From: William A. Rowe Jr Date: Mon, 13 Sep 2010 23:03:47 +0000 (+0000) Subject: Promote, demote. Please look at this specific patch if you care that it just hit... X-Git-Tag: 2.0.64~35 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=23ada5ff49c0ff1b6f370045dc69c296224e5a9e;p=thirdparty%2Fapache%2Fhttpd.git Promote, demote. Please look at this specific patch if you care that it just hit the 'going nowhere' category git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@996719 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index f4107c8e4e1..250e76ab5b7 100644 --- a/STATUS +++ b/STATUS @@ -111,6 +111,14 @@ CURRENT RELEASE NOTES: get feedback and votes on list or in STATUS, then merge into branches/2.2.x, and finally merge into branches/2.0.x, as applicable. + * mod_ssl: Further mitigation for the TLS renegotation attack, CVE-2009-3555 + Trunk version of patch: + http://svn.apache.org/viewvc?rev=891282&view=rev + Patch in 2.2.x branch: + http://svn.apache.org/viewvc?rev=896900&view=rev + Backport: + http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x-backport-r891282.patch + +1: rjung, pgollucci (+1 2.0.64 w/ this), wrowe RELEASE SHOWSTOPPERS: @@ -126,6 +134,21 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: +1: pgollucci, poirier, rjung PG: whomever proposed this should vote for it + * mod_ssl: Implement SSLInsecureRenegotiation + Trunk version of patch: + http://svn.apache.org/viewcvs.cgi?rev=906039&view=rev + http://svn.apache.org/viewcvs.cgi?rev=906057&view=rev + http://svn.apache.org/viewcvs.cgi?rev=906485&view=rev + http://svn.apache.org/viewcvs.cgi?rev=906491&view=rev + http://svn.apache.org/viewcvs.cgi?rev=908015&view=rev + http://svn.apache.org/viewcvs.cgi?rev=916733&view=rev + http://svn.apache.org/viewcvs.cgi?rev=916817&view=rev + Patch in 2.2.x branch: + http://svn.apache.org/viewvc?rev=917044&view=rev + Backport: + http://people.apache.org/~rjung/patches/SSLInsecureRenegotiation_httpd_2_0_x-backport-r917044.patch + +1: rjung, pgollucci (+1 2.0.64 w/ this), wrowe + PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ please place SVN revisions from trunk here, so it is easy to identify exactly what the proposed changes are! Add all new @@ -165,30 +188,6 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: if (nLogFD == NULL) { /* Uh-oh. Failed to open the new log file. Try to clear - * mod_ssl: Further mitigation for the TLS renegotation attack, CVE-2009-3555 - Trunk version of patch: - http://svn.apache.org/viewvc?rev=891282&view=rev - Patch in 2.2.x branch: - http://svn.apache.org/viewvc?rev=896900&view=rev - Backport: - http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x-backport-r891282.patch - +1: rjung, pgollucci (+1 2.0.64 w/ this) - - * mod_ssl: Implement SSLInsecureRenegotiation - Trunk version of patch: - http://svn.apache.org/viewcvs.cgi?rev=906039&view=rev - http://svn.apache.org/viewcvs.cgi?rev=906057&view=rev - http://svn.apache.org/viewcvs.cgi?rev=906485&view=rev - http://svn.apache.org/viewcvs.cgi?rev=906491&view=rev - http://svn.apache.org/viewcvs.cgi?rev=908015&view=rev - http://svn.apache.org/viewcvs.cgi?rev=916733&view=rev - http://svn.apache.org/viewcvs.cgi?rev=916817&view=rev - Patch in 2.2.x branch: - http://svn.apache.org/viewvc?rev=917044&view=rev - Backport: - http://people.apache.org/~rjung/patches/SSLInsecureRenegotiation_httpd_2_0_x-backport-r917044.patch - +1: rjung, pgollucci (+1 2.0.64 w/ this) - * gen_test_char.c: enable building gen_test_char for running on build machine when cross-compiling. The patch doesnt introduce code changes for any platform unless CROSS_COMPILE is defined. @@ -205,12 +204,13 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: Use recent files from http://git.savannah.gnu.org/cgit/config.git. +1: rjung +PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON: + * CVE-2010-1452 fix for mod_dav Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=966348 (mod_cache and mod_session portions don't apply to 2.0.x) 2.0.x patch: http://archive.apache.org/dist/httpd/patches/apply_to_2.0.63/CVE-2010-1452-patch-2.0.txt - -PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON: + wrowe observes: nothing belongs in STATUS without a champion/sponsor/at least 1 +1 *) mod_headers: Support {...}s tag for SSL variable lookup. http://www.apache.org/~jorton/mod_headers-2.0-ssl.diff