On Fri, Jun 02, 2023 at 09:46:19PM +0200, Paul Gevers wrote:
> Hi,
>
> On 01-06-2023 22:39, Ervin Hegedüs wrote:
>
> > On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
> > I think there is absolutely no risk. Bot package (libmodsecurity3
> > and libnginx-mod-http-modsecurity) is
Hi,
On 01-06-2023 22:39, Ervin Hegedüs wrote:
sorry to join this conversation :),
No, not at all.
On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
I think there is absolutely no risk. Bot package (libmodsecurity3
and libnginx-mod-http-modsecurity) is totally new packages, we
Hi Salvatore,
On Thu, Jun 01, 2023 at 10:24:28PM +0200, Salvatore Bonaccorso wrote:
> Hi Paul,
>
> > Yet there is a huge amount of white space changes and other changes that
> > look gratuitous. This is really not looking like a targeted fix. @Salvatore,
> > can we do a targeted security upload
hi there,
sorry to join this conversation :),
On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
> control: tags -1 moreinfo
>
> Hi,
>
> On 28-05-2023 21:30, Alberto Gonzalez Iniesta wrote:
> > 2) The risks on the release quality are almost zero. Only
> >
Hi Paul,
On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
> control: tags -1 moreinfo
>
> Hi,
>
> On 28-05-2023 21:30, Alberto Gonzalez Iniesta wrote:
> > 2) The risks on the release quality are almost zero. Only
> > libnginx-mod-http-modsecurity depends on it (being modsecurity a
>
control: tags -1 moreinfo
Hi,
On 28-05-2023 21:30, Alberto Gonzalez Iniesta wrote:
2) The risks on the release quality are almost zero. Only
libnginx-mod-http-modsecurity depends on it (being modsecurity a
library).
That's not the only part that we mean here. We also mean, how big is the
Hi, Salvatore. Thanks for the heads up!
Hi, Paul et al.
Answering the questions on the referred page:
1) Yes, mainly a bugfix release as noted in its changelog [1]
2) The risks on the release quality are almost zero. Only
libnginx-mod-http-modsecurity depends on it (being modsecurity a
library).
Hi Alberto,
On Wed, May 24, 2023 at 12:26:33PM +0200, Paul Gevers wrote:
> control: tags -1 moreinfo
>
> Hi,
>
> On Mon, 08 May 2023 18:16:51 +0200 Alberto Gonzalez Iniesta
> wrote:
> > A new upstream version of modsecurity fixes a security bug
> > (CVE-2023-28882, #1035083).
> > We also fixed
control: tags -1 moreinfo
Hi,
On Mon, 08 May 2023 18:16:51 +0200 Alberto Gonzalez Iniesta
wrote:
A new upstream version of modsecurity fixes a security bug
(CVE-2023-28882, #1035083).
We also fixed a FTBFS in the meantime (#1034760).
Also nginx moved to pcre2, which we also did after the
9 matches
Mail list logo
