Apache Upgraded

Apache web server has been upgraded from 2.4.10 to 2.4.12.  This is primarily a bug fix release, per the following Apache release notes:

Apache HTTP Server 2.4.12 Released

The Apache Software Foundation and the Apache HTTP Server Project
are pleased to announce the release of version 2.4.12 of the Apache
HTTP Server (“Apache”). This version of Apache is our latest GA
release of the new generation 2.4.x branch of Apache HTTPD and
represents fifteen years of innovation by the project, and is
recommended over all previous releases. This release of Apache is
principally a security, feature and bug fix release. NOTE: there
was no release of 2.4.11.

CVE-2014-3583 (cve.mitre.org)
mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with
response headers’ size above 8K.

CVE-2014-3581 (cve.mitre.org)
mod_cache: Avoid a crash when Content-Type has an empty value.
PR 56924.

CVE-2014-8109 (cve.mitre.org)
mod_lua: Fix handling of the Require line when a LuaAuthzProvider is
used in multiple Require directives with different arguments.
PR57204.

CVE-2013-5704 (cve.mitre.org)
core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier. Adds “MergeTrailers” directive to restore
legacy behavior.

Also in this release are some exciting new features including:

*) Proxy FGI and websockets improvements
*) Proxy capability via handler
*) Finer control over scoping of RewriteRules
*) Unix Domain Socket (UDS) support for mod_proxy backends.
*) Support for larger shared memory sizes for mod_socache_shmcb
*) mod_lua and mod_ssl enhancements
*) Support named groups and backreferences within the LocationMatch,
DirectoryMatch, FilesMatch and ProxyMatch directives.

We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.