-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:55:53 +0200
Source: apache2
Binary: apache2 apache2-bin apache2-bin-dbgsym apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-custom-dbgsym apache2-suexec-pristine apache2-suexec-pristine-dbgsym apache2-utils apache2-utils-dbgsym
Architecture: armel
Version: 2.4.67-1~deb13u3
Distribution: trixie-security
Urgency: medium
Maintainer: armel Build Daemon (arm-ubc-03) <buildd_arm64-arm-ubc-03@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Changes:
 apache2 (2.4.67-1~deb13u3) trixie-security; urgency=medium
 .
   * Fix CVE-2026-49975 (HTTP/2 Bomb)
     The bomb targets HPACK, HTTP/2's header compression
     scheme: one byte on the wire becomes one full header
     allocation on the server, repeated thousands of times
     per request. The hold is a zero-byte flow-control
     window that keeps the server from ever freeing any of it.
Checksums-Sha1:
 de42f0d59fb8f1b22a6350ac57836bee65b3b4f2 3363968 apache2-bin-dbgsym_2.4.67-1~deb13u3_armel.deb
 419640d3fd2dd215cde34da3943129af69b81a44 1225488 apache2-bin_2.4.67-1~deb13u3_armel.deb
 feeef3b7ab4d255eb4e12123d4a6c750e6d7f0a7 323124 apache2-dev_2.4.67-1~deb13u3_armel.deb
 fd111d59969465b1e8544eb13b0d77efa2482d6e 3140 apache2-ssl-dev_2.4.67-1~deb13u3_armel.deb
 9d51a389f06f6df4b66deef5190919a69d3ddd27 12252 apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_armel.deb
 e86998dbfa2ee0a73bbc8eb9421f08bc9d5bca7b 151044 apache2-suexec-custom_2.4.67-1~deb13u3_armel.deb
 83bf113c46814039f7f871370f1ab280e5e817a7 10940 apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_armel.deb
 a79678a6cc69fc5585495c26cbbac898fe56ff52 149512 apache2-suexec-pristine_2.4.67-1~deb13u3_armel.deb
 cb4bb72dc2be3d2eef4f32d5eb6965787658db04 117968 apache2-utils-dbgsym_2.4.67-1~deb13u3_armel.deb
 674f458f111199f083b5b4042d15ff4363622fdf 218176 apache2-utils_2.4.67-1~deb13u3_armel.deb
 ff2fb4fb4fac9948b714e49f6e06ea1ed22b00db 11734 apache2_2.4.67-1~deb13u3_armel-buildd.buildinfo
 8ee16bf3c3f258898eda6012313f33dfb1811582 226264 apache2_2.4.67-1~deb13u3_armel.deb
Checksums-Sha256:
 a9a6cf33e6e8704775eb1c5e3c9a69e180c388143290f76e42a72bb5deac87c2 3363968 apache2-bin-dbgsym_2.4.67-1~deb13u3_armel.deb
 7ec6c4dd6db34d129bfe37cbf717724c85873fd8d635811b2c629c2e4d9dbcb3 1225488 apache2-bin_2.4.67-1~deb13u3_armel.deb
 e73b832e541ddc4fd62bf9ec9cd248131b508c6c2c72eeedcec585bb7b2de852 323124 apache2-dev_2.4.67-1~deb13u3_armel.deb
 653db37e85a77ffd95e25c2982d9a3d8a33bbd80cd714dd8a9950c43c47ad917 3140 apache2-ssl-dev_2.4.67-1~deb13u3_armel.deb
 a366215f6438bdbc1048581a4f69c907a2ed1f56545cbbed3c33ce8c7efaffe1 12252 apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_armel.deb
 640d44dfaf99baa599706d7cffc099b13c8daef73c556ec7fa6c3f6f5c80d5f1 151044 apache2-suexec-custom_2.4.67-1~deb13u3_armel.deb
 f57949d2eae01804b51c977385b652b51a636072da2d68226cbdf3685db97d5c 10940 apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_armel.deb
 b540f251cafc71b9a611229e25a119f605cdf3d77ce5fcc8aafaea0643d35794 149512 apache2-suexec-pristine_2.4.67-1~deb13u3_armel.deb
 19793d01f52963ef17fc5663c861523dd57bd702e66057bff7810f10a5022191 117968 apache2-utils-dbgsym_2.4.67-1~deb13u3_armel.deb
 0f682f4be8ac4dfda719c25a97f82e8d1cd4c60b602241755b51e84751861611 218176 apache2-utils_2.4.67-1~deb13u3_armel.deb
 b6eeb60f4a56bd44c164aba682aa443e8eda58ec07fe1a416d9348d6d5d6875c 11734 apache2_2.4.67-1~deb13u3_armel-buildd.buildinfo
 685e5117b07c7ddd223ffc4a21d9f851083254532410d4911eb36bc5bac0f5ff 226264 apache2_2.4.67-1~deb13u3_armel.deb
Files:
 269562ef3bf273457809dffc769dbe4e 3363968 debug optional apache2-bin-dbgsym_2.4.67-1~deb13u3_armel.deb
 cd6c9882bb14e1e51a43cf153636aa6c 1225488 httpd optional apache2-bin_2.4.67-1~deb13u3_armel.deb
 c5e8bc11a512f3cc6aae6738d7e3d5fc 323124 httpd optional apache2-dev_2.4.67-1~deb13u3_armel.deb
 9384a6938cfdf635ee16f40dd6569bf1 3140 httpd optional apache2-ssl-dev_2.4.67-1~deb13u3_armel.deb
 2063cd4f7c13b8cb4f62914f4de671b5 12252 debug optional apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_armel.deb
 1965558b0b2cf9d010fc7734ca65499e 151044 httpd optional apache2-suexec-custom_2.4.67-1~deb13u3_armel.deb
 86289c96c6761061fe6c5a5d1a885d4b 10940 debug optional apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_armel.deb
 ed50450271b8c7b33a3054a3e5c8db0a 149512 httpd optional apache2-suexec-pristine_2.4.67-1~deb13u3_armel.deb
 ae3aba81a486ea03bba9d5d57e7266e9 117968 debug optional apache2-utils-dbgsym_2.4.67-1~deb13u3_armel.deb
 f167cf510f4e8014f2375c58bc9df8a7 218176 httpd optional apache2-utils_2.4.67-1~deb13u3_armel.deb
 8b8d4b86df8e6ac86fa05d2d6ae534e3 11734 httpd optional apache2_2.4.67-1~deb13u3_armel-buildd.buildinfo
 172892bcce5e4e0611060b5458699b0b 226264 httpd optional apache2_2.4.67-1~deb13u3_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE2kd8oHy+LXk/nybqvzDqKQSGl8UFAmokIUcACgkQvzDqKQSG
l8UH4w//VrPGbMXKWLCWCmjU9ilDtzu7e9s37Dwu6DhRYZiqRlXpJ+oGnARJgiRB
f3OD4sNd3sjSn4DbEdOBSEyI27SaYETDmkikf+yT7/SjgNGAJF2lVqAGDPpkbaYI
LfrNr8W2cCu+XIAoSGXG7t68X2l1F2GztFqDEVzp0wSMIoQGDU7KhIxPSyYWWHB8
Ik16439JIGwtEc9x/iQ6YHvuhdhdhQ7rl3zXOLSOQ65nxtEtpkj+/6L1APN+uBcJ
ixM0VR6KzMOZBRipu1VIOoxF/sH2UHxkk9L6fNEF5nFe1HrVvg6l84dQK37H1tet
QPGXnSBYjCYhhuXv0jcePhkW079pAeSWvHu32nQQGl2Yljv/LYq2OSuU1kayGTxy
NNVMiPazlg+QgUO9xz43vVT3zehH6SYzfspy0JjoFGelUYL8llbScPcwek5Q+PfV
pXtOUrJgJDd0QToMzXgObfYNi3+ybHC3nvxJrK/MJYjDnpWLW672IA01CB83WQli
mfLXBUc3CCplvNZoUyN4ydtcoOe6xttQQQNLmFNkqFJ5dQQw9Q3MYxfaf3D4JNKP
X9M9o/rHIEk+tO625151ZMcVs8kKP4xD1VNd8rZJqSy4vBZKxXpVfWisFohXOokT
giTUqzrYWPMOVdlEWCGe5Zxxd9hLFFR6TosBNNUQVnYFcIgtY2c=
=C/PU
-----END PGP SIGNATURE-----