-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:55:53 +0200
Source: apache2
Binary: apache2 apache2-bin apache2-bin-dbgsym apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-custom-dbgsym apache2-suexec-pristine apache2-suexec-pristine-dbgsym apache2-utils apache2-utils-dbgsym libapache2-mod-md libapache2-mod-proxy-uwsgi
Architecture: s390x
Version: 2.4.67-1~deb12u3
Distribution: bookworm-security
Urgency: medium
Maintainer: s390x Build Daemon (ziehrer) <buildd_s390x-ziehrer@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 libapache2-mod-md - transitional package
 libapache2-mod-proxy-uwsgi - transitional package
Changes:
 apache2 (2.4.67-1~deb12u3) bookworm-security; urgency=medium
 .
   * Fix CVE-2026-49975 (HTTP/2 Bomb)
     The bomb targets HPACK, HTTP/2's header compression
     scheme: one byte on the wire becomes one full header
     allocation on the server, repeated thousands of times
     per request. The hold is a zero-byte flow-control
     window that keeps the server from ever freeing any of it.
Checksums-Sha1:
 25f42b4faf6dfb8d790e65528622f91fa138b741 3362792 apache2-bin-dbgsym_2.4.67-1~deb12u3_s390x.deb
 075be39ac60e0f2812e219ddd3d602c916bc3f18 1274020 apache2-bin_2.4.67-1~deb12u3_s390x.deb
 826aec91c6783bcbd6cf8208faa3aa0445fcf4c1 323084 apache2-dev_2.4.67-1~deb12u3_s390x.deb
 55ab4043b0b7ee2027c5eda55753beeff476be35 3140 apache2-ssl-dev_2.4.67-1~deb12u3_s390x.deb
 2570fab56d0ef452e624955888f0b62dd458d10b 12256 apache2-suexec-custom-dbgsym_2.4.67-1~deb12u3_s390x.deb
 a25c8faafe5f135d771d198843d20e54ee747169 150232 apache2-suexec-custom_2.4.67-1~deb12u3_s390x.deb
 652090a5275b2a775bf393518a74300741092ae5 10980 apache2-suexec-pristine-dbgsym_2.4.67-1~deb12u3_s390x.deb
 53cf2d7690d0a4d56323a33c91cf06667b452ef8 148696 apache2-suexec-pristine_2.4.67-1~deb12u3_s390x.deb
 4d6bedbf85245a9d569dbbfe654b5b7ef8b66941 115308 apache2-utils-dbgsym_2.4.67-1~deb12u3_s390x.deb
 ff8c3326570390b85d75c0e33a798f4cd61abb22 213364 apache2-utils_2.4.67-1~deb12u3_s390x.deb
 899cb4c42d41c0c6b75e718fb14d402e5f870ce5 11772 apache2_2.4.67-1~deb12u3_s390x-buildd.buildinfo
 4df5f65cc0d0103bc4ed2ab6c50fb52d104ef100 231036 apache2_2.4.67-1~deb12u3_s390x.deb
 1dfce3c4e2090a6985983ae1f17bd21f8691b68a 956 libapache2-mod-md_2.4.67-1~deb12u3_s390x.deb
 41d9b4c27dc5348880087892ba10eacbc4fa7570 1140 libapache2-mod-proxy-uwsgi_2.4.67-1~deb12u3_s390x.deb
Checksums-Sha256:
 b3c5d3ddcb102733e9475b930412e873b9f991793e3e372eef4a264a5debe608 3362792 apache2-bin-dbgsym_2.4.67-1~deb12u3_s390x.deb
 f5b2cd4e74da35752df8b212275940c150f00af7d59f604856c8a7b6ca8b6273 1274020 apache2-bin_2.4.67-1~deb12u3_s390x.deb
 f205aaec9d40ff05f58531716761d90c49a28c627d428adc20c8645587a0ad91 323084 apache2-dev_2.4.67-1~deb12u3_s390x.deb
 f6f7dfaef118bf2d4c7c335338f591034fd8e27b64937a46dd5c6d59f5bf098c 3140 apache2-ssl-dev_2.4.67-1~deb12u3_s390x.deb
 c47b12e0d88221482cb07f01486634feaa6d13333cbeb43a1175050a89c046d8 12256 apache2-suexec-custom-dbgsym_2.4.67-1~deb12u3_s390x.deb
 460e2b1a59ae44c228e8ed3af23e9ff86bb81f74d9dd59e62119192b3e912ce0 150232 apache2-suexec-custom_2.4.67-1~deb12u3_s390x.deb
 c241b96d97ce5bc2e815243d4a6ed92e4d42d489a225f2cb049046405a6147f5 10980 apache2-suexec-pristine-dbgsym_2.4.67-1~deb12u3_s390x.deb
 4221dc6a422e1ef1d63021e879b6b5fc0f751b08e3751a615097126a8b6ef982 148696 apache2-suexec-pristine_2.4.67-1~deb12u3_s390x.deb
 be85c8a7bae293db033302ab218b57066dd376c148dba683a120878eb292193f 115308 apache2-utils-dbgsym_2.4.67-1~deb12u3_s390x.deb
 9d8186c14276d9ef8a2b6bcc82f512987e2118df3cd6ed1fc245640b320cecb2 213364 apache2-utils_2.4.67-1~deb12u3_s390x.deb
 f84e456f62dcfec6601ecf818181bc8a7e30d34aeb9042a3d2c0b9a09e4892b9 11772 apache2_2.4.67-1~deb12u3_s390x-buildd.buildinfo
 c184b7b491a5311cdd1e9280caedddc5f23e4d5d1723b05995842694fd2e5cd4 231036 apache2_2.4.67-1~deb12u3_s390x.deb
 d9272725beb093720e9b78c1be5921da41388860381c3c2d5fd3eadb1d0510ba 956 libapache2-mod-md_2.4.67-1~deb12u3_s390x.deb
 4672b8b4efbc30ba59e7536b9d303bcf09983547755cb775c357d0d451a42dc9 1140 libapache2-mod-proxy-uwsgi_2.4.67-1~deb12u3_s390x.deb
Files:
 b43aacf5aeea110002a97f8ab5375510 3362792 debug optional apache2-bin-dbgsym_2.4.67-1~deb12u3_s390x.deb
 b4d5a1b9028db7b25bef108b491179bb 1274020 httpd optional apache2-bin_2.4.67-1~deb12u3_s390x.deb
 7a56bce2a76a5283f8bc2765faf654f2 323084 httpd optional apache2-dev_2.4.67-1~deb12u3_s390x.deb
 ec91adcb076cf26f92af70c19d99e8e6 3140 httpd optional apache2-ssl-dev_2.4.67-1~deb12u3_s390x.deb
 2008092bb783a8f37340f0eea9ae3d30 12256 debug optional apache2-suexec-custom-dbgsym_2.4.67-1~deb12u3_s390x.deb
 0886b131039e54c9fa8f806f65c91785 150232 httpd optional apache2-suexec-custom_2.4.67-1~deb12u3_s390x.deb
 b29c216566b14474bc61a155fc1b0595 10980 debug optional apache2-suexec-pristine-dbgsym_2.4.67-1~deb12u3_s390x.deb
 dcb1aaf5d0adb8778d49670d221201f9 148696 httpd optional apache2-suexec-pristine_2.4.67-1~deb12u3_s390x.deb
 d6349b1f099ac1fdbb9811f0885a6de8 115308 debug optional apache2-utils-dbgsym_2.4.67-1~deb12u3_s390x.deb
 e6f06006fcd497fc4b8ef84ef77d7f38 213364 httpd optional apache2-utils_2.4.67-1~deb12u3_s390x.deb
 4cce8a6c8cdba8a43eaa5e766b8a01b0 11772 httpd optional apache2_2.4.67-1~deb12u3_s390x-buildd.buildinfo
 b8d4e5824192acc4d73edaf2ba776b2b 231036 httpd optional apache2_2.4.67-1~deb12u3_s390x.deb
 55aa683c1c2f4d039309187ac1b706c1 956 oldlibs optional libapache2-mod-md_2.4.67-1~deb12u3_s390x.deb
 57eafbb79e14621cae4dcdc60f274e3f 1140 oldlibs optional libapache2-mod-proxy-uwsgi_2.4.67-1~deb12u3_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEl0BM/nR+Oj597wRWMWUFebkHnoQFAmokEtIACgkQMWUFebkH
noRTEA/+KgcqfBxKTDjidsLqGmwxngO5qIR+5EuiZ7io1BW8Awt1zM1JZmlC+Z5T
fKJHMoUldbKnMAnX6PHc/7zo8+kefFcUPUKsr65Ns4OceioA2Ykf9520f65ELdac
LOZgvPyzxoxYQ5O+d4P8ryVZbQwMB3/f99OKcw/pg84abhvQFtJTJyxjbkjEo/Dv
n8quhJbM2sD9wFnsUAtaXjY8g6ROVV5J7HaWTXgjL0+wDWQSToLE3nWYYDqe6xyb
D+cfshkduW1wd18CZxJjLXMCXGjVPJQjDxi467GsSciB5FZM1xNIc8o6NI+fCyqU
ihEWKVaJSDTY0P6LOGt368tafOkhbbpkRqxSCp5MZLJVR3nv74CIZGk09jYRPbmO
aRh6bFLCsUNdG0pULS6gD8mDBNUkpHfxhe4GNLgNkn5m3s2g3LsaOCIEgjkPQgd/
7O9QjKoDD92oFroBe5saL5YS2q5kQUvr3WNMvrHmB6fUjVXRUjedX/kmUrvtkIhy
1LhTRnKGYKge/HBqIxqdsZMQ7TMWfL8BExjnq2bzDz6dNmR66tW+YCnUxtvPzuL5
Bj0Y2fbzhKF6ORDowQglgZM7917NBYz7cGoYFy9SHfx8YfBBr+zRU7OT6uQYPDZO
FGmzR1XwZFzJuyxBS1HwCYry7gTX0oVkL9TW9uVbTnm9YtBM32I=
=NqSG
-----END PGP SIGNATURE-----