Linux.com

Posted at LinuxSecurity.com: "The mod_ssl module in Apache utilizes OpenSSL for the SSL implementation. The version in the old apache package made use of the underlying OpenSSL routines in a manner which could overflow a buffer within the implementation. This release (mod_ssl-2.8.7-1.3.23) fixes the problem."