diff --git a/.gitignore b/.gitignore
index 1f04fc9..99a58b7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,10 @@ bugzilla-3.6.1.tar.gz
 /bugzilla-4.0.tar.gz
 /bugzilla-4.0.1.tar.gz
 /bugzilla-4.0.2.tar.gz
+/bugzilla-4.0.3.tar.gz
+/bugzilla-4.0.4.tar.gz
+/bugzilla-4.0.5.tar.gz
+/bugzilla-4.0.6.tar.gz
+/bugzilla-4.0.7.tar.gz
+/bugzilla-4.0.8.tar.gz
+/bugzilla-4.0.9.tar.gz
diff --git a/README.fedora.bugzilla b/README.fedora.bugzilla
index 2611a75..4663885 100644
--- a/README.fedora.bugzilla
+++ b/README.fedora.bugzilla
@@ -9,7 +9,7 @@ the values in this file are accurate for your environment.
 
 Once this is done, you may need to modify default settings for your database
 to ensure it accepts Bugzilla data properly.  Please see 
-http://www.bugzilla.org/docs/2.22/html/configuration.html for specifics of 
+http://www.bugzilla.org/docs/4.0/en/html/configuration.html for specifics of 
 database setting modifications.
 
 Lastly, simply re-run checksetup.pl to populate the database tables, set up
@@ -20,6 +20,6 @@ put in place after configuration is done.  The first is a daily cron job for
 statistics collection.  This is in the file "cron.daily" and can be enabled by
 simply copying this file to /etc/cron.daily/bugzilla (or any other file name
 in the /etc/cron.daily/ directory).  The second is the "whine" cron job,
-designed to run every 15 minutes.  To enable this job, simply coopy the
+designed to run every 15 minutes.  To enable this job, simply copy the
 cron.whine file to /etc/cron.d/bugzilla (or any othe filename within the
 /etc/cron.d/ directory).
diff --git a/bugzilla-httpd-conf b/bugzilla-httpd-conf
index 0373cb4..be0987f 100644
--- a/bugzilla-httpd-conf
+++ b/bugzilla-httpd-conf
@@ -4,6 +4,8 @@ Alias /bugzilla /usr/share/bugzilla
 <Directory /usr/share/bugzilla>
   AddHandler cgi-script .cgi
   Options +Indexes +ExecCGI +FollowSymLinks
-  DirectoryIndex index.cgi
+  DirectoryIndex index.cgi index.html
   AllowOverride Limit Options FileInfo
+  AddType application/vnd.mozilla.xul+xml .xul
+  AddType application/rdf+xml .rdf
 </Directory>
diff --git a/bugzilla.spec b/bugzilla.spec
index 3739bcc..f5de14f 100644
--- a/bugzilla.spec
+++ b/bugzilla.spec
@@ -4,7 +4,7 @@
 Summary: Bug tracking system
 URL: http://www.bugzilla.org/
 Name: bugzilla
-Version: 4.0.2
+Version: 4.0.9
 Group: Applications/Publishing
 Release: 1%{?dist}
 License: MPLv1.1
@@ -28,6 +28,7 @@ Requires: perl(Email::Send) >= 2.00
 Requires: perl(Email::MIME) >= 1.904
 Requires: perl(URI)
 Requires: perl(List::MoreUtils) >= 0.22
+Requires: perl(Locale::Language)
 
 %package doc
 Summary: Bugzilla documentation
@@ -42,40 +43,15 @@ Summary: Bugzilla contributed scripts
 Group: Applications/Publishing
 BuildRequires: python
 
-# RPM 4.8 style:
-# Filter underspecified dependencies        
-# Remove all optional modules from the requires stream
-%filter_from_requires /perl(sanitycheck.cgi)/d
-# mod_perl modules
-%filter_from_requires /perl(Apache2::Const)/d; /perl(Apache2::ServerUtil)/d
-%filter_from_requires /perl(Apache2::SizeLimit)/d; /perl(ModPerl::RegistryLoader)/d
-# authentification modules
-%filter_from_requires /perl(Authen::Radius)/d; /perl(Net::LDAP)/d
-# database modules
-%filter_from_requires /perl(DBD::Oracle)/d; /perl(DBD::Pg)/d
-%filter_from_requires /perl(DBI::db)/d; /perl(DBI::st)/d
-# inbound email modules
-%filter_from_requires /perl(Email::MIME::Attachment::Stripper)/d; /perl(Email::Reply)/d
-# bug moving modules
-%filter_from_requires /perl(MIME::Parser)/d; /perl(XML::Twig)/d
-# xml-rpc and json-rpc modules
-%filter_from_requires /perl(XMLRPC::Lite)/d; /perl(XMLRPC::Transport::HTTP)/d
-%filter_from_requires /perl(HTTP::Message)/d; /perl(Test::Taint)/d
-# extension modules
-%filter_from_requires /perl(Image::Magick)/d
-# and remove the extensions from the provides stream
-%filter_from_provides /perl(Bugzilla::Extension::BmpConvert)/d; /perl(Bugzilla::Extension::Example)/d
-%filter_setup
+%{?perl_default_filter}
 
-# RPM 4.9 style:
-# Filter underspecified dependencies        
-# Remove all optional modules from the requires stream
+# Remove private modules from the requires stream
 %global __requires_exclude %__requires_exclude|^perl\\(sanitycheck.cgi\\)$
+
+# Remove all optional modules from the requires stream
 # mod_perl modules
-%global __requires_exclude %__requires_exclude|^perl\\(Apache2::Const\\)$
-%global __requires_exclude %__requires_exclude|^perl\\(Apache2::ServerUtil\\)$
-%global __requires_exclude %__requires_exclude|^perl\\(Apache2::SizeLimit\\)$
-%global __requires_exclude %__requires_exclude|^perl\\(ModPerl::RegistryLoader\\)$
+%global __requires_exclude %__requires_exclude|^perl\\(Apache2::
+%global __requires_exclude %__requires_exclude|^perl\\(ModPerl::
 # authentification modules
 %global __requires_exclude %__requires_exclude|^perl\\(Authen::Radius\\)$
 %global __requires_exclude %__requires_exclude|^perl\\(Net::LDAP\\)$
@@ -91,15 +67,14 @@ BuildRequires: python
 %global __requires_exclude %__requires_exclude|^perl\\(MIME::Parser\\)$
 %global __requires_exclude %__requires_exclude|^perl\\(XML::Twig\\)$
 # xml-rpc and json-rpc modules
-%global __requires_exclude %__requires_exclude|^perl\\(XMLRPC::Lite\\)$
-%global __requires_exclude %__requires_exclude|^perl\\(XMLRPC::Transport::HTTP\\)$
+%global __requires_exclude %__requires_exclude|^perl\\(XMLRPC::
 %global __requires_exclude %__requires_exclude|^perl\\(HTTP::Message\\)$
 %global __requires_exclude %__requires_exclude|^perl\\(Test::Taint\\)$
 # extension modules
 %global __requires_exclude %__requires_exclude|^perl\\(Image::Magick\\)$
+
 # and remove the extensions from the provides stream
-%global __requires_exclude %__requires_exclude|^perl\\(Bugzilla::Extension::BmpConvert\\)$
-%global __requires_exclude %__requires_exclude|^perl\\(Bugzilla::Extension::Example\\)$
+%global __requires_exclude %__requires_exclude|^perl\\(Bugzilla::Extension::
 
 %description
 Bugzilla is a popular bug tracking system used by multiple open source projects
@@ -121,6 +96,7 @@ Contributed scripts and functions for Bugzilla
 %patch0 -p1
 %patch1 -p1
 rm -f Bugzilla/Constants.pm.orig
+rm -f Bugzilla/Install/Requirements.pm.orig
 # Remove bundled libs
 rm -rf lib/CGI*
 
@@ -231,6 +207,33 @@ popd > /dev/null)
 %{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh
 
 %changelog
+* Wed Nov 14 2012 Emmanuel Seyman <emmanuel@seyman.fr> - 4.0.9-1
+- Update to 4.0.9
+
+* Sun Sep 02 2012 Emmanuel Seyman <emmanuel@seyman.fr> - 4.0.8-1
+- Update to 4.0.8 (CVE-2012-3981)
+
+* Mon Jul 30 2012 Emmanuel Seyman <emmanuel.seyman@club-internet.fr> - 4.0.7-1
+- Update to 4.0.7 (CVE-2012-1969)
+
+* Fri Apr 20 2012 Emmanuel Seyman <emmanuel.seyman@club-internet.fr> - 4.0.6-1
+- Update to 4.0.6
+
+* Fri Feb 24 2012 Emmanuel Seyman <emmanuel.seyman@club-internet.fr> - 4.0.5-1
+- Update to 4.0.5 to fix security issues (CVE-2012-0453)
+- Block all ModPerl::* and Apache2::* from requires
+- Remove rpm4.8 filters
+
+* Wed Feb  1 2012 Emmanuel Seyman <emmanuel.seyman@club-internet.fr> - 4.0.4-1
+- Update to 4.0.4 to fix security flaws (#786550)
+- Correct upstream URL in README.fedora.bugzilla, thanks to Ken Dreyer (#783014)
+
+* Sun Jan 08 2012 Emmanuel Seyman <emmanuel.seyman@club-internet.fr> - 4.0.3-1
+- Update to 4.0.3
+- Add perl(Locale::Language) to the Requires
+- Add index.html to the DirectoryIndex
+- Fix typo in README.fedora.bugzilla
+
 * Fri Aug 05 2011 Emmanuel Seyman <emmanuel.seyman@club-internet.fr> - 4.0.2-1
 - Update to 4.0.2
 - Add RPM-4.9-style filtering
diff --git a/sources b/sources
index 6a4140d..bb09a56 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1244a7a477682ecc9caadf840d960d2e  bugzilla-4.0.2.tar.gz
+629bde008a0f82ecfa875a44f238397c  bugzilla-4.0.9.tar.gz