It was reported that am_read_post_data() was missing check if ap_get_client_block() returns error, causing segmentation fault. Upstream bug: https://github.com/UNINETT/mod_auth_mellon/pull/71
Acknowledgments: Name: Olav Morken (Uninett) Upstream: Vincent Rasneur
Note that fixing commit is the same as for CVE-2016-2146.
Public via: https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html
Created mod_auth_mellon tracking bugs for this issue: Affects: fedora-all [bug 1316295]
mod_auth_mellon-0.11.1-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.