-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:55:53 +0200
Source: apache2
Binary: apache2 apache2-bin apache2-bin-dbgsym apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-custom-dbgsym apache2-suexec-pristine apache2-suexec-pristine-dbgsym apache2-utils apache2-utils-dbgsym libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: armel
Version: 2.4.67-1~deb12u3
Distribution: bookworm-security
Urgency: medium
Maintainer: armel Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.67-1~deb12u3) bookworm-security; urgency=medium
 .
   * Fix CVE-2026-49975 (HTTP/2 Bomb)
     The bomb targets HPACK, HTTP/2's header compression
     scheme: one byte on the wire becomes one full header
     allocation on the server, repeated thousands of times
     per request. The hold is a zero-byte flow-control
     window that keeps the server from ever freeing any of it.
Checksums-Sha1:
 27e368e87aadaa85b5dff27e32f5ae1690160ee7 3307072 apache2-bin-dbgsym_2.4.67-1~deb12u3_armel.deb
 498b4275fb7ddeee2db0aa6ae56c81ab4e183250 1199596 apache2-bin_2.4.67-1~deb12u3_armel.deb
 84f4f69cd5bcfc2fddf5ad1c5208305463111148 323096 apache2-dev_2.4.67-1~deb12u3_armel.deb
 999d51d567206a1d797012584c413c3361106c57 3140 apache2-ssl-dev_2.4.67-1~deb12u3_armel.deb
 b946b0013ac61812f1542c2f16a7dc45b01d1e9e 12272 apache2-suexec-custom-dbgsym_2.4.67-1~deb12u3_armel.deb
 376349c431c6aff08158d5e79bd44ce5a9fd3d83 149824 apache2-suexec-custom_2.4.67-1~deb12u3_armel.deb
 f8e00768ffb05161f8e70fa2b84bca8f26c9287b 11044 apache2-suexec-pristine-dbgsym_2.4.67-1~deb12u3_armel.deb
 95d7879cbdd0ccac7960c954e145bcbd8ede4212 148344 apache2-suexec-pristine_2.4.67-1~deb12u3_armel.deb
 aea7ab88174a2089259636881620999e0d1eaced 116976 apache2-utils-dbgsym_2.4.67-1~deb12u3_armel.deb
 d37b9097d8e1488b9edc958f2aa6f5390633bba2 215968 apache2-utils_2.4.67-1~deb12u3_armel.deb
 989df0a271beea47ea20c7fe0f726140d864003f 11742 apache2_2.4.67-1~deb12u3_armel-buildd.buildinfo
 6671dd2347348a4055468bd194c94e17733e2e05 231036 apache2_2.4.67-1~deb12u3_armel.deb
 3646334fdcac08ea020c63c82502f5dd85080d44 956 libapache2-mod-md_2.4.67-1~deb12u3_armel.deb
 c27b15ccea866354406d3faa3a6ba6958986c5a2 1136 libapache2-mod-proxy-uwsgi_2.4.67-1~deb12u3_armel.deb
Checksums-Sha256:
 098c6973bfd414af0f1e4d32969e717659e30860548ef876bf2c5853ff1494f7 3307072 apache2-bin-dbgsym_2.4.67-1~deb12u3_armel.deb
 ec6ce1d5d7a636efbc5326c45e9391df52744520b71b793b562fe8cf3e8bceaf 1199596 apache2-bin_2.4.67-1~deb12u3_armel.deb
 138c0a6389668a70b3cbc59439cad7867e447dbc1d215ce733a10538f518b265 323096 apache2-dev_2.4.67-1~deb12u3_armel.deb
 8ecf48b50c05eea6906ad6e39a8a8c337f3c44f79cf830ec6dc53d65ad9720b6 3140 apache2-ssl-dev_2.4.67-1~deb12u3_armel.deb
 ce9b13c50cf93551beb628a50c7f2faebd4cfdf6b7b12abfd26d77ad17dbe166 12272 apache2-suexec-custom-dbgsym_2.4.67-1~deb12u3_armel.deb
 2cf124ab7db58bc80e27439e42bf8efb70b891eb99987702e9167f720e4e4d36 149824 apache2-suexec-custom_2.4.67-1~deb12u3_armel.deb
 b3e836bf4e95097a2510e7fa58a53845370370b44099a5a9b34540714a3f3e04 11044 apache2-suexec-pristine-dbgsym_2.4.67-1~deb12u3_armel.deb
 0d58a490b028b569bcac7df533d73f9af514de4d07e18fd69005786cde02280b 148344 apache2-suexec-pristine_2.4.67-1~deb12u3_armel.deb
 cb129e461bd0a1b48de8ba54f9c026ddd7c34c9e3dfce6100a269d97a6e87132 116976 apache2-utils-dbgsym_2.4.67-1~deb12u3_armel.deb
 99303349fb6aff0ecfc1952858cb778c3277ac5248885e92c1bdeb7f3b0ab12e 215968 apache2-utils_2.4.67-1~deb12u3_armel.deb
 6cae7d1ebf9236645c08ff6ca23ec136cd76ef2268018dbc2e2103f38f6a4e3a 11742 apache2_2.4.67-1~deb12u3_armel-buildd.buildinfo
 45439d7a7464591742e6a13501d6b10036acdbe823effa393b474e65785026a7 231036 apache2_2.4.67-1~deb12u3_armel.deb
 afa06d6da04ed625fc73f2137d1c66f8facd225b192d85b4990cf08cd9a13324 956 libapache2-mod-md_2.4.67-1~deb12u3_armel.deb
 c80fe78ea7181873c0830931888ebefb2faa24d142d9479a78ed1422407fbb61 1136 libapache2-mod-proxy-uwsgi_2.4.67-1~deb12u3_armel.deb
Files:
 e27373dc917722a712a52faca7d37184 3307072 debug optional apache2-bin-dbgsym_2.4.67-1~deb12u3_armel.deb
 f28183f9f795ae47a5037a254159eb97 1199596 httpd optional apache2-bin_2.4.67-1~deb12u3_armel.deb
 cad8cf00d3a19cf08a3eec945b4811ca 323096 httpd optional apache2-dev_2.4.67-1~deb12u3_armel.deb
 1e0700d2e4fa239068f313cc99c89acb 3140 httpd optional apache2-ssl-dev_2.4.67-1~deb12u3_armel.deb
 7d5528758929eac45f267f879c84c2a6 12272 debug optional apache2-suexec-custom-dbgsym_2.4.67-1~deb12u3_armel.deb
 329c5b7e3a4a4eef3ec04b58beeda64c 149824 httpd optional apache2-suexec-custom_2.4.67-1~deb12u3_armel.deb
 dfaafc5ef7d360a394c582ed18ea2b70 11044 debug optional apache2-suexec-pristine-dbgsym_2.4.67-1~deb12u3_armel.deb
 06f1fa6fedf3fcce00759ad6df062870 148344 httpd optional apache2-suexec-pristine_2.4.67-1~deb12u3_armel.deb
 5db22989de64e1d1a124ed25c0159590 116976 debug optional apache2-utils-dbgsym_2.4.67-1~deb12u3_armel.deb
 2fe121b870f8db62bf3ec97908a2f87d 215968 httpd optional apache2-utils_2.4.67-1~deb12u3_armel.deb
 3a35c84b34884e75776d5b1fb32556f0 11742 httpd optional apache2_2.4.67-1~deb12u3_armel-buildd.buildinfo
 cc48a1cca4fcb6f332a1ec6f965504e6 231036 httpd optional apache2_2.4.67-1~deb12u3_armel.deb
 4b9fdd141c8888123090a2673c39862f 956 oldlibs optional libapache2-mod-md_2.4.67-1~deb12u3_armel.deb
 bc2c384e84c9b0f4a49a1b1500ba3cd7 1136 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.67-1~deb12u3_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEWHj9K9pO9l4btbD1OQKMdMnEH5MFAmokEw4ACgkQOQKMdMnE
H5MnDhAA1GVb+J/LQU1hNmYXSs0vRX/WxrfrtInXWg7+xx60I5TJwjUjKAtfcWzG
c+6d2VK8xDWVFalwJFdCIMIai/M2hf3rnqSYdbLQ0l2iS1gdxPc6nboK/PYj0mcK
kZXBDa9Jd2rTB8PgeFAm5b3GQlC4qFdF0hmBrf6U7fdupTldNkl7RpKIYmHFH89l
FQ33qFR+Ytz9DELNZZAo+EzlLsj63pMoEiMAQ1wgsSxbJamCtrre5v55G7uqPbH4
BZN1zGgUefrhkn/Ua2gBgZ4UxW1rwaxpE0e4As8JLY0xp8I39mhRzq9KJqmVFsFw
tt8QcKvKV7GsbTWsATOc29Z7cCWfYpzr7ANBJGhSpWbAx4mooAqqRq9V0np+/RyS
IOC2HnOb/8eWHm6pfTr1Y8fmTGbxJCpNgR6lzM4oDBjdia9MHeZFlEidQglv1/by
R+HecxVymxoOi52ugLgkCZjWKtOsMNu6vIG0HT8XI06SOqq4WIeke1Kw/waoX9Jy
dCToe7brKBb0JBqSW8eZoqCT1GfSAirzeJete8jQLzwcaNRxmUp6XnHSz17gtdqn
1SzIQKV1FUZfN8U14AzOzWg3JKk7rwkUYj/Q5D92GaQcZgmvVaW4Ne3gEWjidKS4
n/gHGT5ZROCUosM9k4mVRVhBnVqkXyfGsVHXMk3ItEZS+Wx2gYc=
=aQPL
-----END PGP SIGNATURE-----