- Package:
- release.debian.org
- Source:
- release.debian.org
- Submitter:
- Xavier Guimard
- Date:
- 2026-06-30 18:05:08 UTC
- Severity:
- normal
- Tags:
[ Reason ] Apache2 is vulnerable to various medium CVEs (CVE-2026-29167, CVE-2026-29170, CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536, CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186, CVE-2026-44631, CVE-2026-48913). [ Impact ] Medium security issues [ Tests ] Diff contains a test-framework update [ Risks ] As usual with Apache, low but not null risk [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] This release contains only fixes (a lot...) [ Other info ] I put here just the debian/ diff. The whole diff is big
Control: tags -1 + confirmed [...] Nevertheless, it should still be included in the bug log. Please go ahead. Regards, Adam
package release.debian.org tags 1139713 = trixie pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian trixie. Thanks for your contribution! Upload details ============== Package: apache2 Version: 2.4.68-1~deb13u1 Explanation: fix use-after-free issues [CVE-2026-29167 CVE-2026-48913]; fix cross-site scripting issue [CVE-2026-29170]; fix buffer overflow issues [CVE-2026-34355 CVE-2026-34356 CVE-2026-42536]; fix denial of serice issues [CVE-2026-42535 CVE-2026-44186 CVE-2026-49975]; fix out of bounds read issues [CVE-2026-43951 CVE-2026-44185]; fix file read issue [CVE-2026-44119]; fix buffer underwrite issue [CVE-2026-44631]
package release.debian.org tags 1139713 = trixie pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian trixie. Thanks for your contribution! Upload details ============== Package: apache2 Version: 2.4.68-1~deb13u1 Explanation: fix use-after-free issues [CVE-2026-29167 CVE-2026-48913]; fix cross-site scripting issue [CVE-2026-29170]; fix buffer overflow issues [CVE-2026-34355 CVE-2026-34356 CVE-2026-42536]; fix denial of serice issues [CVE-2026-42535 CVE-2026-44186 CVE-2026-49975]; fix out of bounds read issues [CVE-2026-43951 CVE-2026-44185]; fix file read issue [CVE-2026-44119]; fix buffer underwrite issue [CVE-2026-44631]