AOSA-2016-0033: Update Apache HTTPD
December 6, 2016
Please update your httpd
package to version 2.4.23-1
.
A 0-day vulnerability was recently announced by Apache, "Server memory can be exhausted and service denied when HTTP/2 is used". And a CVE was consequently assigned for this vulnerability:
Relevant documentation: