httpd security, bug fix, and enhancement update

[2.2.15-45.0.1]

• replace index.html with Oracle’s index page oracle_index.html
• update vstring in specfile
  [2.2.15-45]
• mod_proxy_balancer: add support for ‘drain mode’ (N) (#767130)
  [2.2.15-44]
• set SSLCipherSuite to DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES (#1086771)
  [2.2.15-43]
• revert DirectoryMatch patch from 2.2.15-40 (#1016963)
  [2.2.15-42]
• core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
  [2.2.15-41]
• fix compilation with older OpenSSL caused by misspelling in patch (#1162268)
  [2.2.15-40]
• mod_proxy: do not mix workers shared memory during graceful restart (#1149906)
• mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache
  are used and SSL session is resumed (#1149703)
• mod_ssl: log revoked certificates at the INFO level (#1161328)
• mod_ssl: use -extensions v3_req for certificate generation (#906476)
• core: check the config file before restarting the server (#1146194)
• core: do not match files when using DirectoryMatch (#1016963)
• core: improve error message for inaccessible DocumentRoot (#987590)
• rotatelogs: improve support for localtime (#922844)
• mod_deflate: fix decompression of files larger than 4GB (#1057695)
• ab: fix integer overflow when printing stats with lot of requests (#1092419)
• ab: try all addresses instead of failing on first one when not available (#1125269)
• ab: fix read failure when targeting SSL server (#1045477)
• apachectl: support HTTPD_LANG variable from /etc/sysconfig/httpd (#963146)
• do not display ‘bomb’ icon for files ending with ‘core’ (#1069625)