-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:55:53 +0200
Source: apache2
Binary: apache2 apache2-bin apache2-bin-dbgsym apache2-dev apache2-ssl-dev apache2-suexec-custom apache2-suexec-custom-dbgsym apache2-suexec-pristine apache2-suexec-pristine-dbgsym apache2-utils apache2-utils-dbgsym
Architecture: armhf
Version: 2.4.67-1~deb13u3
Distribution: trixie-security
Urgency: medium
Maintainer: armhf Build Daemon (arm-ubc-05) <buildd_arm64-arm-ubc-05@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-dev - Apache HTTP Server (development headers)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Changes:
 apache2 (2.4.67-1~deb13u3) trixie-security; urgency=medium
 .
   * Fix CVE-2026-49975 (HTTP/2 Bomb)
     The bomb targets HPACK, HTTP/2's header compression
     scheme: one byte on the wire becomes one full header
     allocation on the server, repeated thousands of times
     per request. The hold is a zero-byte flow-control
     window that keeps the server from ever freeing any of it.
Checksums-Sha1:
 51e83531f73a9294599c37088b4d104aa6ddf430 3410168 apache2-bin-dbgsym_2.4.67-1~deb13u3_armhf.deb
 67258ceafc73790d5d01fc2a2b8f1b671e3ea252 1250488 apache2-bin_2.4.67-1~deb13u3_armhf.deb
 d286a27cd6b62210224afad19d535116549d3430 323132 apache2-dev_2.4.67-1~deb13u3_armhf.deb
 f985dd616ceea0728e414bdceac52f625aaa7fe2 3140 apache2-ssl-dev_2.4.67-1~deb13u3_armhf.deb
 de28da54f7483b631e26c361a63966cb8fecf887 12156 apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_armhf.deb
 0796a224b3d60268823fbbbb9d0d5b2493cba5b0 151028 apache2-suexec-custom_2.4.67-1~deb13u3_armhf.deb
 9c04bcf0c94578bd25fcfb4b3e5652b1e7be4648 10900 apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_armhf.deb
 3917156022584a21a28937e069fb90b101124821 149500 apache2-suexec-pristine_2.4.67-1~deb13u3_armhf.deb
 d081e5ae7ef4f2feeaa276b06dfbf8543f4bb747 119464 apache2-utils-dbgsym_2.4.67-1~deb13u3_armhf.deb
 4f2c0b10eac4905ee0092b5eb04cbb96730abea0 218304 apache2-utils_2.4.67-1~deb13u3_armhf.deb
 742abdf0a42b8c87023561e1e10b787435acb945 11748 apache2_2.4.67-1~deb13u3_armhf-buildd.buildinfo
 cef9e2c670cad2785ce40b3d31bffdce73ef0ad8 226264 apache2_2.4.67-1~deb13u3_armhf.deb
Checksums-Sha256:
 ab82666c7701ecb348f8fd14b8119d43213a7a33139e4ff07dc5bf526ef7d433 3410168 apache2-bin-dbgsym_2.4.67-1~deb13u3_armhf.deb
 d1d52de1fe886136996eb1d8edb58687f7199e1d2bdfd4c48436d0abafe78c8a 1250488 apache2-bin_2.4.67-1~deb13u3_armhf.deb
 324ec0f75581b2fe020db30b7258f81573a2043631c90fa2ad4e698f041aa247 323132 apache2-dev_2.4.67-1~deb13u3_armhf.deb
 75d01f91590c632e31552925b09debf79b4dfe794f51c9ee55cadc5216c3836a 3140 apache2-ssl-dev_2.4.67-1~deb13u3_armhf.deb
 58b2355ca74a059dc3c40ea6206b023fa5d53d48d9ce2e91dd38a940acce3c4a 12156 apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_armhf.deb
 83b7c9cbe6f390c6fb88b4102cc767e7105ed941776eaa12ad800d5936ffe135 151028 apache2-suexec-custom_2.4.67-1~deb13u3_armhf.deb
 1824525c340eccfd47086db406fef6ad95546a47c6b52bf98cd5ba10d0646e0c 10900 apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_armhf.deb
 b239dbdf4d3e2ad2c08a04b791b64cf9812a21fb8811cd0e127e0c7fdbf59a42 149500 apache2-suexec-pristine_2.4.67-1~deb13u3_armhf.deb
 4713160d5756d920bdc774b33e1c402d3006543aeb27487f19c3ed08e1f8d624 119464 apache2-utils-dbgsym_2.4.67-1~deb13u3_armhf.deb
 e63ef53a85bf5415c8b4a2707484a306d57789d374dc80de0ef707cab6a7bc36 218304 apache2-utils_2.4.67-1~deb13u3_armhf.deb
 f3a99ae36bfbf55950dae5afbc0bb3bc2201aeda35aa4ca6eb3bd861ed9e36e5 11748 apache2_2.4.67-1~deb13u3_armhf-buildd.buildinfo
 a193d4d257024ef431c6a3d0f7bf0919b405dac260a15ac8bb500cd2b2e6b70b 226264 apache2_2.4.67-1~deb13u3_armhf.deb
Files:
 3e4271a9f4c5449dd79aa051c5a73e40 3410168 debug optional apache2-bin-dbgsym_2.4.67-1~deb13u3_armhf.deb
 52460bb1c5bb40b2c3f9a977dddf8815 1250488 httpd optional apache2-bin_2.4.67-1~deb13u3_armhf.deb
 15d203aaa18b87e929f8731ce53b0691 323132 httpd optional apache2-dev_2.4.67-1~deb13u3_armhf.deb
 9024ce507c4ad498603b621226513e60 3140 httpd optional apache2-ssl-dev_2.4.67-1~deb13u3_armhf.deb
 3ecc9e39d7fd91b5c68c61499e1d6bc5 12156 debug optional apache2-suexec-custom-dbgsym_2.4.67-1~deb13u3_armhf.deb
 fb45e34df402d74bbe02a5ca7e364103 151028 httpd optional apache2-suexec-custom_2.4.67-1~deb13u3_armhf.deb
 1202bc56fcb064270261b92457d2aaee 10900 debug optional apache2-suexec-pristine-dbgsym_2.4.67-1~deb13u3_armhf.deb
 8a37f110db84fe81d62c63e5b5664059 149500 httpd optional apache2-suexec-pristine_2.4.67-1~deb13u3_armhf.deb
 4cbc27a807c473b086126affda384f04 119464 debug optional apache2-utils-dbgsym_2.4.67-1~deb13u3_armhf.deb
 c93890f8b6ffacd16c4bf293608bc85d 218304 httpd optional apache2-utils_2.4.67-1~deb13u3_armhf.deb
 160144d13b9a1a0df3b0443d4df462c9 11748 httpd optional apache2_2.4.67-1~deb13u3_armhf-buildd.buildinfo
 83c015d39f8e5381b76368349dcae6e0 226264 httpd optional apache2_2.4.67-1~deb13u3_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7rv+l3KtZdQea77lnwznazfjXToFAmokIVMACgkQnwznazfj
XTpJmA/+O2D/OZct5alY5ClZfdyH0W/kLgjpYsKXkyoEacRWyss63DQvrxS6ADLb
1nlKy7Q0Ym1SNlrIQi+XhmLeY7BjEtqntYOo5IU9ELp2kLsPr13o3yGRjiDnTejV
tLs+jlsCZcpfiPq7m1RCK3Poc0h+FgsBkgUPeiY12W5DQaUp+5cN788oD87WmWzk
XfKNYGy0IdsxVRaiyzMUYj3LghSz8Ezk0Q6e4jX8myrghEkFDNM7Pq/c/rbzF7GC
ZdWut/YiOJP9HUDELPuUmf7Q39hTTh2bOb3T16Sq+NwAjRq3QRdTHNJ0qgG+4G8e
ob1W8LYMuXl3m1s5xb73EXow+vkXjsJjfXdT5pb4BHwTq8w+yRNWeUUO9mspHbFr
m6nCTvAsgtRodw5VyCQmBxAygBpGqVMIiUxEwPtdivap5C5nxHvM9LSujOHSLDDB
sj4K46DOdLR0x2WgJvI4Vy+gow5UjGw4P8xyDErKEEtRD0s4QBD0/z3R0nyPnHJY
RwmWxSJebsH7vxAthqftYdiEA3cIDS83/6qhMv9N0mLkg5NI+zRqu70icwyxtLDs
2hQsG4VpeIdlLNmAh/pkkmAqNp6dFf+/392/Sys2pJDU0D9NC8D2k9NdS0upy1YT
p5PJlnEFjQF2DbVVy/uqXHpwKgx9GtdtqcPh8tz73beiGIhOyjk=
=vbaJ
-----END PGP SIGNATURE-----