CVE-2014-0117
The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.
Date published : 2014-07-20
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html