Package "apache2"
| Name: |
apache2
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- Apache HTTP Server configurable suexec program for mod_suexec
- Apache HTTP Server standard suexec program for mod_suexec
|
| Latest version: |
2.4.64-1ubuntu3.4 |
| Release: |
questing (25.10) |
| Level: |
security |
| Repository: |
universe |
Links
Other versions of "apache2" in Questing
Packages in group
Deleted packages are displayed in grey.
Changelog
|
apache2 (2.4.64-1ubuntu3.4) questing-security; urgency=medium
* SECURITY UPDATE: http2: double free and possible RCE on early reset
- debian/patches/CVE-2026-23918.patch: prevent double purge of a stream,
resulting in a double free in modules/http2/h2_mplx.c.
- CVE-2026-23918
* SECURITY UPDATE: mod_rewrite elevation of privileges via ap_expr
- debian/patches/CVE-2026-24072.patch: use AP_EXPR_FLAG_RESTRICTED in
htaccess in modules/mappers/mod_rewrite.c,
modules/metadata/mod_setenvif.c, modules/proxy/mod_proxy_fcgi.c.
- CVE-2026-24072
* SECURITY UPDATE: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()
- debian/patches/CVE-2026-28780.patch: fix ajp_msg_check_header check in
modules/proxy/ajp_msg.c.
- CVE-2026-28780
* SECURITY UPDATE: mod_md unrestricted OCSP response
- debian/patches/CVE-2026-29168.patch: add ocsp limits in
modules/md/md_ocsp.c.
- CVE-2026-29168
* SECURITY UPDATE: mod_dav_lock indirect lock crash
- debian/patches/CVE-2026-29169.patch: use the right dav_lock_discovery in
modules/dav/lock/locks.c.
- CVE-2026-29169
* SECURITY UPDATE: mod_auth_digest timing attack
- debian/patches/CVE-2026-33006-1.patch: use apr_crypto_equals in
configure.in, modules/aaa/mod_auth_digest.c.
- debian/patches/CVE-2026-33006-2.patch: add ap_*_timingsafe() constant-
time comparison functions in configure.in, include/ap_mmn.h,
include/httpd.h, modules/aaa/mod_auth_digest.c,
modules/session/mod_session_crypto.c, server/util.c.
- CVE-2026-33006
* SECURITY UPDATE: mod_authn_socache crash
- debian/patches/CVE-2026-33007.patch: validate URL earlier in
modules/aaa/mod_authn_socache.c.
- CVE-2026-33007
* SECURITY UPDATE: HTTP response splitting forwarding malicious status line
- debian/patches/CVE-2026-33523.patch: scan outgoing status line for
newlines and controls in modules/http/http_filters.c.
- CVE-2026-33523
* SECURITY UPDATE: Off-by-one OOB reads in AJP getter functions
- debian/patches/CVE-2026-33857.patch: fix length checks in AJP msg_get
functions in modules/proxy/ajp_msg.c.
- CVE-2026-33857
* SECURITY UPDATE: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing
Null-Termination Check (ajp_msg_get_string)
- debian/patches/CVE-2026-34032.patch: fix ajp_msg_get_string buffer checks
in modules/proxy/ajp_msg.c.
- CVE-2026-34032
* SECURITY UPDATE: mod_proxy_ajp: Heap Over-Read and memory disclosure in
ajp_parse_data()
- debian/patches/CVE-2026-34059.patch: fix ajp_parse_data message len check
in modules/proxy/ajp_header.c.
- CVE-2026-34059
-- Marc Deslauriers <email address hidden> Tue, 05 May 2026 09:16:28 -0400
|
| Source diff to previous version |
| CVE-2026-23918 |
Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are |
| CVE-2026-24072 |
An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges |
| CVE-2026-28780 |
Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server |
| CVE-2026-29168 |
Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data. This issue affects Apache |
| CVE-2026-29169 |
A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious reques |
| CVE-2026-33006 |
A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recomm |
| CVE-2026-33007 |
A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child p |
| CVE-2026-33523 |
HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apach |
| CVE-2026-33857 |
Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recomme |
| CVE-2026-34032 |
Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are |
| CVE-2026-34059 |
Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to ve |
|
|
apache2 (2.4.64-1ubuntu3.3) questing-security; urgency=medium
* SECURITY REGRESSION: mod_md setting MDStapleOthers is ignored breaking
OCSP for some domains (LP: 2142766)
- debian/patches/CVE-2025-55753-3.patch: update mod_md to version
2.6.7 which fixes a regression in MDStapleOthers.
-- Marc Deslauriers <email address hidden> Thu, 05 Mar 2026 12:29:15 -0500
|
| Source diff to previous version |
| CVE-2025-55753 |
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the bac |
|
|
apache2 (2.4.64-1ubuntu3.2) questing-security; urgency=medium
* SECURITY UPDATE: Integer overflow in the case of failed ACME
certificate renewal
- debian/patches/CVE-2025-55753-1.patch: update mod_md to version
2.6.2 in modules/md/*
- debian/patches/CVE-2025-55753-2.patch: update mod_md to version
2.6.6 in modules/md/*
- CVE-2025-55753
* SECURITY UPDATE: Server Side Includes adds query string to #exec cmd=
- debian/patches/CVE-2025-58098.patch: don't pass args for SSI request
in modules/generators/mod_cgid.c.
- CVE-2025-58098
* SECURITY UPDATE: CGI environment variable override
- debian/patches/CVE-2025-65082.patch: envvars from HTTP headers low
precedence in server/util_script.c.
- CVE-2025-65082
* SECURITY UPDATE: mod_userdir+suexec bypass via AllowOverride FileInfo
- debian/patches/CVE-2025-66200.patch: don't use request notes for
suexec in modules/mappers/mod_userdir.c,
modules/metadata/mod_headers.c.
- CVE-2025-66200
* SECURITY REGRESSION: Misdirected Request error (LP: #2117112)
- debian/patches/CVE-2025-23048-regression.patch: add SSLVHostSNIPolicy
directive to set the compatibility level required for VirtualHost
matching in modules/ssl/*.
- debian/patches/CVE-2025-23048-regression-2.patch: fix handling of
STRICT mode in modules/ssl/ssl_engine_kernel.c.
-- Marc Deslauriers <email address hidden> Tue, 09 Dec 2025 10:50:28 -0500
|
| 2117112 |
421 Misdirected Request: apache2 regression |
| CVE-2025-55753 |
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the bac |
| CVE-2025-58098 |
Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to |
| CVE-2025-65082 |
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache co |
| CVE-2025-66200 |
mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in hta |
| CVE-2025-23048 |
In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 |
|
About
-
Send Feedback to @ubuntu_updates
