| Package | apache2 |
|---|---|
| Version | 2.4.10-10+deb8u24 (jessie) |
The patch for CVE-2022-31813 caused a regression in the apache2 package for
Debian 8 jessie, which resulted in some request parameters being lost in
modproxy and modproxy_http configurations. This version corrects the
regression and implements the intended fix without request parameters being
lost.
Note that this regression only affects the apache2 package for Debian 8 jessie. The apache2 package for Debian 9 stretch which was published under the original advisory ELA-632-1 is not affected by this regression.
For Debian 8 jessie, these problems have been fixed in version 2.4.10-10+deb8u24.
We recommend that you upgrade your apache2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.