From: Jeff Trawick <trawick@apache.org>
Date: Wed, 1 Feb 2012 14:41:59 +0000 (+0000)
Subject: wrowe seemed interested in publishing patches, and the current
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3444fe6874fa7039bfc03547e361525817492c3b;p=thirdparty%2Fapache%2Fhttpd.git

wrowe seemed interested in publishing patches, and the current
text for CVE-2011-3368 implies that a patch will be made available

any other interested parties?


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@1239151 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index e91fcb0027a..8446a561a53 100644
--- a/STATUS
+++ b/STATUS
@@ -59,6 +59,19 @@ Release:
 
    ** THIS BRANCH IS CLOSED TO DEVELOPMENT AND MAINTENANCE **
 
+POST-RETIREMENT SECURITY PATCHES:
+
+   (for distribution in the official patches directory)
+
+   *) CVE-2011-3368/CVE-2011-4317
+      http://people.apache.org/~trawick/1.3-CVE-2011-4317-r1235443.patch
+      +1: trawick
+
+   *) CVE-2012-0053
+      http://people.apache.org/~trawick/1.3-CVE-2012-0053-r1234837.patch
+      +1: trawick
+      trawick: I'll update the security doc once I get an idea of whether
+               or not a patch will be made available.
 
 UNADDRESSED ISSUES: