Key Information About the Vulnerability Vulnerability Title: Apache HTTP Server vulnerabilities Publication Date: 27 July 2015 Releases Affected: 15.04, 14.04 LTS, 12.04 Details CVEs: CVE-2015-3185, CVE-2015-3183 Vulnerability Description: - Incorrect parsing of chunk headers could be exploited for HTTP request smuggling attacks. - Incorrect handling of the API could be exploited to bypass access restrictions, affecting Ubuntu 14.04 LTS and 15.04. Update Instructions A standard system update will fix the issue. Specific package versions for various Ubuntu releases: - 15.04 (vivid): apache2.2-bin – 2.4.10-9ubuntu1.7 - 14.04 LTS (trusty): apache2.2-bin – 2.4.7-1ubuntu4.5 - 12.04 (precise): apache2.2-bin – 2.2.22-1ubuntu1.10 References CVE-2015-3185 CVE-2015-3183