(RHSA-2015:1855) Low: mod_proxy_fcgi security update

Red Hat Ceph Storage is a massively scalable, open, software-defined
storage platform that combines the most stable version of the Ceph storage
system with a Ceph management platform, deployment tools, and support
services.

The mod_proxy_fcgi package provides a proxy module for the Apache 2.2 HTTP
server.

A buffer overflow flaw was found in mod_proxy_fcgi’s handle_headers()
function. A malicious FastCGI server that httpd is configured to connect to
could send a carefully crafted response that would cause an httpd child
process handling the request to crash. (CVE-2014-3583)

All mod_proxy_fcgi users are advised to upgrade to this updated package,
which corrects this issue.