1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4982-1] apache2 security update

    From Moritz Muehlenhoff@21:1/5 to All on Fri Oct 8 23:00:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4982-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 08, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : apache2
    CVE ID : CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438

    Several vulnerabilities have been found in the Apache HTTP server, which
    could result in denial of service. In addition a vulnerability was
    discovered in mod_proxy with which an attacker could trick the server
    to forward requests to arbitrary origin servers.

    For the oldstable distribution (buster), these problems have been fixed
    in version 2.4.38-3+deb10u6.

    For the stable distribution (bullseye), these problems have been fixed in version 2.4.51-1~deb11u1.

    We recommend that you upgrade your apache2 packages.

    For the detailed security status of apache2 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/apache2

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmFgr44ACgkQEMKTtsN8 TjbophAAiZ+fhF2r8BUbQkL8BhpfqjA+hVsp9WEMTn8Gq6kiW0wLvK3jWPM301Ou D4gHqKmFPmYNC1KBOyk/lJdxyD7iTUweUyLi3WXzxhIDMx0kxkRw1oXlyCHzIqSJ M277bgk32h2cDCbsXjrN/8agKPcKgfwDqiyf/igfEq6V8OB2zVvJPKVFq45n54+q 4FPXSyx1g2u5ewSeXbU2uHDej6Qborui4osDdbwx8CT6aETi0cIXJ8RbXF3PUCHG 5DzZagnRq6GumPsl01jcPu7b9Ck8MlkxMSG3FRsSIJVkwpsQ2C34ywIJkFlzUZZh jhdVUrfbyfLpSdcPcipAAjl9I6gDqa9SFdMRK7ixCpQ6iTiVeDZdJ8pA4jnSweNQ THik07di9R0juX0p7peQiIyBKrEf7Y3WSvLOn0SBKXvZnzc/72rH2nP5FclsgCsV TWxptziGridC43KB8/tDJAAOXVF2lzylzF70V/UGTNo1jk9w3/p6btU1iuzKspyY Y4aPZla3DImI8mezrgFrGYNg7bZYLKuJyGDADKih2sUQpzmDZ6MJxKAE3NLRWyQa 7cCJdoNR9yVqytEw1Y/ZRXAXWfMb3Y1ts2EqR8hzLQgMYb0JC58cLMG3T0RgyPoO A4CTIoYpK1WnsykAE8M4XFrnOW3lrtse6T8N/dTVMuodElAEhc0=
    =/At6
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)