402be44b 8526 httpd optional apache2_2.4.34-1ubuntu2_source.buildinfo
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>

More information about the Cosmic-changes mailing list