This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in mod_sed . - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua . - CVE-2022-22721: possible buffer overflow with very large or unlimited LimitXMLRequestBody . Also TLS 1.3 support and openssl 1.1.1 usage wa ...