httpd:2.4 security, bug fix, and enhancement update

httpd
[2.4.37-13.0.1]

• Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262]
• Replace index.html with Oracles index page oracle_index.html
  [2.4.37-30]
• Resolves: #1209162 - support logging to journald from CustomLog
  [2.4.37-29]
• Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of
  uninitialized value
  [2.4.37-28]
• Related: #1771847 - BalancerMember ping parameter for mod_proxy_http
  doesnt work
  [2.4.37-27]
• Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations
  vulnerable to open redirect
• Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential
  open redirect
• Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site
  scripting in mod_proxy error page
• Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference
  in mod_remoteip
• Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http
  doesnt work
• Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive
  mod_http2
  [1.15.7-2]
• Resolves: #1869073 - CVE-2020-9490 httpd:2.4/mod_http2: httpd:
  Push diary crash on specifically crafted HTTP/2 header
  [1.15.7-1]
• new version 1.15.7
• Resolves: #1814236 - RFE: mod_http2 rebase
• Resolves: #1747289 - CVE-2019-10082 httpd:2.4/mod_http2: httpd:
  read-after-free in h2 connection shutdown
• Resolves: #1696099 - CVE-2019-0197 httpd:2.4/mod_http2: httpd:
  mod_http2: possible crash on late upgrade
• Resolves: #1696094 - CVE-2019-0196 httpd:2.4/mod_http2: httpd:
  mod_http2: read-after-free on a string compare
• Resolves: #1677591 - CVE-2018-17189 httpd:2.4/mod_http2: httpd:
  mod_http2: DoS via slow, unneeded request bodies
  mod_md
  [1:2.0.8-8]
• Resolves: #1832844 - mod_md does not work with ACME server that does not
  provide keyChange or revokeCert resources