commit apache2-mod_security2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package apache2-mod_security2 for
openSUSE:Factory checked in at 2024-06-05 17:39:46
Comparing /work/SRC/openSUSE:Factory/apache2-mod_security2 (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_security2.new.24587 (New)
Package is "apache2-mod_security2"
Wed Jun 5 17:39:46 2024 rev:31 rq:1178493 version:2.9.7
Changes:
---
/work/SRC/openSUSE:Factory/apache2-mod_security2/apache2-mod_security2.changes
2024-05-13 17:59:02.584001246 +0200
+++
/work/SRC/openSUSE:Factory/.apache2-mod_security2.new.24587/apache2-mod_security2.changes
2024-06-05 17:40:08.449170610 +0200
@@ -1,0 +2,13 @@
+Tue Jun 4 12:14:51 UTC 2024 - pgaj...@suse.com
+
+- %autopatch instead of %patchN
+- modified patches
+ % apache2-mod_security2-no_rpath.diff (refreshed)
+
+---
+Tue Jun 4 11:03:29 UTC 2024 - Dominique Leuenberger
+
+- Fix patch application syntax: Use %patch -P N instead of
+ deprecated %patchN.
+
+---
Other differences:
--
++ apache2-mod_security2.spec ++
--- /var/tmp/diff_new_pack.Po4AqZ/_old 2024-06-05 17:40:09.313202063 +0200
+++ /var/tmp/diff_new_pack.Po4AqZ/_new 2024-06-05 17:40:09.313202063 +0200
@@ -66,11 +66,7 @@
%setup -q -n %{tarballname}
%setup -q -D -T -a 1 -n %{tarballname}
mv -v SpiderLabs* rules
-%patch -P 0
-%patch -P 1 -p1
-%patch -P 2 -p1
-%patch -P 3 -p1
-%patch4 -p1
+%autopatch -p1
%build
aclocal
++ apache2-mod_security2-no_rpath.diff ++
--- /var/tmp/diff_new_pack.Po4AqZ/_old 2024-06-05 17:40:09.373204248 +0200
+++ /var/tmp/diff_new_pack.Po4AqZ/_new 2024-06-05 17:40:09.377204393 +0200
@@ -1,7 +1,7 @@
Index: apache2/Makefile.am
===
apache2/Makefile.am.orig
-+++ apache2/Makefile.am
+--- a/apache2/Makefile.am.orig
b/apache2/Makefile.am
@@ -118,7 +118,7 @@ mod_security2_la_LDFLAGS = -module -avoi
endif
@@ -13,8 +13,8 @@
@APXS_LDFLAGS@ \
Index: apache2/Makefile.in
===
apache2/Makefile.in.orig
-+++ apache2/Makefile.in
+--- a/apache2/Makefile.in.orig
b/apache2/Makefile.in
@@ -691,7 +691,7 @@ libinjection/mod_security2_la-libinjecti
libinjection/$(DEPDIR)/$(am__dirstamp)
@@ -26,8 +26,8 @@
-rm -f *.$(OBJEXT)
Index: build/libtool.m4
===
build/libtool.m4.orig
-+++ build/libtool.m4
+--- a/build/libtool.m4.orig
b/build/libtool.m4
@@ -5053,7 +5053,7 @@ dnl Note also adjust exclude_expsyms for
# are reset later if shared libraries are not supported. Putting them
# here allows them to be overridden if necessary.
commit apache2-mod_security2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package apache2-mod_security2 for
openSUSE:Factory checked in at 2021-07-20 15:39:41
Comparing /work/SRC/openSUSE:Factory/apache2-mod_security2 (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_security2.new.2632 (New)
Package is "apache2-mod_security2"
Tue Jul 20 15:39:41 2021 rev:28 rq:907289 version:2.9.4
Changes:
---
/work/SRC/openSUSE:Factory/apache2-mod_security2/apache2-mod_security2.changes
2021-02-23 20:23:09.347801628 +0100
+++
/work/SRC/openSUSE:Factory/.apache2-mod_security2.new.2632/apache2-mod_security2.changes
2021-07-20 15:40:39.369600303 +0200
@@ -1,0 +2,17 @@
+Mon Jul 19 09:37:45 UTC 2021 - Danilo Spinella
+
+- Update to 2.9.4:
+ * Add microsec timestamp resolution to the formatted log timestamp
+ * Added missing Geo Countries
+ * Store temporaries in the request pool for regexes compiled per-request.
+ * Fix other usage of the global pool for request temporaries in
re_operators.c
+ * Adds a sanity check before use ctl:ruleRemoveTargetById and
ctl:ruleRemoveTargetByMsg.
+ * Fix the order of error_msg validation
+ * When the input filter finishes, check whether we returned data
+ * fix: care non-null terminated chunk data
+ * Fix for apr_global_mutex_create() crashes with mod_security
+ * Fix inet addr handling on 64 bit big endian systems
+- Run spec-cleaner
+- Remove if/else for older version of SUSE distribution
+
+---
Old:
modsecurity-2.9.3.tar.gz
New:
modsecurity-2.9.4.tar.gz
Other differences:
--
++ apache2-mod_security2.spec ++
--- /var/tmp/diff_new_pack.1rssmm/_old 2021-07-20 15:40:40.021601469 +0200
+++ /var/tmp/diff_new_pack.1rssmm/_new 2021-07-20 15:40:40.025601476 +0200
@@ -20,13 +20,13 @@
%define tarballname modsecurity-%{version}
%define usrsharedir %{_datadir}/%{name}
Name: apache2-mod_security2
-Version:2.9.3
+Version:2.9.4
Release:0
Summary:Web Application Firewall for apache httpd
License:Apache-2.0
Group: Productivity/Networking/Web/Servers
-URL:http://www.modsecurity.org/
-Source:
https://www.modsecurity.org/tarball/%{version}/%{tarballname}.tar.gz
+URL:https://www.modsecurity.org/
+Source:
https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz
Source1:
https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master//SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz
Source2:mod_security2.conf
Source6:README-SUSE-mod_security2.txt
@@ -52,9 +52,6 @@
Requires: %{apache_mmn}
Requires: %{apache_suse_maintenance_mmn}
Requires: apache2
-%if 0%{suse_version} == 1110
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-%endif
%description
ModSecurity is an intrusion detection and prevention
@@ -73,13 +70,7 @@
%patch3 -p1
%build
-# aclocal only works with newer distributions
-%if 0%{?suse_version} >= 1310
aclocal
-# on older versions only autoconf is called
-%else
-autoreconf -fi
-%endif
automake
%configure --with-apxs=%{apache_apxs} --enable-request-early
--enable-htaccess-config --disable-mlogc
CFLAGS="%{optflags}" make %{?_smp_mflags}
@@ -114,16 +105,14 @@
#make test-regression
%files
-%if %{suse_version} == 1110
-%defattr (-,root,root)
-%endif
%{apache_libexecdir}/%{modname}.so
%config(noreplace) %{apache_sysconfdir}/conf.d/%{modname}.conf
%dir %{apache_sysconfdir}/mod_security2.d
%{apache_sysconfdir}/mod_security2.d/README-SUSE-mod_security2.txt
%{apache_sysconfdir}/mod_security2.d/empty.conf
%{usrsharedir}
-%doc README.md CHANGES LICENSE NOTICE authors.txt
+%license LICENSE
+%doc README.md CHANGES NOTICE authors.txt
%doc doc/README.txt
%doc doc/README-SUSE-mod_security2.txt
%doc rules/util/regression-tests
++ modsecurity-2.9.3.tar.gz -> modsecurity-2.9.4.tar.gz ++
4004 lines of diff (skipped)
retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/modsecurity-2.9.3/CHANGES new/modsecurity-2.9.4/CHANGES
--- old/modsecurity-2.9.3/CHANGES 2018-12-04 19:49:37.0 +0100
+++ new/modsecurity-2.9.4/CHANGES 2021-06-21 14:36:18.0 +0200
@@ -1,3 +1,28 @@
+21 Jun 2021 - 2.9.4
+---
+
+ * Add microsec timestamp resolution to the formatted log timestamp
+
commit apache2-mod_security2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package apache2-mod_security2 for openSUSE:Factory checked in at 2021-02-23 20:21:41 Comparing /work/SRC/openSUSE:Factory/apache2-mod_security2 (Old) and /work/SRC/openSUSE:Factory/.apache2-mod_security2.new.2378 (New) Package is "apache2-mod_security2" Tue Feb 23 20:21:41 2021 rev:27 rq:874491 version:2.9.3 Changes: --- /work/SRC/openSUSE:Factory/apache2-mod_security2/apache2-mod_security2.changes 2020-02-20 14:57:59.542595574 +0100 +++ /work/SRC/openSUSE:Factory/.apache2-mod_security2.new.2378/apache2-mod_security2.changes 2021-02-23 20:23:09.347801628 +0100 @@ -1,0 +2,86 @@ +Tue Feb 23 07:49:57 UTC 2021 - pgaj...@suse.com + +- version update to 2.9.3 + * Enable optimization for large stream input by default on IIS + [Issue #1299 - @victorhora, @zimmerle] + * Allow 0 length JSON requests. + [Issue #1822 - @allanbomsft, @zimmerle, @victorhora, @marcstern] + * Include unanmed JSON values in unnamed ARGS + [Issue #1577, #1576 - @marcstern, @victorhora, @zimmerle] + * Fix buffer size for utf8toUnicode transformation + [Issue #1208 - @katef, @victorhora] + * Fix sanitizing JSON request bodies in native audit log format + [p0pr0ck5, @victorhora] + * IIS: Update Wix installer to bundle a supported CRS version (3.0) + [@victorhora, @zimmerle] + * IIS: Update dependencies for Windows build + [Issue #1848 - @victorhora, @hsluoyz] + * IIS: Set SecStreamInBodyInspection by default on IIS builds (#1299) + [Issue #1299 - @victorhora] + * IIS: Update modsecurity.conf + [Issue #788 - @victorhora, @brianclark] + * Add sanity check for a couple malloc() and make code more resilient + [Issue #979 - @dogbert2, @victorhora, @zimmerl] + * Fix NetBSD build by renaming the hmac function to avoid conflicts + [Issue #1241 - @victorhora, @joerg, @sevan] + * IIS: Windows build, fix duplicate YAJL dir in script + [Issue #1612 - @allanbomsft, @victorhora] + * IIS: Remove body prebuffering due to no locking in modsecProcessRequest + [Issue #1917 - @allanbomsft, @victorhora] + * Fix mpm-itk / mod_ruid2 compatibility + [Issue #712 - @ju5t , @derhansen, @meatlayer, @victorhora] + * Code cosmetics: checks if actionset is not null before use it + [Issue #1556 - @marcstern, @zimmerle, @victorhora] + * Only generate SecHashKey when SecHashEngine is On + [Issue #1671 - @dmuey, @monkburger, @zimmerle] + * Docs: Reformat README to Markdown and update dependencies + [Issue #1857 - @hsluoyz, @victorhora] + * IIS: no lock on ProcessRequest. No reload of config. + [Issue #1826 - @allanbomsft] + * IIS: buffer request body before taking lock + [Issue #1651 - @allanbomsft] + * good practices: Initialize variables before use it + [Issue #1889 - Marc Stern] + * Let body parsers observe SecRequestBodyNoFilesLimit + [Issue #1613 - @allanbomsft] + * potential off by one in parse_arguments + [Issue #1799 - @tinselcity, @zimmerle] + * Fix utf-8 character encoding conversion + [Issue #1794 - @tinselcity, @zimmerle] + * Fix ip tree lookup on netmask content + [Issue #1793 - @tinselcity, @zimmerle] + * IIS: set overrideModeDefault to Allow so that individual websites can + add to their web.config file + [Issue #1781 - @default-kramer] + * modsecurity.conf-recommended: Fix spelling + [Issue #1721 - @padraigdoran] + * build: fix when multiple lines for curl version + [Issue #1771 - @Artistan] + * Fix arabic charset in unicode_mapping file + [Issue #1619 - @alaa-ahmed-a] + * Optionally preallocates memory when SecStreamInBodyInspection is on + [Issue #1366 - @allanbomsft, @zimmerle] + * Fixed typo in build_yajl.bat + [Issue #1366 - @allanbomsft] + * Fixes SecConnWriteStateLimit + [Issue #1545 - @nicjansma] + * Added "empy chunk" check + [Issue #1347, #1446 - @gravagli, @bostrt, @zimmerle] + * Add capture action to @detectXSS operator + [Issue #1488, #1482 - @victorhora] + * Fix for wildcard operator when loading conf files on Nginx / IIS + [Issue #1486, #1285 - @victorhora and @thierry-f-78] + * Set of fixies to make windows build workable with the buildbots + [Commit 94fe3 - @zimmerle] + * Uses LOG_NO_STOPWATCH instead of DLOG_NO_STOPWATCH + [Issue #1510 - @marcstern] + * Adds missing headers + [Issue #1454 - @devnexen] +- modified patches + % modsecurity-fixes.patch (fix crash caused by our patch) +[bsc#1180830] +- added patches + + modsecurity-2.9.3-input_filtering_errors.patch +[bsc#1180830] + +--- Old: modsecurity-2.9.2.tar.gz New: modsecurity-2.9.3-input_filtering_errors.patch modsecurity-2.9.3.tar.gz Other differences: -- ++ apache2-mo
