Fedora 21 Security Update: httpd-2.4.16-1.fc21

Resolved Bugs
1243894 – CVE-2015-3185 CVE-2015-3183 CVE-2015-0253 httpd: various flaws [fedora-all]
1243887 – CVE-2015-3183 httpd: chunk header parsing defect
1243888 – CVE-2015-3185 httpd: replacement of ap_some_auth_required with new ap_some_authn_required and ap_force_authn
1243891 – CVE-2015-0253 httpd: a crash with ErrorDocument 400 pointing to a local URL-path
1202988 – CVE-2015-0228 httpd: Possible mod_lua crash due to websocket bug
1232127 – CVE-2015-0228 httpd: Possible mod_lua crash due to websocket bug [fedora-all]
1187888 – httpd-2.4.16 is available<br
Update to new version 2.4.16. This update fixed various bugs as well as few security issues.
For full changelog, see http://www.apache.org/dist/httpd/CHANGES_2.4.16

Leave a Reply