AVG-350 log

Package	apache
Status	Fixed
Severity	Critical
Type	multiple issues
Affected	2.4.26-3
Fixed	2.4.27-1
Current	2.4.59-1 [extra-testing] 2.4.58-1 [extra]
Ticket	None
Created	Fri Jul 14 18:54:38 2017

Issue	Severity	Remote	Type	Description
CVE-2017-9789	Critical	Yes	Arbitrary code execution	A security issue has been found in apache's mod_http2 <= 2.4.26. When under stress, closing many connections, the HTTP/2 handling code would sometimes...
CVE-2017-9788	High	Yes	Information disclosure	A security issue has been found in apache's mod_auth_digest <= 2.4.26, leading to information disclosure or denial of service. The value placeholder in...

Issue

Severity

Remote

Type

Description

CVE-2017-9789

Critical

Yes

Arbitrary code execution

A security issue has been found in apache's mod_http2 <= 2.4.26. When under stress, closing many connections, the HTTP/2 handling code would sometimes...

CVE-2017-9788

High

Yes

Information disclosure

A security issue has been found in apache's mod_auth_digest <= 2.4.26, leading to information disclosure or denial of service. The value placeholder in...

Date	Advisory	Package	Type
14 Jul 2017	ASA-201707-15	apache	multiple issues

References
https://httpd.apache.org/security/vulnerabilities_24.html