This update fixes two security issues with apache2.
- CVE-2013-5704
Disable the possibility to replace HTTP headers with HTTP trailers
as this could be used to circumvent earlier header operations made by
other modules. This can be restored with a new MergeTrailers
directive.
- CVE-2014-3581
Fix denial of service where Apache can segfault when mod_cache is used
and when the cached request contains an empty Content-Type header.
For Debian 6 Squeeze, these issues have been fixed in apache2 version 2.2.16-6+squeeze14