On Thu, 21 Aug 2014 15:10:02 -0400 Jeff Trawick <traw...@gmail.com> wrote:
> * Place a patch for 2.4.10 in patches/apply_to_ > * Refer to the 2.4.10 patch after the description of the vulnerability > within the 2.2.next announcement. Rather than maintaining these any longer in dist/, we have https://svn.apache.org/rREV history (and most security patches are condensed down to a single patch by the time they hit our legacy/maintenance branches)... and maintain all pointers out in the http://httpd.apache.org/security/vulnerabilities_24.html tables. WDYT?