[ubuntu/yakkety-proposed] apache2 2.4.18-2ubuntu4 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Jul 18 18:42:17 UTC 2016


apache2 (2.4.18-2ubuntu4) yakkety; urgency=medium

  * SECURITY UPDATE: proxy request header vulnerability (httpoxy)
    - debian/patches/CVE-2016-5387.patch: don't pass through HTTP_PROXY in
      server/util_script.c.
    - CVE-2016-5387

Date: Mon, 18 Jul 2016 14:32:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/apache2/2.4.18-2ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 18 Jul 2016 14:32:02 -0400
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: source
Version: 2.4.18-2ubuntu4
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Changes:
 apache2 (2.4.18-2ubuntu4) yakkety; urgency=medium
 .
   * SECURITY UPDATE: proxy request header vulnerability (httpoxy)
     - debian/patches/CVE-2016-5387.patch: don't pass through HTTP_PROXY in
       server/util_script.c.
     - CVE-2016-5387
Checksums-Sha1:
 8317d81db295e13b68520756508e8b5a963367ec 2824 apache2_2.4.18-2ubuntu4.dsc
 c0de5ff195e15b681b4201f9791703e942c5a57b 362516 apache2_2.4.18-2ubuntu4.debian.tar.xz
Checksums-Sha256:
 d0f4e196da3a5304f3cb442330126e01c6125aec53d5a339afa1f22482757148 2824 apache2_2.4.18-2ubuntu4.dsc
 8d6f2594f8dcaa77f4e89c5282e032ac525f4e468e67a7828fad7b69b119359c 362516 apache2_2.4.18-2ubuntu4.debian.tar.xz
Files:
 53b84d7ba8c2d82009083c51bbb1fd73 2824 httpd optional apache2_2.4.18-2ubuntu4.dsc
 134da05c529046305bf64501e029c9a6 362516 httpd optional apache2_2.4.18-2ubuntu4.debian.tar.xz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXjSKhAAoJEGVp2FWnRL6TGx4QAJ0cNkCGyRDVW0J7SjBujb1/
dejkosk8F8hHI5JMFPJnLtXXLUJ1xKALQ1zFK+w36YRm+BBcPd01oXOabDZzN4Ud
NG5+AJOSC4dSDo6oqLvEDfxQ65Vo3YaxqiG4oz2WPFojrSjVb+8MBkZ2KKpQaoAT
pJ5anXyirjWY49dERwIKhVqFNhUVDIBEg3yNtjdp4AnrquvpDt37hvdI3Yu00Oxw
YhoUhNS165zrvjr/1QlWuCQXLZepKlODO8hXeQP2E2WbbZZHO6u4YNKfYF+1C1m2
1TDQVliErwfrXUHOJe8/XpN+lR7TY1SDmwzeYiru7tOodu7KXyFKNosajT0y3HOt
VwBhGGvL7Xb3FqVBk1ThN7IBBG98PDN7yazvxUikjcbhcxoM6NLtcFP/d65JLi7K
LJNip9J/wwjmAqczTK0c0IYoxDUumN27fmYJGLw1MsJpeQvsPzL1zbED2YrMXISO
Jt+nIUm869p01rnr4TTm1jrlWquBEe+ICO99mRZOTwOS8vVWFjQb/CcaA7zI+dIS
tgLx8e8+Y0ZII1qybrdzbRWqAYr6VcBAp96j7f+ogWkeBHxAU87C8l7A6j74QR8/
hRo7rNUc59ZOa27TX1/fkQLx46tgW4Wm9NLxdO+qHyOpYYdeHmOkGYtEOGEcyjV6
zflWywBH5x6wU465EtPG
=PnXk
-----END PGP SIGNATURE-----


More information about the Yakkety-changes mailing list