Executive Summary

Summary
Title Apache HTTP Server update
Informations
Name USN-4307-1 First vendor Publication 2020-03-18
Vendor Ubuntu Last vendor Modification 2020-03-18
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

TLSv1.3 support has been enabled in Apache HTTP Server in Ubuntu 18.04 LTS.

Software Description: - apache2: Apache HTTP server

Details:

As a security improvement, this update adds TLSv1.3 support to the Apache HTTP Server package in Ubuntu 18.04 LTS.

TLSv1.3 is enabled by default, and in certain environments may cause compatibility issues. The SSLProtocol directive may be used to disable TLSv1.3 in these problematic environments.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS:
apache2-bin 2.4.29-1ubuntu4.13

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4307-1
https://launchpad.net/bugs/1845263

Package Information:
https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.13

Original Source

Url : http://www.ubuntu.com/usn/USN-4307-1

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2020-03-19 13:20:14
  • First insertion