In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when modssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.
{ "binaries": [ { "binary_name": "apache2", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-bin", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-bin-dbgsym", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-data", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-dbg", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-dbgsym", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-dev", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-dev-dbgsym", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-doc", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-suexec-custom", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-suexec-custom-dbgsym", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-suexec-pristine", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-suexec-pristine-dbgsym", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-utils", "binary_version": "2.4.18-2ubuntu3.17+esm16" }, { "binary_name": "apache2-utils-dbgsym", "binary_version": "2.4.18-2ubuntu3.17+esm16" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "apache2", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-bin", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-data", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-dbg", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-dev", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-doc", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-ssl-dev", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-suexec-custom", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-suexec-pristine", "binary_version": "2.4.29-1ubuntu4.27+esm6" }, { "binary_name": "apache2-utils", "binary_version": "2.4.29-1ubuntu4.27+esm6" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "apache2", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-bin", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-bin-dbgsym", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-data", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-dev", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-doc", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-ssl-dev", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-suexec-custom", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-suexec-custom-dbgsym", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-suexec-pristine", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-suexec-pristine-dbgsym", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-utils", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "apache2-utils-dbgsym", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "libapache2-mod-md", "binary_version": "2.4.41-4ubuntu3.23+esm2" }, { "binary_name": "libapache2-mod-proxy-uwsgi", "binary_version": "2.4.41-4ubuntu3.23+esm2" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "apache2", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-bin", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-bin-dbgsym", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-data", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-dev", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-doc", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-ssl-dev", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-suexec-custom", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-suexec-custom-dbgsym", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-suexec-pristine", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-suexec-pristine-dbgsym", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-utils", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "apache2-utils-dbgsym", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "libapache2-mod-md", "binary_version": "2.4.52-1ubuntu4.15" }, { "binary_name": "libapache2-mod-proxy-uwsgi", "binary_version": "2.4.52-1ubuntu4.15" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "apache2", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-bin", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-bin-dbgsym", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-data", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-dev", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-doc", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-ssl-dev", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-suexec-custom", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-suexec-custom-dbgsym", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-suexec-pristine", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-suexec-pristine-dbgsym", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-utils", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "apache2-utils-dbgsym", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "libapache2-mod-md", "binary_version": "2.4.58-1ubuntu8.7" }, { "binary_name": "libapache2-mod-proxy-uwsgi", "binary_version": "2.4.58-1ubuntu8.7" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "apache2", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-bin", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-bin-dbgsym", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-data", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-dev", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-doc", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-ssl-dev", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-suexec-custom", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-suexec-custom-dbgsym", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-suexec-pristine", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-suexec-pristine-dbgsym", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-utils", "binary_version": "2.4.63-1ubuntu1.1" }, { "binary_name": "apache2-utils-dbgsym", "binary_version": "2.4.63-1ubuntu1.1" } ], "availability": "No subscription required" }