From 1f15b7c81b0b23d1da6a325d7104a60c0ef42e62 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Tue, 1 Aug 2017 09:34:22 +0200
Subject: [PATCH] apacheHttpd: 2.4.26 -> 2.4.27 for multiple CVEs

Fixes: CVE-2017-9788 CVE-2017-9789

See https://httpd.apache.org/security/vulnerabilities_24.html
---
 pkgs/servers/http/apache-httpd/2.4.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/servers/http/apache-httpd/2.4.nix b/pkgs/servers/http/apache-httpd/2.4.nix
index 568b0ee6c045..30f8fbef119d 100644
--- a/pkgs/servers/http/apache-httpd/2.4.nix
+++ b/pkgs/servers/http/apache-httpd/2.4.nix
@@ -16,12 +16,12 @@ assert ldapSupport -> aprutil.ldapSupport && openldap != null;
 assert http2Support -> nghttp2 != null;
 
 stdenv.mkDerivation rec {
-  version = "2.4.26";
+  version = "2.4.27";
   name = "apache-httpd-${version}";
 
   src = fetchurl {
     url = "mirror://apache/httpd/httpd-${version}.tar.bz2";
-    sha1 = "b10b0f569a0e5adfef61d8c7f0813d42046e399a";
+    sha1 = "699e4e917e8fb5fd7d0ce7e009f8256ed02ec6fc";
   };
 
   # FIXME: -dev depends on -doc