<= Back

AOSA-2016-0033: Update Apache HTTPD

December 6, 2016

Please update your httpd package to version 2.4.23-1.

A 0-day vulnerability was recently announced by Apache, "Server memory can be exhausted and service denied when HTTP/2 is used". And a CVE was consequently assigned for this vulnerability:

CVE-2016-8740.

Relevant documentation:

Copyleft 2011–2024, Members of the Community   |   Site Language