Add proposal.

author Rainer Jung <rjung@apache.org>

Mon, 11 Jan 2010 09:08:35 +0000 (09:08 +0000)

committer Rainer Jung <rjung@apache.org>

Mon, 11 Jan 2010 09:08:35 +0000 (09:08 +0000)
author Rainer Jung <rjung@apache.org>
Mon, 11 Jan 2010 09:08:35 +0000 (09:08 +0000)
committer Rainer Jung <rjung@apache.org>
Mon, 11 Jan 2010 09:08:35 +0000 (09:08 +0000)
diff --git a/STATUS b/STATUS

index cb4ea7dffc35d1f833381c309a8dac23c46dceb3..d26d3dcbcb69f9103849a6b19de95b8ef2d2caba 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -173,6 +173,17 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
        http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x-v2.patch
      +1: rjung, rpluem
  
+  * mod_ssl: Further mitigation for the TLS renegotation attack, CVE-2009-3555
+    Trunk version of patch:
+      http://svn.apache.org/viewvc?rev=891282&view=rev
+    Patch in 2.2.x branch:
+      http://svn.apache.org/viewvc?rev=896900&view=rev
+    Backport:
+      http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x-v2.patch
+    Patch applies also on top of above partial fix for CVE-2009-3555
+    with some offset.
+    +1: rjung
+
  PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON:
  
      *) mod_headers: Support {...}s tag for SSL variable lookup.
author	Rainer Jung <rjung@apache.org>
	Mon, 11 Jan 2010 09:08:35 +0000 (09:08 +0000)
committer	Rainer Jung <rjung@apache.org>
	Mon, 11 Jan 2010 09:08:35 +0000 (09:08 +0000)