Package "apache2"
| Name: |
apache2
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Apache HTTP Server configurable suexec program for mod_suexec
- Apache HTTP Server standard suexec program for mod_suexec
- transitional package
- transitional package
|
| Latest version: |
2.4.52-1ubuntu4.23 |
| Release: |
jammy (22.04) |
| Level: |
security |
| Repository: |
universe |
Links
Other versions of "apache2" in Jammy
Packages in group
Deleted packages are displayed in grey.
Changelog
|
apache2 (2.4.52-1ubuntu4.23) jammy-security; urgency=medium
* SECURITY UPDATE: mod_ldap per-dir use-after-free
- debian/patches/CVE-2026-29167.patch: Fix inheritance in per-dir context
in modules/ldap/util_ldap.c.
- CVE-2026-29167
* SECURITY UPDATE: mod_proxy_ftp XSS
- debian/patches/CVE-2026-29170.patch: Use ap_os_escape_path() with
ap_escape_html() instead of ap_escape_uri() for href attributes in
generated directory listing links in modules/proxy/mod_proxy_ftp.c.
- CVE-2026-29170
* SECURITY UPDATE: mod_proxy_html buffer overflow
- debian/patches/CVE-2026-34355.patch: Simplify to use the ap_varbuf API
in modules/filters/mod_proxy_html.c.
- CVE-2026-34355
* SECURITY UPDATE: ProxyPassReverseCookieMap buffer overflow
- debian/patches/CVE-2026-34356.patch: fix dup path/domain in
modules/proxy/proxy_util.c.
- CVE-2026-34356
* SECURITY UPDATE: mod_dav_fs protected directory access
- debian/patches/CVE-2026-42535.patch: disallow DAV_FS_STATE_DIR in
modules/dav/fs/repos.c.
- CVE-2026-42535
* SECURITY UPDATE: mod_xml2enc heap overflow
- debian/patches/CVE-2026-42536.patch: Fix accounting in
modules/filters/mod_xml2enc.c.
- CVE-2026-42536
* SECURITY UPDATE: OOB Read in 'merge_response_headers' can cause crash
- debian/patches/CVE-2026-43951.patch: fix lang iteration in
modules/http/http_filters.c, modules/http2/h2_c2_filter.c.
- CVE-2026-43951
* SECURITY UPDATE: escalation of privilege through expressions in .htaccess
in multiple modules
- debian/patches/CVE-2026-44119.patch: restrict per-dir file funcs
centrally in include/ap_expr.h, modules/mappers/mod_rewrite.c,
modules/metadata/mod_setenvif.c, modules/proxy/mod_proxy_fcgi.c,
server/util_expr_eval.c.
- CVE-2026-44119
* SECURITY UPDATE: Stack Buffer Over-Read in mod_ssl OCSP 'send_request'
- debian/patches/CVE-2026-44185.patch: Increase wbuf with the len read by
apr_socket_send: in modules/ssl/ssl_util_ocsp.c.
- CVE-2026-44185
* SECURITY UPDATE: Loop in 'proxy_ftp_handler' in mod_proxy_ftp
- debian/patches/CVE-2026-44186.patch: fix iteration in
modules/proxy/mod_proxy_ftp.c.
- CVE-2026-44186
* SECURITY UPDATE: Heap Underflow in 'ap_regname' via Signed Char Overflow
- debian/patches/CVE-2026-44631.patch: restrict to reasonable captures in
include/ap_regex.h, modules/proxy/mod_proxy.c, server/core.c,
server/util_pcre.c.
- CVE-2026-44631
* SECURITY UPDATE: mod_http2 memory corruption when file handles exhausted
- debian/patches/CVE-2026-48913.patch: update to version 2.0.42 of the
http2 module in modules/http2/*.
- debian/patches/CVE-2026-48913-2.patch: fix buffer overflow in link
mapping in modules/http2/h2_proxy_util.c.
- CVE-2026-48913
* Updated perl-framework tests for security changes:
- debian/perl-framework/t/apache/expr.t
- https://github.com/apache/httpd-tests/commit/c45f32cd44cf15aca0253dc480fe687b2e4d76ff
-- Marc Deslauriers <email address hidden> Mon, 06 Jul 2026 12:41:46 -0400
|
| Source diff to previous version |
| CVE-2026-29167 |
Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 th |
| CVE-2026-29170 |
A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing F |
| CVE-2026-34355 |
A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgra |
| CVE-2026-34356 |
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie* This issue affects Apache |
| CVE-2026-42535 |
A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases |
| CVE-2026-42536 |
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTT |
| CVE-2026-43951 |
Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP |
| CVE-2026-44119 |
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges |
| CVE-2026-44185 |
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP |
| CVE-2026-44186 |
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled ba |
| CVE-2026-44631 |
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: fr |
| CVE-2026-48913 |
Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: |
|
|
apache2 (2.4.52-1ubuntu4.21) jammy-security; urgency=medium
* SECURITY UPDATE: HTTP/2 Bomb denial of service
- debian/patches/CVE-2026-49975.patch: fix cookie header accounting against
LimitRequestFields in modules/http2/h2_util.c.
- CVE-2026-49975
-- Marc Deslauriers <email address hidden> Wed, 03 Jun 2026 11:42:24 -0400
|
| Source diff to previous version |
|
apache2 (2.4.52-1ubuntu4.20) jammy-security; urgency=medium
* SECURITY UPDATE: http2: double free and possible RCE on early reset
- debian/patches/CVE-2026-23918.patch: prevent double purge of a stream,
resulting in a double free in modules/http2/h2_mplx.c.
- CVE-2026-23918
* SECURITY UPDATE: mod_rewrite elevation of privileges via ap_expr
- debian/patches/CVE-2026-24072.patch: use AP_EXPR_FLAG_RESTRICTED in
htaccess in modules/mappers/mod_rewrite.c,
modules/metadata/mod_setenvif.c, modules/proxy/mod_proxy_fcgi.c.
- CVE-2026-24072
* SECURITY UPDATE: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()
- debian/patches/CVE-2026-28780.patch: fix ajp_msg_check_header check in
modules/proxy/ajp_msg.c.
- CVE-2026-28780
* SECURITY UPDATE: mod_md unrestricted OCSP response
- debian/patches/CVE-2026-29168.patch: add ocsp limits in
modules/md/md_ocsp.c.
- CVE-2026-29168
* SECURITY UPDATE: mod_dav_lock indirect lock crash
- debian/patches/CVE-2026-29169.patch: use the right dav_lock_discovery in
modules/dav/lock/locks.c.
- CVE-2026-29169
* SECURITY UPDATE: mod_auth_digest timing attack
- debian/patches/CVE-2026-33006-1.patch: use apr_crypto_equals in
configure.in, modules/aaa/mod_auth_digest.c.
- debian/patches/CVE-2026-33006-2.patch: add ap_*_timingsafe() constant-
time comparison functions in configure.in, include/httpd.h,
modules/aaa/mod_auth_digest.c, modules/session/mod_session_crypto.c,
server/util.c.
- CVE-2026-33006
* SECURITY UPDATE: mod_authn_socache crash
- debian/patches/CVE-2026-33007.patch: validate URL earlier in
modules/aaa/mod_authn_socache.c.
- CVE-2026-33007
* SECURITY UPDATE: HTTP response splitting forwarding malicious status line
- debian/patches/CVE-2026-33523.patch: scan outgoing status line for
newlines and controls in modules/http/http_filters.c.
- CVE-2026-33523
* SECURITY UPDATE: Off-by-one OOB reads in AJP getter functions
- debian/patches/CVE-2026-33857.patch: fix length checks in AJP msg_get
functions in modules/proxy/ajp_msg.c.
- CVE-2026-33857
* SECURITY UPDATE: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing
Null-Termination Check (ajp_msg_get_string)
- debian/patches/CVE-2026-34032.patch: fix ajp_msg_get_string buffer checks
in modules/proxy/ajp_msg.c.
- CVE-2026-34032
* SECURITY UPDATE: mod_proxy_ajp: Heap Over-Read and memory disclosure in
ajp_parse_data()
- debian/patches/CVE-2026-34059.patch: fix ajp_parse_data message len check
in modules/proxy/ajp_header.c.
- CVE-2026-34059
-- Marc Deslauriers <email address hidden> Tue, 05 May 2026 09:26:47 -0400
|
| Source diff to previous version |
| CVE-2026-23918 |
Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are |
| CVE-2026-24072 |
An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges |
| CVE-2026-28780 |
Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server |
| CVE-2026-29168 |
Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data. This issue affects Apache |
| CVE-2026-29169 |
A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious reques |
| CVE-2026-33006 |
A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recomm |
| CVE-2026-33007 |
A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child p |
| CVE-2026-33523 |
HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apach |
| CVE-2026-33857 |
Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recomme |
| CVE-2026-34032 |
Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are |
| CVE-2026-34059 |
Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to ve |
|
|
apache2 (2.4.52-1ubuntu4.19) jammy-security; urgency=medium
* SECURITY REGRESSION: mod_md setting MDStapleOthers is ignored breaking
OCSP for some domains (LP: 2142766)
- debian/patches/CVE-2025-55753-3.patch: update mod_md to version
2.6.7 which fixes a regression in MDStapleOthers.
-- Marc Deslauriers <email address hidden> Thu, 05 Mar 2026 13:04:29 -0500
|
| Source diff to previous version |
| CVE-2025-55753 |
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the bac |
|
|
apache2 (2.4.52-1ubuntu4.18) jammy-security; urgency=medium
* SECURITY UPDATE: Integer overflow in the case of failed ACME
certificate renewal
- debian/patches/CVE-2025-55753.patch: update mod_md to version
2.6.6 in modules/md/*
- CVE-2025-55753
* SECURITY UPDATE: Server Side Includes adds query string to #exec cmd=
- debian/patches/CVE-2025-58098.patch: don't pass args for SSI request
in modules/generators/mod_cgid.c.
- CVE-2025-58098
* SECURITY UPDATE: CGI environment variable override
- debian/patches/CVE-2025-65082.patch: envvars from HTTP headers low
precedence in server/util_script.c.
- CVE-2025-65082
* SECURITY UPDATE: mod_userdir+suexec bypass via AllowOverride FileInfo
- debian/patches/CVE-2025-66200.patch: don't use request notes for
suexec in modules/mappers/mod_userdir.c,
modules/metadata/mod_headers.c.
- CVE-2025-66200
* SECURITY REGRESSION: Misdirected Request error (LP: #2117112)
- debian/patches/CVE-2025-23048-regression.patch: add SSLVHostSNIPolicy
directive to set the compatibility level required for VirtualHost
matching in modules/ssl/*.
- debian/patches/CVE-2025-23048-regression-2.patch: fix handling of
STRICT mode in modules/ssl/ssl_engine_kernel.c.
-- Marc Deslauriers <email address hidden> Tue, 09 Dec 2025 10:50:28 -0500
|
| 2117112 |
421 Misdirected Request: apache2 regression |
| CVE-2025-55753 |
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the bac |
| CVE-2025-58098 |
Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to |
| CVE-2025-65082 |
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache co |
| CVE-2025-66200 |
mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in hta |
| CVE-2025-23048 |
In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 |
|
About
-
Send Feedback to @ubuntu_updates