Debian Package Tracker

From: Stefan Fritsch <sf@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted apache2 2.4.25-4 (source amd64 all) into unstable
Date: Tue, 20 Jun 2017 20:49:52 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 20 Jun 2017 21:31:51 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.25-4
Distribution: unstable
Urgency: high
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Changes:
 apache2 (2.4.25-4) unstable; urgency=high
 .
   * Backport security fixes from 2.4.26:
   * CVE-2017-3167: Authentication bypass with ap_get_basic_auth_pw()
   * CVE-2017-3169: mod_ssl NULL pointer dereference
   * CVE-2017-7668: Buffer overrun in ap_find_token()
   * CVE-2017-7679: mod_mime buffer overread
   * CVE-2017-7659: mod_http2 NULL pointer dereference
Checksums-Sha1:
 92363fc31798200d35d5e5993fe6258e5f6bd3ed 2958 apache2_2.4.25-4.dsc
 85cc86523f431b2e709106c422adcf822b424f6e 697892 apache2_2.4.25-4.debian.tar.xz
 86a0f05e60ba1b620e29ceecdc469459ca806c8b 1180638 apache2-bin_2.4.25-4_amd64.deb
 77c34e4daaf6d574bef4304898a2b5ea80174bba 162148 apache2-data_2.4.25-4_all.deb
 2ad5e80446d080510392ec1cda4f071f70684624 4001228 apache2-dbg_2.4.25-4_amd64.deb
 c9fe5bfc0933827f6c3520ca3cdf71d0f5de68d5 313094 apache2-dev_2.4.25-4_amd64.deb
 faf536e91599cd3268fcaaa26e471d22c1844034 3770242 apache2-doc_2.4.25-4_all.deb
 e48f3fc8cec97cd86514c5a51b83446ebb422d8d 2262 apache2-ssl-dev_2.4.25-4_amd64.deb
 a81e47850898dc2138ad6bff5a49be7d4ec8b974 154586 apache2-suexec-custom_2.4.25-4_amd64.deb
 87609bec0517ea63e00349f3a4bcbbeef3c1305c 153116 apache2-suexec-pristine_2.4.25-4_amd64.deb
 98f2a118848217db5f950d55082358975aef3d24 216534 apache2-utils_2.4.25-4_amd64.deb
 22a6feddb6c54842456b7abc3135681542571177 9773 apache2_2.4.25-4_amd64.buildinfo
 38f9967a860b1ab976700eaea7d1ccb41801350b 235118 apache2_2.4.25-4_amd64.deb
Checksums-Sha256:
 d31c3a4011c6a7395651b04c270aa87fc234551975564cb3abf6bf60cac02660 2958 apache2_2.4.25-4.dsc
 1e15290ac5a2a53f64583e12b8c9efccbdca7167387c6f9191727043ee099755 697892 apache2_2.4.25-4.debian.tar.xz
 21d58ba6cc3761fb1abbb9139be8209a76bb72d0d9cfbc01ee05b093cc21c7a3 1180638 apache2-bin_2.4.25-4_amd64.deb
 48d92fbee05665019bd25d8e345857f1a9c319df6bacfafa52a392778afdde0a 162148 apache2-data_2.4.25-4_all.deb
 8a9842e2e222788701eae4a7a671fa34021e4da3b1bffab025fa31fc2d5afbf6 4001228 apache2-dbg_2.4.25-4_amd64.deb
 1d47370ecdab9179d1573b1da3bcb0a187c5e214b047f827d685eee065af65ad 313094 apache2-dev_2.4.25-4_amd64.deb
 2bd42ef5c42206dd4b2a14758f7bbfdf2ca6a114b521502323c606baad8c7adf 3770242 apache2-doc_2.4.25-4_all.deb
 fab908acc8311351c4597e2b3a916968ac15092e1596adda3f4b861d7b12982d 2262 apache2-ssl-dev_2.4.25-4_amd64.deb
 fd87cc27277afb74d30c7bc06844442bf9f35b12c45ee24276393dad6eb29712 154586 apache2-suexec-custom_2.4.25-4_amd64.deb
 9ed3b79f8494ec0c4f73cb1f79621dbacbda6622f16b84088569f25aee330d07 153116 apache2-suexec-pristine_2.4.25-4_amd64.deb
 7ccab0cbf7963f92d6cb72ee1672fc45dc3589ad5458a93177c31b4b09a90751 216534 apache2-utils_2.4.25-4_amd64.deb
 e62787b5b5628b02efb7a9132310fd71352f9d1f11b4d8a71b6ffbc8ade813ba 9773 apache2_2.4.25-4_amd64.buildinfo
 4c35280ee0307a610f5b0fd292cad48d9b0d7a76724295221dc32d9c01904521 235118 apache2_2.4.25-4_amd64.deb
Files:
 3b11c06fe114ad11393b8dd5722fb5da 2958 httpd optional apache2_2.4.25-4.dsc
 36d631830e4d038cb33daef41c88c554 697892 httpd optional apache2_2.4.25-4.debian.tar.xz
 f98f64365231370675e358320c9b466e 1180638 httpd optional apache2-bin_2.4.25-4_amd64.deb
 549077465d4aed5c11f8bbea9be5674d 162148 httpd optional apache2-data_2.4.25-4_all.deb
 6b0a37c96c8783dcbeec5e8c485d3fe9 4001228 debug extra apache2-dbg_2.4.25-4_amd64.deb
 de029f5832bb9434137e76eed9a10f28 313094 httpd optional apache2-dev_2.4.25-4_amd64.deb
 58142f9a78da061730be346de358ddbc 3770242 doc optional apache2-doc_2.4.25-4_all.deb
 4154bcad5b85ce32b21b4ac8d37de956 2262 httpd optional apache2-ssl-dev_2.4.25-4_amd64.deb
 19af6e08b8b4b0c52c3a5510fbc115db 154586 httpd extra apache2-suexec-custom_2.4.25-4_amd64.deb
 76b738488827aa445ac2a0b3b80e8c2f 153116 httpd optional apache2-suexec-pristine_2.4.25-4_amd64.deb
 e2a735bc7adef42899684e1c9bdf1ef7 216534 httpd optional apache2-utils_2.4.25-4_amd64.deb
 e41a1348251a05b1ddc37107c7c5803d 9773 httpd optional apache2_2.4.25-4_amd64.buildinfo
 2d566a3709625391071f9c1ef42145dd 235118 httpd optional apache2_2.4.25-4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAllJeXoACgkQxodfNUHO
/eDGvw//cNtacPEEqyBZX+tovVdQHjO15UKdqWJ2IxwHGiwR/uBFn+6pNouSa2Tg
H31UmtT0QWKIOIkZwemrVL2OGRBvvpiMvBtNgGev0NzBmezXpXt2Xxmb5KwXdjs/
xrVu8rUItP0DWalHhq7I+04tM8EEYWmIJ0B0QGV6hwyL7HxBWJEQr59Ddm7H+SJa
hGy2zmJZ24wXLAjZuY7Z0D6VLiuW2kBE0tHizk0xa2vWQ4kHCTIOqbCARRRvkwjD
mW8J+PPbkPJ0mXPRkAolD4Kt8s6rUtdhSvCqeb0TVcpUOndqR2kirpLDibG6LuI5
SM16Re52YlxwFpLF6sqauI7nuGEbOLDIfmYzICoLW5Huv+OAq6n2FAq1ddwg6pRZ
ssZyygxS7Ib1B+7W/ZNN3a9Yj3GJCZVNSbgAz5pqbPGForCByhQnpUl+BRSJeLO2
TGuu0q+GmF1uGAMlm1u47/PB9KccANgDbD3kJe4CKkiRz2K5ajZPupLPaLP30+Wy
mJmwLHVwtGAynzY1S/odqHv2cLfCea/+4G6zUWDR7hzn2bhxFavMJBoSPADI1Xhf
RCkrwdQvrBeqdcp5qo/GkAZRMG/YpDuW5asUYP5/aWweh9U/dv5gnw/YwRTU3n+p
okCbgNRxAF81TChfysEtemUTW4Bd8u+2sm1ix72ISejoIDwzpiI=
=/Zfi
-----END PGP SIGNATURE-----
News for package apache2
