This apache2 update fixes the following security and non-security issues:
* mod_cgid denial of service (CVE-2014-0231, bnc#887768)
* mod_status heap-based buffer overflow (CVE-2014-0226, bnc#887765)
* mod_dav denial of service (CVE-2013-6438, bnc#869105)
* log_cookie mod_log_config.c remote denial of service (CVE-2014-0098,
bnc#869106)
* Support ECDH in Apache2 (bnc#859916)
* apache fails to start with SSL on Xen kernel at boot time
(bnc#852401)
Security Issues:
* CVE-2014-0098
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098</a>>
* CVE-2013-6438
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438</a>>
* CVE-2014-0226
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226</a>>
* CVE-2014-0231
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231</a>>