ELA-1106-1 apache2 security update

Faulty input validation

2024-06-14
Packageapache2
Version2.4.10-10+deb8u27 (jessie)
Related CVEs CVE-2023-38709


Faulty input validation in the core of Apache allowed malicious or exploitable backend/content generators to split HTTP responses



For Debian 8 jessie, these problems have been fixed in version 2.4.10-10+deb8u27.

We recommend that you upgrade your apache2 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.