[USN-4307-1] Apache HTTP Server update
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Mar 18 14:51:44 UTC 2020
==========================================================================
Ubuntu Security Notice USN-4307-1
March 18, 2020
apache2 update
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
TLSv1.3 support has been enabled in Apache HTTP Server in Ubuntu 18.04 LTS.
Software Description:
- apache2: Apache HTTP server
Details:
As a security improvement, this update adds TLSv1.3 support to the Apache
HTTP Server package in Ubuntu 18.04 LTS.
TLSv1.3 is enabled by default, and in certain environments may cause
compatibility issues. The SSLProtocol directive may be used to disable
TLSv1.3 in these problematic environments.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
apache2-bin 2.4.29-1ubuntu4.13
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4307-1
https://launchpad.net/bugs/1845263
Package Information:
https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.13
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20200318/5ecb5e1f/attachment.sig>
More information about the ubuntu-security-announce
mailing list