CVE-2014-0117 does not seem to apply to 2.2.x, second set of eyeballs welcome.

author Joe Orton <jorton@apache.org>

Thu, 17 Jul 2014 11:17:39 +0000 (11:17 +0000)

committer Joe Orton <jorton@apache.org>

Thu, 17 Jul 2014 11:17:39 +0000 (11:17 +0000)
author Joe Orton <jorton@apache.org>
Thu, 17 Jul 2014 11:17:39 +0000 (11:17 +0000)
committer Joe Orton <jorton@apache.org>
Thu, 17 Jul 2014 11:17:39 +0000 (11:17 +0000)
diff --git a/STATUS b/STATUS

index fa5fa6be0ccba7837f4f1cb57b6cd15ca8d0b199..ffc4405b218fcfda708d01b493f0aed4f497fea3 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -121,6 +121,8 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
       2.4.x patch: http://svn.apache.org/r1610737 (simplified ver)
       2.2.x patch: 2.4 works
       +1: covener, ylavic
+     -1: jorton: patch does not apply (or should not, though "svn merge" works),
+                 the code in 2.2.x looks safe by eyeball and testing.
  
     * mod_proxy: Don't reuse a SSL backend connection whose SNI differs. PR 55782.
                  This may happen when ProxyPreserveHost is on and the proxy-worker
author	Joe Orton <jorton@apache.org>
	Thu, 17 Jul 2014 11:17:39 +0000 (11:17 +0000)
committer	Joe Orton <jorton@apache.org>
	Thu, 17 Jul 2014 11:17:39 +0000 (11:17 +0000)