Debian Security Advisory
DSA-5376-1 apache2 -- security update
- Date Reported:
- 20 Mar 2023
- Affected Packages:
- apache2
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2006-20001, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522.
- More information:
-
Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.
For the stable distribution (bullseye), these problems have been fixed in version 2.4.56-1~deb11u1.
We recommend that you upgrade your apache2 packages.
For the detailed security status of apache2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache2