This update fixes a remote denial of service bug (memory
exhaustion) in the Apache 2 HTTP server, that could be
triggered by remote attackers using multiple overlapping
Request Ranges. (CVE-2011-3192)
It also fixes a issue in mod_dav, where the (1) mod_cache
and (2) mod_dav modules in the Apache HTTP Server 2.2.x
allowed remote attackers to cause a denial of service
(process crash) via a request that lacks a path.
(CVE-2010-1452)
Also following bugs were fixed: