Accepted apache2 2.4.25-3+deb9u7 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 02 Apr 2019 21:05:13 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.25-3+deb9u7
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
apache2 - Apache HTTP Server
apache2-bin - Apache HTTP Server (modules and other binary files)
apache2-data - Apache HTTP Server (common files)
apache2-dbg - Apache debugging symbols
apache2-dev - Apache HTTP Server (development headers)
apache2-doc - Apache HTTP Server (on-site documentation)
apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
apache2-utils - Apache HTTP Server (utility programs for web servers)
Closes: 904150 915103 920302 920303
Changes:
apache2 (2.4.25-3+deb9u7) stretch-security; urgency=medium
.
[ Xavier Guimard ]
* CVE-2018-17199: mode_session: Fix missing check for session expiry time.
Closes: #920303
.
[ Stefan Fritsch ]
* mod_http2: Fix keepalive timeout behavior. This fixes a regression with
Safari web browsers, introduced in 2.4.25-3+deb9u6. Closes: #915103
* Fix typo in apache2_switch_mpm() in apache2-maintscript-helper.
Closes: #904150
* CVE-2018-17189: mod_http2: Fix DoS via slow, unneeded request bodies.
Closes: #920302
* CVE-2019-0196: mod_http2: Fix read after free
* CVE-2019-0211: All MPMs: privilege escalation from www-data user to root.
* CVE-2019-0217: mod_auth_digest: Access control bypass
* CVE-2019-0220: URL normalization inconsistincy.
Consecutive slashes in URL's are now merged before use in LocationMatch
and RewriteRule. The old behavior can be restored with the new directive
"MergeSlashes off".
Checksums-Sha1:
ad40893da9251264e64dd34b862d4ac6ac0b1b64 2986 apache2_2.4.25-3+deb9u7.dsc
0eafb26fd945d2c39e54e54b8dd7616428984b56 795236 apache2_2.4.25-3+deb9u7.debian.tar.xz
1cf9ffe32d5e58e3d0cda2cb9c0798257e1948ed 1187486 apache2-bin_2.4.25-3+deb9u7_amd64.deb
abebbface5e521553163d3a962c0705577f3a169 162062 apache2-data_2.4.25-3+deb9u7_all.deb
8869d0ea4b289825bb2fbb606faa6ba9cda8d007 4019618 apache2-dbg_2.4.25-3+deb9u7_amd64.deb
f12e86b88c1a9c39632dd68e9448b5c90166d069 314496 apache2-dev_2.4.25-3+deb9u7_amd64.deb
d999ab5602672930da5ec5e29f5f813636231b7e 3771360 apache2-doc_2.4.25-3+deb9u7_all.deb
3e79e228fe28a466cfdb85d8400d3efd43264cff 2264 apache2-ssl-dev_2.4.25-3+deb9u7_amd64.deb
ad49bfd135e52a3ab5f46aba4df4bd794a0906b0 155638 apache2-suexec-custom_2.4.25-3+deb9u7_amd64.deb
013621fbbf0f16cbd152ef6902db5007f81004f1 154170 apache2-suexec-pristine_2.4.25-3+deb9u7_amd64.deb
d5c726c6bbdb0a21154c79bbd2ed4bcdfb3a862d 217540 apache2-utils_2.4.25-3+deb9u7_amd64.deb
b235276590e36f9519852bffb566be378265dc1f 10198 apache2_2.4.25-3+deb9u7_amd64.buildinfo
d498c77f912427a041d6d10cb4833beea8fb9808 236346 apache2_2.4.25-3+deb9u7_amd64.deb
Checksums-Sha256:
3e53a393d39bd3ae33f5c3864993939e15805ff58508392880b1fcb3d0783e5c 2986 apache2_2.4.25-3+deb9u7.dsc
5c7855b18289bbdabce4ca5d4053f6dbd657f48b211a180503bf509a9dcc37d9 795236 apache2_2.4.25-3+deb9u7.debian.tar.xz
5a47bb7406082dfffc5a3ad4f31e617ef44ee130c3d645b5598cda29bccc91d8 1187486 apache2-bin_2.4.25-3+deb9u7_amd64.deb
9d3b0c2e0ebbe2ee5ec66216af242c54d724dc39d30c4ffb36a6de4d3d66174e 162062 apache2-data_2.4.25-3+deb9u7_all.deb
5f7c3e07260c66ecc40fb9b605dfe6c09b5a003c04fa5fd967bf2b81f212cac7 4019618 apache2-dbg_2.4.25-3+deb9u7_amd64.deb
4b8a0b283eed897922438f2ea8578661f30e7b5904a27dac1d43107c65b40e25 314496 apache2-dev_2.4.25-3+deb9u7_amd64.deb
9c2e63a7111e84fc87e3d286ba646ff2a02b8ae10e5f7b6677a26dbb88d88e12 3771360 apache2-doc_2.4.25-3+deb9u7_all.deb
761551e0b3e9a591fe22865f99b4e2129770c61e0ec2c15968f2c19983347232 2264 apache2-ssl-dev_2.4.25-3+deb9u7_amd64.deb
c5a577e3310e0226823f49890117dd3a0497b4119c7fa565dc97985b42ced5f1 155638 apache2-suexec-custom_2.4.25-3+deb9u7_amd64.deb
ed9e2be51892e98d65317d7e92c04d06431485ca5195abc702623e35f00cf00e 154170 apache2-suexec-pristine_2.4.25-3+deb9u7_amd64.deb
9dca93d4cbebb04897406b509885d1c70b75109a925df3487ba8104a9c503e5c 217540 apache2-utils_2.4.25-3+deb9u7_amd64.deb
ef506a0d3a96f58e494aa3d0f344b9b649888d86459d55c21a41adde664b7118 10198 apache2_2.4.25-3+deb9u7_amd64.buildinfo
91d5fad810506aa57bbcbeb304a7ff8fd8052f26824a07364e05cc174064a00f 236346 apache2_2.4.25-3+deb9u7_amd64.deb
Files:
92815523f438bf530348f0d091f6fd5a 2986 httpd optional apache2_2.4.25-3+deb9u7.dsc
b47f809e70849281eb15a75b0da617f9 795236 httpd optional apache2_2.4.25-3+deb9u7.debian.tar.xz
0e693e7814e561e859d87d6ed2ad71c1 1187486 httpd optional apache2-bin_2.4.25-3+deb9u7_amd64.deb
1125e677a9b784669cac81a697fe0642 162062 httpd optional apache2-data_2.4.25-3+deb9u7_all.deb
952505aa0026e70e1ebf4fa60c456f7c 4019618 debug extra apache2-dbg_2.4.25-3+deb9u7_amd64.deb
2c29573b043a8db77723eb3b447848d8 314496 httpd optional apache2-dev_2.4.25-3+deb9u7_amd64.deb
3799f98ca0f27bf7c6ba3735fae6f6f5 3771360 doc optional apache2-doc_2.4.25-3+deb9u7_all.deb
a2ce439700817df3da3362105fb2ceb6 2264 httpd optional apache2-ssl-dev_2.4.25-3+deb9u7_amd64.deb
a8961862b848070a088fbeba39ed9e4c 155638 httpd extra apache2-suexec-custom_2.4.25-3+deb9u7_amd64.deb
c30a0af32ace92be3cbc1b205edc715f 154170 httpd optional apache2-suexec-pristine_2.4.25-3+deb9u7_amd64.deb
19e642b945fbae6f71c1e81f1d0fa4f7 217540 httpd optional apache2-utils_2.4.25-3+deb9u7_amd64.deb
0afb9bb4cbe329b4b764831b367f9d4d 10198 httpd optional apache2_2.4.25-3+deb9u7_amd64.buildinfo
6415829488ac482552d8549500197d7e 236346 httpd optional apache2_2.4.25-3+deb9u7_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAlyjuOsACgkQxodfNUHO
/eAzCw//Zp4V5giSG9LwFnaJePelb+tzpEzLFoFyYPx5FK2af7yXVi53a8UvJ1AR
ECIMlCMyaltLut5kTgpRreVBTKTh2kZU2H5fOLbiFhsEYvnMWrm/xalp8vFIBcLN
RLzJ7gIBVloOkvdb43CzmV61i022ROigzmGrfVab0D0vXSChMz5IoNZbn6kDQvrj
Z4Sxi+3XS3K9KVYrM7NjGilc6/L6P4pDUNTV/kLzcdWGVplm1HlvY3sNfDYYZ6xu
nLdrJYhfuUcNwJnbUkq3JACvkWH5sq+grcOdGLhAMo+jPQFO2QuvmU9qBW0WVu4S
f5UdQeH/rPuTZykiaimaKHe4zUPG0zc0X0kr0y+UXL3Xw6V1mrkthUsGTuwUPXSv
kUxlFWy6rcaGgiAntw3hgj7ZKXUECSxRqJTlitvv+tWSlYkTGz8lGxyViYqDSLeb
lSHluS7SxXQtpGVPaFL6hULM1gQhjEoZMRP2K9SxZ3D9lZflQBpx7vKNyDobSlWX
iceDPqQn7I9gQzfVFsISTqCKl8p04XAM8LbKhPqw5RqyHfiGDllLynm4PBKZK0qR
Hcvo+AkjmsuljH57ToATdLy3PolhrDS1Wuj9g4JoUcbsvyUmBM5NAfIMuVbeREo5
YW2uP678f+cHtCiTiAfqfNRDpffEy+P/IzGCo3TCSYi25qGMv84=
=KF5H
-----END PGP SIGNATURE-----