Debian 10223 Published by

An apache2 security update has been released for Debian GNU/Linux 11 to address multiple vulnerabilities that may result in HTTP response splitting or denial of service.



DSA 5376-1: apache2 security update



- -------------------------------------------------------------------------
Debian Security Advisory DSA-5376-1 security@debian.org
  https://www.debian.org/security/ Moritz Muehlenhoff
March 20, 2023   https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : apache2
CVE ID : CVE-2006-20001 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690
CVE-2023-27522

Multiple vulnerabilities have been discovered in the Apache HTTP server,
which may result in HTTP response splitting or denial of service.

For the stable distribution (bullseye), these problems have been fixed in
version 2.4.56-1~deb11u1.

We recommend that you upgrade your apache2 packages.

For the detailed security status of apache2 please refer to
its security tracker page at:
  https://security-tracker.debian.org/tracker/apache2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://www.debian.org/security/