--- httpd.spec.orig	2008-02-19 02:05:36.000000000 -0500
+++ httpd.spec	2008-05-20 19:39:59.000000000 -0400
@@ -54,6 +54,10 @@
 Conflicts: pcre < 4.0
 Requires: httpd-tools = %{version}-%{release}
 
+Patch1000: httpd-suexec-scripts.patch
+Patch1001: httpd-2.2.x-sni.patch
+Patch1003: httpd-2.2.x-mod_status-security.patch
+
 %description
 The Apache HTTP Server is a powerful, efficient, and extensible
 web server.
@@ -127,6 +131,10 @@
 # Patch in vendor/release string
 sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
 
+%patch1000 -p1 -b .scripts
+%patch1001 -p1 -b .sni
+%patch1003 -p1 -b .permitstatus
+
 # Safety check: prevent build if defined MMN does not equal upstream MMN.
 vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
 if test "x${vmmn}" != "x%{mmn}"; then
@@ -175,10 +183,12 @@
         --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
 	--enable-suexec --with-suexec \
 	--with-suexec-caller=%{suexec_caller} \
-	--with-suexec-docroot=%{contentdir} \
+	--with-suexec-docroot=/ \
+	--with-suexec-userdir=web_scripts \
+	--with-suexec-trusteddir=/usr/libexec/scripts-trusted \
 	--with-suexec-logfile=%{_localstatedir}/log/httpd/suexec.log \
 	--with-suexec-bin=%{_sbindir}/suexec \
-	--with-suexec-uidmin=500 --with-suexec-gidmin=100 \
+	--with-suexec-uidmin=50 --with-suexec-gidmin=50 \
         --enable-pie \
         --with-pcre \
 	$*
