Index: unk/server/common/patches/httpd-2.2.x-CVE-2010-0434.patch
===================================================================
--- /trunk/server/common/patches/httpd-2.2.x-CVE-2010-0434.patch	(revision 1538)
+++ 	(revision )
@@ -1,41 +1,0 @@
---- httpd-2.2.x/server/protocol.c	2010/03/02 04:00:01	917866
-+++ httpd-2.2.x/server/protocol.c	2010/03/02 04:01:29	917867
-@@ -1041,15 +1041,13 @@
-     return r;
- }
- 
--/* if a request with a body creates a subrequest, clone the original request's
-- * input headers minus any headers pertaining to the body which has already
-- * been read.  out-of-line helper function for ap_set_sub_req_protocol.
-+/* if a request with a body creates a subrequest, remove original request's
-+ * input headers which pertain to the body which has already been read.
-+ * out-of-line helper function for ap_set_sub_req_protocol.
-  */
- 
--static void clone_headers_no_body(request_rec *rnew,
--                                  const request_rec *r)
-+static void strip_headers_request_body(request_rec *rnew)
- {
--    rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
-     apr_table_unset(rnew->headers_in, "Content-Encoding");
-     apr_table_unset(rnew->headers_in, "Content-Language");
-     apr_table_unset(rnew->headers_in, "Content-Length");
-@@ -1083,15 +1081,14 @@
- 
-     rnew->status          = HTTP_OK;
- 
-+    rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
-+
-     /* did the original request have a body?  (e.g. POST w/SSI tags)
-      * if so, make sure the subrequest doesn't inherit body headers
-      */
-     if (apr_table_get(r->headers_in, "Content-Length")
-         || apr_table_get(r->headers_in, "Transfer-Encoding")) {
--        clone_headers_no_body(rnew, r);
--    } else {
--        /* no body (common case).  clone headers the cheap way */
--        rnew->headers_in      = r->headers_in;
-+        strip_headers_request_body(rnew);
-     }
-     rnew->subprocess_env  = apr_table_copy(rnew->pool, r->subprocess_env);
-     rnew->headers_out     = apr_table_make(rnew->pool, 5);
Index: /trunk/server/common/patches/httpd-2.2.x-mod_ssl-sessioncaching.patch
===================================================================
--- /trunk/server/common/patches/httpd-2.2.x-mod_ssl-sessioncaching.patch	(revision 1538)
+++ /trunk/server/common/patches/httpd-2.2.x-mod_ssl-sessioncaching.patch	(revision 1539)
@@ -13,8 +13,8 @@
          void *pV1, *pV2, *pV3, *pV4, *pV5, *pV6, *pV7, *pV8, *pV9, *pV10;
      } rCtx;
-@@ -545,6 +548,7 @@ const char  *ssl_cmd_SSLRequire(cmd_parm
- const char  *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *);
+@@ -547,6 +550,7 @@ const char  *ssl_cmd_SSLRequire(cmd_parm
  const char  *ssl_cmd_SSLRenegBufferSize(cmd_parms *cmd, void *dcfg, const char *arg);
  const char  *ssl_cmd_SSLStrictSNIVHostCheck(cmd_parms *cmd, void *dcfg, int flag);
+ const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag);
 +const char  *ssl_cmd_SSLSessionTicketExtension(cmd_parms *cmd, void *cdfg, int flag);
  
Index: /trunk/server/fedora/specs/httpd.spec.patch
===================================================================
--- /trunk/server/fedora/specs/httpd.spec.patch	(revision 1538)
+++ /trunk/server/fedora/specs/httpd.spec.patch	(revision 1539)
@@ -1,14 +1,14 @@
---- httpd.spec.orig	2010-02-28 05:01:55.000000000 -0500
-+++ httpd.spec	2010-03-11 05:30:54.000000000 -0500
+--- httpd.spec.orig	2010-04-06 18:26:08.000000000 -0400
++++ httpd.spec	2010-04-14 04:14:13.000000000 -0400
 @@ -7,7 +7,7 @@
  Summary: Apache HTTP Server
  Name: httpd
- Version: 2.2.14
--Release: 1%{?dist}
-+Release: 1.scripts.%{scriptsversion}%{?dist}
+ Version: 2.2.15
+-Release: 1%{?dist}.1
++Release: 1%{?dist}.1.scripts.%{scriptsversion}
  URL: http://httpd.apache.org/
  Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
  Source1: index.html
-@@ -57,6 +57,14 @@
+@@ -55,6 +55,13 @@
  Conflicts: pcre < 4.0
  Requires: httpd-tools = %{version}-%{release}, apr-util-ldap
@@ -20,10 +20,9 @@
 +Patch1005: httpd-2.2.x-mod_ssl-sessioncaching.patch
 +Patch1006: httpd-suexec-cloexec.patch
-+Patch1007: httpd-2.2.x-CVE-2010-0434.patch
 +
  %description
  The Apache HTTP Server is a powerful, efficient, and extensible
  web server.
-@@ -104,6 +112,7 @@
+@@ -102,6 +109,7 @@
  Requires(post): openssl >= 0.9.7f-4, /bin/cat
  Requires(pre): httpd
@@ -33,5 +32,5 @@
  
  %description -n mod_ssl
-@@ -133,6 +142,13 @@
+@@ -129,6 +137,12 @@
  # Patch in vendor/release string
  sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
@@ -42,10 +41,9 @@
 +%patch1005 -p1 -b .ssl-sessioncache
 +%patch1006 -p1 -b .cloexec
-+%patch1007 -p1 -b .cve-2010-0434
 +
  # Safety check: prevent build if defined MMN does not equal upstream MMN.
  vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
  if test "x${vmmn}" != "x%{mmn}"; then
-@@ -181,10 +197,12 @@
+@@ -177,10 +191,12 @@
          --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
  	--enable-suexec --with-suexec \