Decription: A vulnerability was reported in Apache HTTPD. A remote user can consume excessive memory on the target system.
The system does not properly limit request headers sent via the HTTP/2 protocol.
The vulnerable mod_http2 module is not compiled in by default and is not enabled by default.
Affected versions: all with mod_http2 module
Recommended action: Recompile mod_http2 applying the source code fix from: https://github.com/apache/httpd/commit/29c63b786ae028d82405421585e91283c8fa0da3