-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:55:53 +0200
Source: apache2
Binary: apache2 apache2-bin apache2-bin-dbgsym apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-custom-dbgsym apache2-suexec-pristine apache2-suexec-pristine-dbgsym apache2-utils apache2-utils-dbgsym
Architecture: i386
Version: 2.4.67-1~deb13u3
Distribution: trixie-security
Urgency: medium
Maintainer: i386 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Changes:
 apache2 (2.4.67-1~deb13u3) trixie-security; urgency=medium
 .
   * Fix CVE-2026-49975 (HTTP/2 Bomb)
     The bomb targets HPACK, HTTP/2's header compression
     scheme: one byte on the wire becomes one full header
     allocation on the server, repeated thousands of times
     per request. The hold is a zero-byte flow-control
     window that keeps the server from ever freeing any of it.
Checksums-Sha1:
 c417abd4cb798b979c78cd45a6d95f3f71cff765 3309592 apache2-bin-dbgsym_2.4.67-1~deb13u3_i386.deb
 736a1d996ee4c8041b9892f97d70f42893e36966 1479248 apache2-bin_2.4.67-1~deb13u3_i386.deb
 612a33e389bbfb217c86ac6c8e434f92c1ccdc95 323104 apache2-dev_2.4.67-1~deb13u3_i386.deb
 9f743861c8a6dd64f2c095fabbec79a8fed3e46c 3136 apache2-ssl-dev_2.4.67-1~deb13u3_i386.deb
 b7436c43a51ee9e0b896593b92039f2bcb803903 11196 apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_i386.deb
 37fa8a0337b8d64d7c3721e8087af273d42d7465 151592 apache2-suexec-custom_2.4.67-1~deb13u3_i386.deb
 fd8bdc7256f2e1e06e602013e68a98247acd4eaa 9988 apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_i386.deb
 3bccb9b20dc3d9db9bd0b33558f1e821bfe0b694 150044 apache2-suexec-pristine_2.4.67-1~deb13u3_i386.deb
 99e8979f900d9d9ff3374fab506d52388be0954b 108800 apache2-utils-dbgsym_2.4.67-1~deb13u3_i386.deb
 22373339c4127e0fbc05fca897e3bfedb0a1878f 222832 apache2-utils_2.4.67-1~deb13u3_i386.deb
 5e4ab3bba879e2a25784cb4e06b9389621fd8f67 11753 apache2_2.4.67-1~deb13u3_i386-buildd.buildinfo
 3150fac7b874d9ae93601c90bc8f19096d06990e 226264 apache2_2.4.67-1~deb13u3_i386.deb
Checksums-Sha256:
 3adfae63e045168569e7bb47dc3e5d13d7798250085bd0ec23a36817b2a55d8d 3309592 apache2-bin-dbgsym_2.4.67-1~deb13u3_i386.deb
 55b56ca41950e006381236180fc4b17188e7706e7729f1c2de9a397b0953a1df 1479248 apache2-bin_2.4.67-1~deb13u3_i386.deb
 7558a653b7e90dc064a45d1fe0064e2a5f9e4ef70e6516dd207ec581f0caf142 323104 apache2-dev_2.4.67-1~deb13u3_i386.deb
 8c5f2b220d110f3ee4da1e70251f4bedf2feb4e2596b3f1d1149a3ccf0d6920c 3136 apache2-ssl-dev_2.4.67-1~deb13u3_i386.deb
 13cdceea97d8fc400a037116377bad0a071e396a70e5edc27d19b4833cfc39df 11196 apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_i386.deb
 99d7f875ae7866909e6dd652627632ac75cc594c49b27e958dd690bb62305fee 151592 apache2-suexec-custom_2.4.67-1~deb13u3_i386.deb
 407380e57357975a507d855a4b70fdf56e1661480b2dc1f94cd3d00a26446856 9988 apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_i386.deb
 129f5b2005ff1854b4ed27d389cf79c8e6962607e888bc34bd415035aa450948 150044 apache2-suexec-pristine_2.4.67-1~deb13u3_i386.deb
 d7fc63fc48558c6a9b652674de878bc7da37e868f4cf09f5cf641f64737c5d8b 108800 apache2-utils-dbgsym_2.4.67-1~deb13u3_i386.deb
 cfbe12d459439ba54fb68989cd1c8394cd4060b282993dfc3d9e8f327873fbc5 222832 apache2-utils_2.4.67-1~deb13u3_i386.deb
 3a268e420990046c50b0874930f27e5281d07c8c25f1cc3e19bdb1a1f8414c40 11753 apache2_2.4.67-1~deb13u3_i386-buildd.buildinfo
 6c3260c76a5bc3f1aa29f5599c3431186484173c160cf71708ddfa793306e24f 226264 apache2_2.4.67-1~deb13u3_i386.deb
Files:
 ca83d70f783bd519729dd6adbea4f755 3309592 debug optional apache2-bin-dbgsym_2.4.67-1~deb13u3_i386.deb
 d5d5bf87c9591e4444e6cfe8ec882e63 1479248 httpd optional apache2-bin_2.4.67-1~deb13u3_i386.deb
 bb495cf2afb5bcb918ddf0a7b3498b46 323104 httpd optional apache2-dev_2.4.67-1~deb13u3_i386.deb
 e12ac4582fbcde1f2914ae453b78539c 3136 httpd optional apache2-ssl-dev_2.4.67-1~deb13u3_i386.deb
 09915b3bc63e294247a9b2c0344ad52a 11196 debug optional apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_i386.deb
 cacca72c236d4e2e2ccaf2b12b523099 151592 httpd optional apache2-suexec-custom_2.4.67-1~deb13u3_i386.deb
 bc4f9bc5bf6804d155946ae8b1bf845a 9988 debug optional apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_i386.deb
 4016d079f6e09d8f9461e90f273b03fb 150044 httpd optional apache2-suexec-pristine_2.4.67-1~deb13u3_i386.deb
 62edd46ce400c474747f8bc8cc9d6871 108800 debug optional apache2-utils-dbgsym_2.4.67-1~deb13u3_i386.deb
 957424c66bfb7fe22d68db7549be77fa 222832 httpd optional apache2-utils_2.4.67-1~deb13u3_i386.deb
 a1f6a1fe328707e5f1136ae17fee0a2a 11753 httpd optional apache2_2.4.67-1~deb13u3_i386-buildd.buildinfo
 d9835812f05b186bdd6297d4fb8fba77 226264 httpd optional apache2_2.4.67-1~deb13u3_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEPAUaMA0H0rOy6qBWf2INRiCdaWIFAmokITsACgkQf2INRiCd
aWKz8Q/5AectKZB95hAFmCjqplJpFtTP9kO/B5NVw1AeXfI5hZB6wdku6MbDljZQ
dOQFu0bZvy7k80EMp0gOQGSXMQORyiuM7JMt8gKBh87w+mMlhWVQcAPwmg24WsJT
97u1tqS8OJXAXeOqXWMk0udogJFcW+7lz908MpPigkaRpC7aaMc1AWb6fEaI9VFh
YoVmXanx64TspMGAMU37eleDgWwjoAiOU0MQ0O1LXiXxZ3QNXeT+rOeOQiYpIl80
UziIMbdcGgSInlNBc82lmNBvvJe1bHFj7dauW7v725BmlO6RQwEQ11JAXKAJsKHI
Vyzdq10v/KQ3MgylNdSE/ZLmQu/JqPH4wFle8VYVCEI2Us+F0/oSvqaKzPtRxclE
g4Z+6wunssPK1KFEMwSQONM/P0Bd72+FrC04dxPJX+wRTnnoo8xt9mDE4OG+byVh
YXOX0JszzUVo3PLxADk7Xl14+EIRukqpNyBua4BEz5eP8QpWPRQC/+HrkRwoO3ny
lKFYXgsGWtK8PX0J/zHpVsl9VvnVq/IVk1EDlQOzgHtTPdzB9ur9xsUkwQ7z18Bv
zm0mOFijVaBJrjh0/KWMxKRoihWOdyLceHYSmvAlznPRS14SOT6Lb9viHoSvkeZq
gvXepkaepj36FKtaYsWbrMVJSbGAvpklYdS0kUd8GY32MDRJjaw=
=VX/y
-----END PGP SIGNATURE-----