- httpd-2.2.x-CVE-2011-3348-mod_proxy_ajp.patch fixes DoS as
described in CVE-2011-3348: unrecognized http method. [bnc#719236]
- httpd-2.2.x-CVE-2011-3368-server_protocl_c.diff fixes mod_proxy
reverse exposure via RewriteRule or ProxyPassMatch directives.
This is CVE-2011-3368 via [bnc#722545].

- refinement of httpd-2.2.x-bnc713966-CVE-2011-3192.patch: remove
hard-coded limit of 512 and set the default to 200 as in upstream.
Introduce new config option: Allow MaxRanges
Number of ranges requested, if exceeded, the complete content
is served.
default: 200
0|unlimited: unlimited
none: Range headers are ignored.
This option is a backport from 2.2.21.

- re-worked httpd-2.2.x-bnc713966-CVE-2011-3192.patch for a
regression in previous fix that was addressed in 2.2.21.
The maximum number of byte ranges is now hardcoded to 512.
This should be sufficient for most cases, and still a good
limit to prevent a large memory footprint. Requests beyond
512 ranges are handled with the complete content.