Log message:
Set BUILDLINK_ABI_DEPENDS correctly (with +=, not ?=)
It turns out there were a lot of these.

Log message:
patch for CVE-2012-0883 taken from the Apache SVN
bump pkgrev

Log message:
Limit upper version to get correct Apache as dependency.
XXX It would be nice if lessons were learned and no new cases of
XXX multiple versions with the same base name were introduced...

Log message:
Update "apache" package to version 2.2.22. Changes since 2.2.21:
- SECURITY: CVE-2011-3368 (cve.mitre.org)
  Reject requests where the request-URI does not match the HTTP
  specification, preventing unexpected expansion of target URLs in
  some reverse proxy configurations.  [Joe Orton]
- SECURITY: CVE-2011-3607 (cve.mitre.org)
  Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
  is enabled, could allow local users to gain privileges via a .htaccess
  file. [Stefan Fritsch, Greg Ames]
- SECURITY: CVE-2011-4317 (cve.mitre.org)
  Resolve additional cases of URL rewriting with ProxyPassMatch or
  RewriteRule, where particular request-URIs could result in undesired
  backend network exposure in some configurations.
  [Joe Orton]
- SECURITY: CVE-2012-0021 (cve.mitre.org)
  mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
  string is in use and a client sends a nameless, valueless cookie, causing
  a denial of service. The issue existed since version 2.2.17. Bug#52256.
  [Rainer Canavan <rainer-apache 7val com>]
- SECURITY: CVE-2012-0031 (cve.mitre.org)
  Fix scoreboard issue which could allow an unprivileged child process
  could cause the parent to crash at shutdown rather than terminate
  cleanly.  [Joe Orton]
- SECURITY: CVE-2012-0053 (cve.mitre.org)
  Fix an issue in error responses that could expose "httpOnly" cookies
  when no custom ErrorDocument is specified for status code 400.
  [Eric Covener]
- mod_proxy_ajp: Try to prevent a single long request from marking a worker
  in error. [Jean-Frederic Clere]
- config: Update the default mod_ssl configuration: Disable SSLv2, only
  allow >= 128bit ciphers, add commented example for speed optimized cipher
  list, limit MSIE workaround to MSIE <= 5. [Kaspar Brand]
- core: Fix segfault in ap_send_interim_response(). Bug#52315.
  [Stefan Fritsch]
- mod_log_config: Prevent segfault. Bug#50861. [Torsten Foertsch
  <torsten.foertsch gmx.net>]
- mod_win32: Invert logic for env var UTF-8 fixing.
  Now we exclude a list of vars which we know for sure they dont hold UTF-8
  chars; all other vars will be fixed. This has the benefit that now also
  all vars from 3rd-party modules will be fixed. Bug#13029 / 34985.
  [Guenter Knauf]
- core: Fix hook sorting for Perl modules, a regression introduced in
  2.2.21. Bug#45076. [Torsten Foertsch <torsten foertsch gmx net>]
- Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
  A range of '0-' will now return 206 instead of 200. Bug#51878.
  [Jim Jagielski]
- Example configuration: Fix entry for MaxRanges (use "unlimited" instead
  of "0").  [Rainer Jung]
- mod_substitute: Fix buffer overrun.  [Ruediger Pluem, Rainer Jung]

Please note that all the security fixes had been integrated into
"pkgsrc" as patches previously.

Log message:
Add patch for security vulnerabilities reported in CVE-2012-0021
and CVE-2012-0053 taken from Apache SVN repository.

Log message:
add patch for CVE-2012-0031 taken from Revision 1231058 of http://svn.apache.org/
update patch for http://secunia.com/advisories/45793/

Log message:
add revision 1209432 from http://svn.apache.org/ as patches:
fix for CVE-2011-4317

Log message:
Remove duplicate error check from security patch. No revision bump as
there is no functional change.

Problem pointed out by S.P. Zeidler.