#1139713 trixie-pu: package apache2/2.4.68-1~deb13u1

#1139713#5
Date:
2026-06-11 18:40:01 UTC
From:
To:
[ Reason ]
Apache2 is vulnerable to various medium CVEs (CVE-2026-29167, CVE-2026-29170,
CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536,
CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186,
CVE-2026-44631, CVE-2026-48913).

[ Impact ]
Medium security issues

[ Tests ]
Diff contains a test-framework update

[ Risks ]
As usual with Apache, low but not null risk

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
This release contains only fixes (a lot...)

[ Other info ]
I put here just the debian/ diff. The whole diff is big

#1139713#12
Date:
2026-06-13 13:32:37 UTC
From:
To:
Control: tags -1 + confirmed
[...]

Nevertheless, it should still be included in the bug log.

Please go ahead.

Regards,

Adam

#1139713#19
Date:
2026-06-30 18:02:44 UTC
From:
To:
package release.debian.org
tags 1139713 = trixie pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian trixie.

Thanks for your contribution!

Upload details
==============

Package: apache2
Version: 2.4.68-1~deb13u1

Explanation: fix use-after-free issues [CVE-2026-29167 CVE-2026-48913]; fix cross-site scripting issue [CVE-2026-29170]; fix buffer overflow issues [CVE-2026-34355 CVE-2026-34356 CVE-2026-42536]; fix denial of serice issues [CVE-2026-42535 CVE-2026-44186 CVE-2026-49975]; fix out of bounds read issues [CVE-2026-43951 CVE-2026-44185]; fix file read issue [CVE-2026-44119]; fix buffer underwrite issue [CVE-2026-44631]

#1139713#24
Date:
2026-06-30 18:02:44 UTC
From:
To:
package release.debian.org
tags 1139713 = trixie pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian trixie.

Thanks for your contribution!

Upload details
==============

Package: apache2
Version: 2.4.68-1~deb13u1

Explanation: fix use-after-free issues [CVE-2026-29167 CVE-2026-48913]; fix cross-site scripting issue [CVE-2026-29170]; fix buffer overflow issues [CVE-2026-34355 CVE-2026-34356 CVE-2026-42536]; fix denial of serice issues [CVE-2026-42535 CVE-2026-44186 CVE-2026-49975]; fix out of bounds read issues [CVE-2026-43951 CVE-2026-44185]; fix file read issue [CVE-2026-44119]; fix buffer underwrite issue [CVE-2026-44631]