Log Message:
apache24: update to 2.4.28

Changes with Apache 2.4.28

*) SECURITY: CVE-2017-9798 (cve.mitre.org)
   Corrupted or freed memory access. <Limit[Except]> must now be used in the
   main configuration file (httpd.conf) to register HTTP methods before the
   .htaccess files.

*) event: Avoid possible blocking in the listener thread when shutting down
   connections.

*) mod_speling: Don't embed referer data in a link in error page.

*) htdigest: prevent a buffer overflow when a string exceeds the allowed max
   length in a password file.

*) mod_proxy: loadfactor parameter can now be a decimal number (eg: 1.25).

*) mod_proxy_wstunnel: Allow upgrade to any protocol dynamically.

*) mod_watchdog/mod_proxy_hcheck: Time intervals can now be spefified
   down to the millisecond. Supports 'mi' (minute), 'ms' (millisecond),
   's' (second) and 'hr' (hour!) time suffixes.

*) mod_http2: Fix for stalling when more than 32KB are written to a
   suspended stream.

*) build: allow configuration without APR sources.

*) mod_ssl, ab: Fix compatibility with LibreSSL.

*) core/log: Support use of optional "tag" in syslog entries.

*) mod_proxy: Fix ProxyAddHeaders merging.

*) core: Disallow multiple Listen on the same IP:port when listener buckets
   are configured (ListenCoresBucketsRatio > 0), consistently with the single
   bucket case (default), thus avoiding the leak of the corresponding socket
   descriptors on graceful restart.

*) event: Avoid listener periodic wake ups by using the pollset wake-ability
   when available.

*) mod_proxy_wstunnel: Fix detection of unresponded request which could have
   led to spurious HTTP 502 error messages sent on upgrade connections.