From: Joe Orton <jorton@apache.org>
Date: Thu, 17 Jul 2014 11:17:39 +0000 (+0000)
Subject: CVE-2014-0117 does not seem to apply to 2.2.x, second set of eyeballs welcome.
X-Git-Tag: 2.2.28~38
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8b500948ec02c6d1859ce4b8a8d1461a36ced020;p=thirdparty%2Fapache%2Fhttpd.git

CVE-2014-0117 does not seem to apply to 2.2.x, second set of eyeballs welcome.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611326 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index fa5fa6be0cc..ffc4405b218 100644
--- a/STATUS
+++ b/STATUS
@@ -121,6 +121,8 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
      2.4.x patch: http://svn.apache.org/r1610737 (simplified ver)
      2.2.x patch: 2.4 works
      +1: covener, ylavic
+     -1: jorton: patch does not apply (or should not, though "svn merge" works),
+                 the code in 2.2.x looks safe by eyeball and testing.
 
    * mod_proxy: Don't reuse a SSL backend connection whose SNI differs. PR 55782.
                 This may happen when ProxyPreserveHost is on and the proxy-worker