diff --git a/mod_perl-2.0.4-CVE-2009-0796.patch b/mod_perl-2.0.4-CVE-2009-0796.patch
new file mode 100644
index 0000000..1a5f958
--- /dev/null
+++ b/mod_perl-2.0.4-CVE-2009-0796.patch
@@ -0,0 +1,47 @@
+--- mod_perl-2.0.4/lib/Apache2/Status.pm.cve0796
++++ mod_perl-2.0.4/lib/Apache2/Status.pm
+@@ -29,7 +29,7 @@ use File::Spec ();
+
+ use Apache2::Const -compile => qw(OK);
+
+-$Apache2::Status::VERSION = '4.00'; # mod_perl 2.0
++$Apache2::Status::VERSION = '4.01'; # mod_perl 2.0
+
+ use constant IS_WIN32 => ($^O eq "MSWin32");
+
+@@ -126,7 +126,7 @@ sub handler {
+ $r->print(symdump($r, $qs));
+ }
+ else {
+- my $uri = $r->uri;
++ my $uri = $r->location;
+ $r->print('
');
+ $r->print(
+ map { qq[$status{$_}
\n] } sort { lc $a cmp lc $b } keys %status
+@@ -198,7 +198,7 @@ sub status_section_config {
+ sub status_inc {
+ my ($r) = @_;
+
+- my $uri = $r->uri;
++ my $uri = $r->location;
+ my @retval = (
+ '
',
+ "",
+@@ -289,7 +289,7 @@ sub status_rgysubs {
+ my ($r) = @_;
+
+ local $_;
+- my $uri = $r->uri;
++ my $uri = $r->location;
+ my $cache = __PACKAGE__->registry_cache;
+
+ my @retval = "Compiled registry scripts grouped by their handler
";
+@@ -765,7 +765,7 @@ sub as_HTML {
+ my ($self, $package, $r) = @_;
+
+ my @m = qw();
+- my $uri = $r->uri;
++ my $uri = $r->location;
+ my $is_main = $package eq "main";
+
+ my $do_dump = has($r, "dumper");
diff --git a/mod_perl.spec b/mod_perl.spec
index f26e138..d2a9da8 100644
--- a/mod_perl.spec
+++ b/mod_perl.spec
@@ -2,7 +2,7 @@
Name: mod_perl
Version: 2.0.4
-Release: 9
+Release: 10%{?dist}
Summary: An embedded Perl interpreter for the Apache HTTP Server
Group: System Environment/Daemons
@@ -14,6 +14,7 @@ Source2: filter-requires.sh
Source3: filter-provides.sh
Patch0: mod_perl-2.0.4-multilib.patch
Patch1: mod_perl-2.0.4-inline.patch
+Patch2: mod_perl-2.0.4-CVE-2009-0796.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: perl-devel, perl(ExtUtils::Embed)
@@ -51,6 +52,7 @@ modules that use mod_perl.
%setup -q -n %{name}-%{version}
%patch0 -p1
%patch1 -p1 -b .inline
+%patch2 -p1
%build
CFLAGS="$RPM_OPT_FLAGS -fpic" %{__perl} Makefile.PL - 2.0.4-10
+- add security fix for CVE-2009-0796 (#544455)
+
* Sat Jul 25 2009 Fedora Release Engineering - 2.0.4-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild