diff -Nru apache2-2.4.7/debian/changelog apache2-2.4.7/debian/changelog
--- apache2-2.4.7/debian/changelog	2016-07-14 07:41:21.000000000 -0500
+++ apache2-2.4.7/debian/changelog	2016-07-20 19:08:28.000000000 -0500
@@ -1,3 +1,10 @@
+apache2 (2.4.7-1ubuntu4.14) trusty; urgency=medium
+
+  * d/p/fix_aliasmatch_long_uri.patch: Fix handling memory allocation for very
+    long uri in alias match (LP: #1534538)
+
+ -- Wesley Wiedenmeier <wesley.wiedenmeier@gmail.com>  Wed, 20 Jul 2016 19:07:41 -0500
+
 apache2 (2.4.7-1ubuntu4.13) trusty-security; urgency=medium
 
   * SECURITY UPDATE: proxy request header vulnerability (httpoxy)
diff -Nru apache2-2.4.7/debian/patches/fix_aliasmatch_long_uri.patch apache2-2.4.7/debian/patches/fix_aliasmatch_long_uri.patch
--- apache2-2.4.7/debian/patches/fix_aliasmatch_long_uri.patch	1969-12-31 18:00:00.000000000 -0600
+++ apache2-2.4.7/debian/patches/fix_aliasmatch_long_uri.patch	2016-07-20 19:02:10.000000000 -0500
@@ -0,0 +1,26 @@
+Description: Fix handling very long uri in aliasmatch
+Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1120019
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1534538
+Origin: upstream, http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_alias.c?r1=1583175&r2=1583174&pathrev=1583175&view=patch
+Last-Update: 2016-07-20
+Index: apache2-2.4.7/modules/mappers/mod_alias.c
+===================================================================
+--- apache2-2.4.7.orig/modules/mappers/mod_alias.c
++++ apache2-2.4.7/modules/mappers/mod_alias.c
+@@ -371,15 +371,11 @@ static char *try_alias_list(request_rec
+                             }
+                        }
+                        else {
+-                           int pathlen = strlen(found) -
+-                                         (strlen(r->uri + regm[0].rm_eo));
+-                           AP_DEBUG_ASSERT(pathlen >= 0);
+-                           AP_DEBUG_ASSERT(pathlen <= strlen(found));
+                            ap_set_context_info(r,
+                                                apr_pstrmemdup(r->pool, r->uri,
+                                                               regm[0].rm_eo),
+                                                apr_pstrmemdup(r->pool, found,
+-                                                              pathlen));
++                                                              strlen(found)));
+                        }
+                     }
+                     else {
diff -Nru apache2-2.4.7/debian/patches/series apache2-2.4.7/debian/patches/series
--- apache2-2.4.7/debian/patches/series	2016-07-14 07:40:50.000000000 -0500
+++ apache2-2.4.7/debian/patches/series	2016-07-20 18:57:47.000000000 -0500
@@ -26,3 +26,4 @@
 fix_mod_proxy_wstunnel.patch
 fix-proxy-error-overwrite-timeout.patch
 CVE-2016-5387.patch
+fix_aliasmatch_long_uri.patch