This update fixes CVE-2011-1398 and CVE-2011-4388 (header
injection via CR).
This update also changes the default configuration to use
FilesMatch with ‘SetHandler’ rather than ‘AddHandler’ to
protect weakly written web applications from content
confusion. Since this is a hardening measure, no CVE was
assigned.