Bug#847124: apache2: CVE-2016-8740: erver memory can be exhausted and service denied when HTTP/2 is used

Source: apache2 Version: 2.4.23-8 Severity: important Tags: security upstream patch Hi CVE-2016-8740 was announced for apache, CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used. Post to oss-security at: http://www.openwall.com/lists/oss-security/2016/12/05/14

Bug#828236: openssl 1.1 and apache2

Hi! The httpd package in Fedora (which is the package that corresponds to the apache2 package in Debian) is now built against OpenSSL 1.1: http://pkgs.fedoraproject.org/cgit/rpms/httpd.git/ https://koji.fedoraproject.org/koji/buildinfo?buildID=817612 Could the same patch be used in Debian?