Add proposal to backport SSLInsecureRenegotiation

author Rainer Jung <rjung@apache.org>

Tue, 16 Mar 2010 15:16:41 +0000 (15:16 +0000)

committer Rainer Jung <rjung@apache.org>

Tue, 16 Mar 2010 15:16:41 +0000 (15:16 +0000)
author Rainer Jung <rjung@apache.org>
Tue, 16 Mar 2010 15:16:41 +0000 (15:16 +0000)
committer Rainer Jung <rjung@apache.org>
Tue, 16 Mar 2010 15:16:41 +0000 (15:16 +0000)
diff --git a/STATUS b/STATUS

index d83e0dbec8cb7c5d3a6859860fbe22a2952d12dd..59403266235a58ac3d73ffbbf87d21b78785a4ee 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -185,6 +185,23 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
      with some offset.
      +1: rjung
  
+  * mod_ssl: Implement SSLInsecureRenegotiation
+    Trunk version of patch:
+      http://svn.apache.org/viewcvs.cgi?rev=906039&view=rev
+      http://svn.apache.org/viewcvs.cgi?rev=906057&view=rev
+      http://svn.apache.org/viewcvs.cgi?rev=906485&view=rev
+      http://svn.apache.org/viewcvs.cgi?rev=906491&view=rev
+      http://svn.apache.org/viewcvs.cgi?rev=908015&view=rev
+      http://svn.apache.org/viewcvs.cgi?rev=916733&view=rev
+      http://svn.apache.org/viewcvs.cgi?rev=916817&view=rev
+    Patch in 2.2.x branch:
+      http://svn.apache.org/viewvc?rev=917044&view=rev
+    Backport:
+      http://people.apache.org/~rjung/patches/SSLInsecureRenegotiation_httpd_2_0_x-backport-r917044.patch 
+    Patch applies also on top of the two above partial fixes for CVE-2009-3555
+    with some offset and fuzz.
+    +1: rjung
+
  PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON:
  
      *) mod_headers: Support {...}s tag for SSL variable lookup.
author	Rainer Jung <rjung@apache.org>
	Tue, 16 Mar 2010 15:16:41 +0000 (15:16 +0000)
committer	Rainer Jung <rjung@apache.org>
	Tue, 16 Mar 2010 15:16:41 +0000 (15:16 +0000)