===========================================================================
Ubuntu Security Notice USN-3370-2
August 01, 2017

apache2 vulnerability
===========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Apache HTTP Server could be made to crash or leak sensitive information
if it received specially crafted network traffic.

Software Description:
- apache2: Apache HTTP server

Details:

USN-3370-1 fixed a vulnerability in Apache HTTP Server.
This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Robert Swiecki discovered that the Apache HTTP Server mod_auth_digest
module incorrectly cleared values when processing certain requests. A
remote attacker could use this issue to cause the server to crash,
resulting in a denial or service, or possibly obtain sensitive
information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
 apache2.2-bin2.2.22-1ubuntu1.13

In general, a standard system update will make all the necessary
changes.

References:
 https://www.ubuntu.com/usn/usn-3370-2
 https://www.ubuntu.com/usn/usn-3370-1
 CVE-2017-9788

--=-wn+gI3RoYRhyrGH54xlH

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAABCAAGBQJZgMkhAAoJEEW851uECx9phdgQALIz3pSWWa9wCeNDoFT42rtY
iYJ6sPWWfo4Sc38u9GIregdfdDJY7G6tBo111gkEh6dMmuK7H6VGiJV8HiWyXf/t
hpe5bje9pUa3IJt39a77U8jaOHF7yXLvOglWtSPT3NcOnyW9n0LPlF8YjS3rHA5u
1WWC53uhMQB/XAZpC5ZpHMQ3LYNLdhYY++8qoSFrXd1xbL3I0QZ+Si7xRylGEr7M
rJcU8UKfNotreEM4IBm+PhUa97EsZ1NVpx9+K/3ZL8gKM3ZRA9j4NtUPvBC8EEKL
NjIxqdtbo09S3nPaapMOv4AK1W4XN2g24lAF2fCAMoq1A6Jwg6pmxgoJvy4Sb/89
B7YlkAjhk/yElgpS10iasRpQgy+LXW+qTrEqGSsBveysYS5rjny88LPVjT0Mzxyo
8nwgrjOFR0zYUMalB/BgEdi4yk+IZ/+WpjFOiWzXHXjRC0RJdg1VTnUhAG0G7w08
UWKXaQi2CzexPP28r9erWeBWB6JMHjC25/vEw7BXgJVwYIldG9x4VulfMXGLv2Gm
Es3BWYIvLsEH/XS4XM9Vz+6nSIHGWyKqioOON4o+Xfd0crNSJ1q2CqENohl6LW8S
4nyVN27eomI+4xAWEzDR3qXnIFmqOy09VLF9jdXSzQbMyfLHXos7KMlCXZU50YpB
yG9qmd3TkRL4vVyo3cdt
=GLsw
-----END PGP SIGNATURE-----

--=-wn+gI3RoYRhyrGH54xlH--