Decription: New version of Apache web server has been announsed resently. This release includes fixes for a number of known vulnerabilities.
- Apache HTTP Request Parsing Whitespace Defects
- HTTP/2 CONTINUATION denial of service
- DoS vulnerability in mod_auth_digest
- Padding Oracle in Apache mod_session_crypto
- HTTP_PROXY environment variable "httpoxy" mitigation
Affected versions: 2.4.x
Recommended action: Upgrade to the version 2.4.25