Shift down a proposal which appears to have zero traction.

Vote against modifying the default config to offer a less secure cipher stack,
since users shouldn't be using 2.0 branch for new deployments anyways.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1496956 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/STATUS b/STATUS
index 909dda47d8039fe161bc06a1394455c8c78bfe22..4230a67e8b0cb0ddf84034daec35d6bb54ae9c06 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -114,9 +114,6 @@ CURRENT RELEASE NOTES:
 
 RELEASE SHOWSTOPPERS:
 
-  *) SECURITY:
-
-
   *) SECURITY: CVE-2011-4317 (cve.mitre.org)
      Resolve additional cases of URL rewriting with ProxyPassMatch or
      RewriteRule, where particular request-URIs could result in undesired
@@ -176,15 +173,6 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
     identify exactly what the proposed changes are!  Add all new
     proposals to the end of this list. ]
 
-  * Backport 327179; PR 31226; allow ap_add_output_filters_by_type to handle
-    proxied requests.  Basic tests by jorton and [rpluem] show that this works,
-    nobody can actually remember why this limitation was introduced at all
-    (r94028) and the mailing list archives also gave no hint.
-      http://svn.apache.org/viewvc?view=rev&revision=327179
-    +0: covener, wrowe
-          do we need to make people opt-in for this behavior to
-          backport it to 2.0.x? What mechanism?
-
    * mod_ssl: Update default config (Cipher suite, commented SSLHonorCipherOrder
      example, better MSIE version match)
      PR 51363 and 49484.
@@ -196,7 +184,9 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
      2.2.x patch: http://svn.apache.org/r1227293
      2.0.x patch: http://people.apache.org/~rjung/patches/2.0-ssl-conf.patch
      +1: rjung
-     -1: 
+     -1: wrowe [it doesn't seem appropriate to add the alternate, less secure
+                template to a branch which people shouldn't be deploying in
+                the first place.  I'm +1 on the -SSLv2 change alone.] 
 
    * mod_rewrite: (CVE-2013-1862 (cve.mitre.org)) Ensure that client data
      written to the RewriteLog is escaped to prevent terminal escape sequences
@@ -207,6 +197,15 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
 
 PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON:
 
+  * Backport 327179; PR 31226; allow ap_add_output_filters_by_type to handle
+    proxied requests.  Basic tests by jorton and [rpluem] show that this works,
+    nobody can actually remember why this limitation was introduced at all
+    (r94028) and the mailing list archives also gave no hint.
+      http://svn.apache.org/viewvc?view=rev&revision=327179
+    +0: covener, wrowe
+          do we need to make people opt-in for this behavior to
+          backport it to 2.0.x? What mechanism?
+
     *) mod_headers: Support {...}s tag for SSL variable lookup.
        http://www.apache.org/~jorton/mod_headers-2.0-ssl.diff
        +1: jorton, trawick