- add dummy connection address fixes from HEAD

- mod_ssl: add security fix for CAN-2004-0885

httpd.conf

@@ -723,7 +723,7 @@ ForceLanguagePriority Prefer Fallback
 # of your web site, should you ever want it. Specifying it as
 # a default does little harm; as the standard dictates that a page
 # is in iso-8859-1 (latin1) unless specified otherwise i.e. you
-# are merely stating the obvious. There are also some security
+# are merely stating the obvious.  There are also some security
 # reasons in browsers, related to javascript and URL parsing
 # which encourage you to always set a default char set.
 #

httpd.spec

@@ -68,6 +68,8 @@ Patch89: httpd-2.0.49-headerssl.patch
 Patch90: httpd-2.0.49-workerstack.patch
 Patch91: httpd-2.0.46-testhook.patch
 Patch92: httpd-2.0.46-dumpcerts.patch
+# Security fixes
+Patch120: httpd-2.0.52-CAN-2004-0885.patch
 License: Apache Software License
 Group: System Environment/Daemons
 BuildRoot: %{_tmppath}/%{name}-root
@@ -178,6 +180,8 @@ executed by SSI pages) as a user other than the 'apache' user.
 %patch91 -p1 -b .testhook
 %patch92 -p1 -b .dumpcerts
 
+%patch120 -p1 -b .can0885
+
 # Patch in vendor/release string
 sed "s/@RELEASE@/%{vstring}/" < %{PATCH70} | patch -p1
 
@@ -577,6 +581,7 @@ rm -rf $RPM_BUILD_ROOT
 %changelog
 * Thu Sep 28 2004 Joe Orton <jorton@redhat.com> 2.0.52-3
 - add dummy connection address fixes from HEAD
+- mod_ssl: add security fix for CAN-2004-0885
 
 * Tue Sep 28 2004 Joe Orton <jorton@redhat.com> 2.0.52-2
 - update to 2.0.52

mkstatus.sh

@@ -2,7 +2,7 @@
 echo '<?xml version="1.0" encoding="UTF-8"?>'
 echo '<patches>'
 for f in $*; do
-  n=${f//httpd-[0-9.]*-/}
+  n=${f//httpd-2\.0\.[0-9]*-/}
   n=${n//.patch/}
   s_HEAD=`grep ^Upstream-HEAD $f | sed 's/Upstream-HEAD: //'`
   s_20=`grep ^Upstream-2.0: $f | sed 's/Upstream-2.0: //'`