-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6323-1                   [email protected]
https://www.debian.org/security/                     Salvatore Bonaccorso
June 06, 2026                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : apache2
CVE ID         : CVE-2026-49975
Debian Bug     : 1138750

It was discovered that incorrect cookie header accounting in the HTTP/2
implementation of the Apache HTTP server may result in denial of service
(excessive resources consumption).

For the oldstable distribution (bookworm), this problem has been fixed
in version 2.4.67-1~deb12u3.

For the stable distribution (trixie), this problem has been fixed in
version 2.4.67-1~deb13u3.

We recommend that you upgrade your apache2 packages.

For the detailed security status of apache2 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/apache2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmokLS1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SF5A//VBFPcEMnrpvy7FSVjc04kiX0vOY6ce5TwphKERhb48EJGqJUg5tjSXrH
+jMmwei9F6MuDNxWb2pF/d1tdUB+WBQSt29mX9k565ytSnR9lB4gf0m2cxIhv9K+
+XirQ6bF7dSwWPxmeU+DkBWx4fh/TrWBWNITsiRod3xUmG8uf6xLQIlrwW9ligO5
LisBLoiUDrbis6XsGXP0eQJpp+y2I29+h2wwn49SaeFKP05GifFvglRjiawye6s0
VJJnXt/uR78Sdhkk9J6SPWog5hVyYbIvAFMuuStZ5JLVZ+9cFpNBKoOKz2E5HYAH
sgo0an6+69ifzRo+OivObbz3SaaNLzKx3zhwLdMqEa5ygjX7Iu8B74PcA7yQdm+r
Ljk+MX17iRCOl3nT51poMgG1XO+jpmeJe0s57sOr53EDPKQvvPflhuwK+ZJtlfmI
rfQCmAWDW19gneZoppYon289FmA7Xt9c4NtLtDFy70Q6IesRtrDQQum2eNijeFGR
p6BGfRPjHpm8XpAX9zQGVl/DxLJmtpNqTtNLsCOmGyJyPIjNO7DO4ODDJF1RyTzR
lIwmVaL9cWOaS/3iB1EWSA9g6+pNSL2bxX05194fdWG5pwZiGVD07gZ/b40F0evt
TGG8P6HrEyKPNqyW2xqfvpIdIWljPZtS8gFeJLlhsXLDbO2czTw=
=BDfW
-----END PGP SIGNATURE-----

Reply via email to