Debian Linux Security Advisory 2035-1 – Two issues have been found in the Apache HTTPD web server. mod_proxy_ajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service. A flaw in the core subrequest process code was found, which could lead to a daemon crash (segfault) or disclosure of sensitive information if the headers of a subrequest were modified by modules such as mod_headers.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88619/dsa-2035-1.txt
Source: https://packetstormsecurity.com/files/88619/Debian-Linux-Security-Advisory-2035-1.html