Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5376-1] apache2 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5376-1] apache2 security update


Chronologisch Thread  
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5376-1] apache2 security update
  • Date: Mon, 20 Mar 2023 18:52:17 +0000
  • Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/ZBirYU+y4H6gSNgY AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=PuWjplNRPRhyLK/7B9Hlys6YuZlhNnlYEJkNA5MSKx4=; b=QS EZ0HqDlcAD3XmHvIzVd2yjIRldKa6xWlaxVnE/NhIEFxso1bZAx49iYBvN96IuFSbVvJD5bNuW9LV yVsxiblkJy2so66iDZicfeelM13Cp3JSru89NQwfJy0uB5sTbMGOMmWmIOagm+yeTVf08UubhDYqA JZuixdmQIc413kruEQMBzQSDFx7qkyU4MRNB0w6878Ofmje3nSSNOAv7cf91Fpr6p4m5j9wrWPuBI ODqeB/QEm5iglJcU33GsQ0V88r8jbpwEBmhPtn+7GFykJz8czPT2yYL6MlZOYLtLD/5ml1lP1sxPE qBP2K+C2c4WKFL13hqyLqf+SCWDlS2Ag==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Mon, 20 Mar 2023 18:52:41 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <V03yXYwloqL.A.iFC.5tKGkB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5376-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 20, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : apache2
CVE ID : CVE-2006-20001 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690
CVE-2023-27522

Multiple vulnerabilities have been discovered in the Apache HTTP server,
which may result in HTTP response splitting or denial of service.

For the stable distribution (bullseye), these problems have been fixed in
version 2.4.56-1~deb11u1.

We recommend that you upgrade your apache2 packages.

For the detailed security status of apache2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/apache2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQYqdQACgkQEMKTtsN8
TjYWeQ//dwKUtLc9oKmjEmiY1QsRsSYdlzMTWA8ow63vdtGD1QU3Xb/CxPSZ22Oh
8zypNP5qtk3m11JA7npd7RNPpF3Gb1V5ebIlKP7GavGBIrGOmvH31hV3IUP4HoXO
/mC36BA3twAgyF12HMtdPvj+qaNguYnxXhc02Kt7kl6sq+ybtdCnRnBfJJ2KYXKq
tjRedc+HJZa0gSuq9fsFbaQF1OPk1jHEO/ixHhISKhEr1mHO+eLN3soQ9gqaEG/a
/0jLUm1ThiBNeK5jkmCXuIuqwwrGHG16Cl9fIKGps1Yb+ef2aJca7onA4IfyUj1d
1S7VmCgFFQe+5eAgdcR77mWS8RyEP/lyItY+ifzGG6xR0EUnDgD7ApcqhZBIJCgU
583Dle+sjvwgb9iSSeNwynqx58Pf4648AJSx6nNlsop4ekE4To5GvKyr/eI3HNqa
t9BfVtwqRu4GnnurvJFzh5n2wpRl1JbQMFMx/kxb1He5ioayRtru9guViNA3ylgn
d7lbk8FEsvvzS9MM0RVivlWdzD6+FVFHaWoCcwzv+0dFD6iiG5MJMGUr0pElw+ju
As6bnKCCoEHU4HK0rKHlVeB6E3Ch7yF+b6PvzZqCqcOE6RB5/I2Nu9S3L78cZWRU
nKXf/WHf3Lw+DCB8QKWUBuo0WjkFjmEe/oUCWHGt/UbtXGbSM+E=
=Bi/w
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 5376-1] apache2 security update, Moritz Muehlenhoff, 20.03.2023

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang