Ubuntu Security Notice USN-5834-1
January 31, 2023
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 16.04 ESM
Several security issues were fixed in Apache HTTP Server.
– apache2: Apache HTTP server
It was discovered that the Apache HTTP Server mod_dav module did not
properly handle specially crafted request headers. A remote attacker
could possibly use this issue to cause the process to crash, leading
to a denial of service. (CVE-2006-20001)
It was discovered that the Apache HTTP Server mod_proxy_ajp module did not
properly handle certain invalid Transfer-Encoding headers. A remote attacker
could possibly use this issue to perform an HTTP Request Smuggling attack.
The problem can be corrected by updating your system to the following
Ubuntu 16.04 ESM:
In general, a standard system update will make all the necessary changes.