[SECURITY] [DLA 1900-1] apache2 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : apache2
Version : 2.4.10-10+deb8u15
CVE ID : CVE-2019-10092 CVE-2019-10098
Two security vulnerabilities were found in the Apache HTTP server.
CVE-2019-10092
Matei "Mal" Badanoiu reported a limited cross-site scripting
vulnerability in the mod_proxy error page.
CVE-2019-10098
Yukitsugu Sasaki reported a potential open redirect vulnerability in
the mod_rewrite module.
For Debian 8 "Jessie", these problems have been fixed in version
2.4.10-10+deb8u15.
We recommend that you upgrade your apache2 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl1nArtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTiWA/9HhnQxg/64F2WiZTSTF/TsZTrP5ghJJAnmU5baBn0U0sO25C84wJStr8P
2mTCj8qINLCauTfw/V3vne+ULUxAVFT8r6OwzRGsm00CKe/ReUUnZjKcE78H0WWZ
JJ12Hll3npJFBOei32igVmw0r1UgnZO1La01IdVBs+ZREInWhOsJbkVWGVTl+KD+
9rdEvpOQJrlI08gioG+ymmrioI1kf8YYzIcVhP2yEdfo0Q0hsU8teLtZQRXF+vdV
H0GVMdHxPS73kYAGsSAD/LGwyNEn+Bq/o0uQT0WB5rAIPaAQ9z+GS5h2S1v0MVGg
FbI0mfstnI2IZrL3mP+PSC+Uvfu8PrAHUfNZICLvC8S3SPZmcFrRF9+CLQsdBDWz
ErKfC7RCxS25ZzuA8WnuB+hqu8OrQA9myPejDD0l0oKXvanGDtMaCMMB+qV1YjHe
a/QjsWsOuPS8u1M0CQr0C3Dsvaqi8024d44qSoTOKMXOhyfSSesMwkhB0hbH2RAh
oFe4U4Rpy3N7Ed2djkANHGUeE+8RpLN0cBFVWStXCXBDQplUZoNL2K3LTWgW0EUW
5bAZEWahPbTRoS2QCTAyLCOSFxD1i3NljSUGJOA7enVdSltzwDqAXqE4k6Ov769F
e+whefRBMWX0G5oeiGUy7hUZ0NLHAesscnkGJfQCCBxvW1s76oY=
=e/fc
-----END PGP SIGNATURE-----
Reply to: