diff --git a/component/apache/buildout.cfg b/component/apache/buildout.cfg
index 96e8f2a3dfab8a326fe1e1656ec2a50f092555b7..42d1c7162ba8b1965e77a6ba9a1ba43bc045771f 100644
--- a/component/apache/buildout.cfg
+++ b/component/apache/buildout.cfg
@@ -13,20 +13,23 @@ extends =
   ../sqlite3/buildout.cfg
   ../zlib/buildout.cfg
 
-[apache-hack-msvc8-httpd-2.2.4.patch]
+[apache-CVE-2011-3368.patch]
 recipe = hexagonit.recipe.download
-md5sum = 49c811a7dcf56c50d701cf8341d07f4a
-url = http://www.apache.org/dist/httpd/patches/apply_to_2.2.4/hack-msvc8-httpd-2.2.4.patch
+md5sum = 1ad598213480ddfc239ce6359b7b2c0b
+url = http://www.apache.org/dist/httpd/patches/apply_to_2.2.21/CVE-2011-3368.patch
 filename = ${:_buildout_section_name_}
 download-only = true
 
-
 [apache]
+# inspired on http://old.aclark.net/team/aclark/blog/a-lamp-buildout-for-wordpress-and-other-php-apps/
 recipe = hexagonit.recipe.cmmi
 depends =
   ${gdbm:version}
-url = http://mir2.ovh.net/ftp.apache.org//dist/httpd/httpd-2.4.1.tar.bz2
-md5sum = 7d3001c7a26b985d17caa367a868f11c
+url = http://mir2.ovh.net/ftp.apache.org/dist//httpd/httpd-2.2.21.tar.bz2
+md5sum = 1696ae62cd879ab1d4dd9ff021a470f2
+patches =
+  ${apache-CVE-2011-3368.patch:location}/${apache-CVE-2011-3368.patch:filename}
+patch-options = -p1
 configure-options = --disable-static
                     --enable-authn-alias
                     --enable-bucketeer