apache 2.4.2 is a security bump, from upstream Changelog:
*) SECURITY: (cve.mitre.org)
envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
current working directory to be searched for DSOs. [Stefan Fritsch]
As we currently only have masked 2.4.*-versions in tree, this requires probably no handling by the security-team / no GLSA, but still it should be bumped.
*** This bug has been marked as a duplicate of bug 412481 ***