Debian DLA-841-2 : apache2 regression update
Medium Nessus Plugin ID 97438
SynopsisThe remote Debian host is missing a security update.
DescriptionThe fix for CVE-2016-8743 introduced a regression which would segfault apache workers under certain conditions (#858373), an issue similar to previously fixed CVE-2015-0253.
The issue was introduced in DLA-841-1 and the associated 2.2.22-13+deb7u8 package version. For Debian 7 'Wheezy', these problems have been fixed in version 2.2.22-13+deb7u11.
We recommend that you upgrade your apache2 packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpgrade the affected packages.