-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2907-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Anton Gladky February 01, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : apache2 Version : 2.4.25-3+deb9u12 CVE ID : CVE-2021-44224 CVE-2021-44790 Two vulnerabilities have been discovered in the Apache HTTP server: CVE-2021-44224 When operating as a forward proxy, Apache was depending on the setup suspectable to denial of service or Server Side Request forgery. CVE-2021-44790 A buffer overflow in mod_lua may result in denial of service or potentially the execution of arbitrary code. For Debian 9 stretch, these problems have been fixed in version 2.4.25-3+deb9u12. We recommend that you upgrade your apache2 packages. For the detailed security status of apache2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmH5o6AACgkQ0+Fzg8+n /waQSA//fTkCFFZZ/s0vp91MOaNIMjOh8TYgohRuYSlM6AN9Iq49L5mhFfrcXiD9 dG/oYNRHVw7cTgjIi2Uj3p+UCP/WmdfDPV4kyPAMSfeviJks0rlGE7qTvgFr11pL OcJBe6tR2P/MrLJhQkV5ThgBZjHgQ31todCw7dnoVg2rip8oeeEiY1JbPUvo5gYg 3zXTENYKMf7yxGNkQEfSLOC80fCsUAxR+szqdfx0li4h6+3aI7gkufVszn2YpalQ KEOJk7/0rvhdMIkZVaNVQERhyiiPVQ1meeX2aW6onhvmMp/JepkL30afVhcOSWbr QQYSsYfj/NpjOIYLc8NCRUFdB0cPlRtTETOJTDk2dkBNrESztGPA1procz5RscAR EuyPAqwDivd+SVhsXc0p6UPpEK24GB2mJTLQAdbw5I/4oREQNQIJ4Pttqtm/WurJ ecOVZ1/CxbBr2/tUh56DTmXWTWvH714aAlcgpU+sJROz2/VBLFagpg/pxIAu9mM1 SY6GQYqEtfK7wl8lbn0lrVMh9bco+iNlCZB1amXcsSKKYFeUeHcDPjPvtMZIzg/c l1hgE4D0t2LoEiCX7btPCWvmAyP3j+XMqsnKbH9NHL2fQcIZgq0B+nc2m4TThmI1 hY8BT2ltvJn+aFGNaD2lgpffzSQ7eZmR+mP4mqE2m/wQDKDIuTs= =BHJi -----END PGP SIGNATURE-----