Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package owasp-modsecurity-crs for
openSUSE:Factory checked in at 2025-01-30 14:52:56
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/owasp-modsecurity-crs (Old)
and /work/SRC/openSUSE:Factory/.owasp-modsecurity-crs.new.2316 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "owasp-modsecurity-crs"
Thu Jan 30 14:52:56 2025 rev:10 rq:1241296 version:4.10.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/owasp-modsecurity-crs/owasp-modsecurity-crs.changes
2025-01-28 17:06:17.421230934 +0100
+++
/work/SRC/openSUSE:Factory/.owasp-modsecurity-crs.new.2316/owasp-modsecurity-crs.changes
2025-01-30 14:53:06.698166132 +0100
@@ -1,0 +2,13 @@
+Thu Jan 23 14:23:17 UTC 2025 - pgaj...@suse.com
+
+- package cleanup, coordinated with apache2-mod_security2
+ cleanup
+- version update to 4.10.0
+ * New features and detections
+ - feat: block CVE-2023-5003 by @azurit in
https://github.com/coreruleset/coreruleset/pull/3955
+ - feat: prevent accessing PHP variables by @azurit in
https://github.com/coreruleset/coreruleset/pull/3965
+ * Other Changes
+ - fix: FP against `pattern` with `=` following at arbitrary position by
@theseion in
+ https://github.com/coreruleset/coreruleset/pull/3963
+
+-------------------------------------------------------------------
Old:
----
owasp-modsecurity-crs-4.9.0.tar.xz
owasp-modsecurity-crs-rpmlintrc
New:
----
coreruleset-4.10.0.tar.gz
coreruleset-4.10.0.tar.gz.asc
owasp-modsecurity-crs.keyring
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ owasp-modsecurity-crs.spec ++++++
--- /var/tmp/diff_new_pack.dPPjKY/_old 2025-01-30 14:53:07.366193688 +0100
+++ /var/tmp/diff_new_pack.dPPjKY/_new 2025-01-30 14:53:07.366193688 +0100
@@ -17,28 +17,18 @@
#
-%define apxs2 %{_bindir}/apxs
-%define apache2 apache2
-%define apache2_mm %(MMN=$(%{apxs2} -q LIBEXECDIR)_MMN; test -x $MMN && $MMN)
-%define apache2_libexecdir %(%{apxs2} -q LIBEXECDIR)
-%define apache2_sysconfdir %(%{apxs2} -q SYSCONFDIR)
-%define apache2_includedir %(%{apxs2} -q INCLUDEDIR)
-%define apache2_serverroot %(%{apxs2} -q PREFIX)
-%define apache2_localstatedir %(%{apxs2} -q LOCALSTATEDIR)
Name: owasp-modsecurity-crs
-Version: 4.9.0
+Version: 4.10.0
Release: 0
Summary: OWASP ModSecurity Common Rule Set (CRS)
License: Apache-2.0
Group: Productivity/Networking/Security
URL: https://coreruleset.org
-Source0:
https://github.com/coreruleset/coreruleset/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.xz
-Source99: README.SUSE
-Source100: %{name}-rpmlintrc
-BuildRequires: apache2-devel
-BuildRequires: gcc-c++
-BuildRequires: rpm-devel
-BuildRequires: zlib-devel
+Source0:
https://github.com/coreruleset/coreruleset/archive/refs/tags/v%{version}.tar.gz#/coreruleset-%{version}.tar.gz
+Source1:
https://github.com/coreruleset/coreruleset/releases/download/v%{version}/coreruleset-%{version}.tar.gz.asc
+Source2: %{name}.keyring
+Source10: README.SUSE
+BuildRequires: apache-rpm-macros
Provides: %{name} = %{version}
BuildArch: noarch
@@ -54,69 +44,36 @@
Requires: apache2-mod_security2
%description apache2
-The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection
rules for use with ModSecurity
-or compatible web application firewalls. The CRS aims to protect web
applications from a wide range of attacks,
-including the OWASP Top Ten, with a minimum of false alerts.
-
-Includes Apache httpd 2.x rules
+The OWASP ModSecurity Core Rule Set (CRS) Apache2 HTTPD configuration.
%prep
-%setup -q -n coreruleset-%{version}
-sed -i -e '/^#!/c#!%{_bindir}/python3' util/*/*.py
-cp %{SOURCE99} .
+%autosetup -p1 -n coreruleset-%{version}
+cp %{SOURCE10} .
%build
-# Build configuration files
-mkdir -p .%{_sysconfdir}/%{name}/rules.d
-mkdir -p .%{_sysconfdir}/%{name}/rules
-
-for rule in rules/*.conf
-do
- RULE=$(basename ${rule})
- echo "Include \"%{_datadir}/%{name}/rules/$RULE\"" >
.%{_sysconfdir}/%{name}/rules/$RULE
- echo "Include \"%{_sysconfdir}/%{name}/rules/$RULE\"" >>
.%{_sysconfdir}/%{name}/rules.conf
-done
-ln -s ../rules.conf .%{_sysconfdir}/%{name}/rules.d/rules.conf
-
-echo "Include \"%{_datadir}/%{name}/crs-setup.conf.example\"" >
.%{_sysconfdir}/%{name}/crs-setup.conf
-# Create Apache2 include
-mkdir -p .%{apache2_sysconfdir}/conf.d
-echo "<IfModule mod_security2.c>" > .%{apache2_sysconfdir}/conf.d/%{name}.conf
-echo -e "\tInclude \"%{_sysconfdir}/%{name}/crs-setup.conf\"" >>
.%{apache2_sysconfdir}/conf.d/%{name}.conf
-echo -e "\tInclude \"%{_sysconfdir}/%{name}/rules.d/*\"" >>
.%{apache2_sysconfdir}/conf.d/%{name}.conf
-echo "</IfModule>" >> .%{apache2_sysconfdir}/conf.d/%{name}.conf
%install
-# CRS data
-mkdir -p %{buildroot}%{_datadir}/%{name}
-cp -dr {util,*.conf*} %{buildroot}%{_datadir}/%{name}/
-for rule_set in %{rule_sets}
-do
-cp -r rules %{buildroot}%{_datadir}/%{name}/
+# rules
+mkdir -p %{buildroot}/%{_datadir}/%{name}
+cp -ra rules %{buildroot}%{_datadir}/%{name}
+# top-level Apache2 conf for mod_security2
+mkdir -p %{buildroot}%{apache_sysconfdir}/mod_security2.d/rules
+# has to be read before rules
+cp -a crs-setup.conf.example
%{buildroot}%{apache_sysconfdir}/mod_security2.d/modsecurity-crf-setup.conf
+# rules linked to mod_security2 conf
+for rule in `ls %{buildroot}%{_datadir}/%{name}/rules` ; do
+ ln -s %{_datadir}/%{name}/rules/$rule
%{buildroot}%{apache_sysconfdir}/mod_security2.d/rules/$rule
done
-# Configuration files
-mkdir -p %{buildroot}/%{_sysconfdir}
-cp -dr .%{_sysconfdir}/* %{buildroot}%{_sysconfdir}/
%files
-%defattr(644,root,root,755)
-%doc CHANGES.md README.md README.SUSE
+%doc CONTRIBUTING.md CHANGES.md KNOWN_BUGS.md README.md README.SUSE
SECURITY.md SPONSORS.md docs/README.md
%license LICENSE
-%dir %{_datadir}/%{name}
-%{_datadir}/%{name}/util
-%attr(0754, root, root) %{_datadir}/%{name}/util/crs-rules-check/rules-check.py
-%attr(0754, root, root)
%{_datadir}/%{name}/util/find-rules-without-test/find-rules-without-test.py
-%attr(0754, root, root)
%{_datadir}/%{name}/util/php-dictionary-gen/php-dictionary-creator.sh
-%attr(0754, root, root) %{_datadir}/%{name}/util/rule_ctl/rule_ctl.py
-%{_datadir}/%{name}/*.conf*
-%{_datadir}/%{name}/rules
+%{_datadir}/%{name}
%files apache2
-%config(noreplace) %{apache2_sysconfdir}/conf.d/%{name}.conf
-%dir %{_sysconfdir}/%{name}
-%dir %{_sysconfdir}/%{name}/rules.d
-%config(noreplace) %{_sysconfdir}/%{name}/crs-setup.conf
-%config(noreplace) %{_sysconfdir}/%{name}/rules
-%config(noreplace) %{_sysconfdir}/%{name}/rules.conf
-%config(noreplace) %{_sysconfdir}/%{name}/rules.d/rules.conf
+%dir %{apache_sysconfdir}
+%dir %{apache_sysconfdir}/mod_security2.d
+%config %{apache_sysconfdir}/mod_security2.d/*
+%dir %{apache_sysconfdir}/mod_security2.d/rules
+%config %{apache_sysconfdir}/mod_security2.d/rules/*
