On Fri, Jun 02, 2023 at 09:46:19PM +0200, Paul Gevers wrote:
> Hi,
>
> On 01-06-2023 22:39, Ervin Hegedüs wrote:
>
> > On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
> > I think there is absolutely no risk. Bot package (libmodsecurity3
> > and libnginx-mod-http-modsecurity) is total
Hi,
On 01-06-2023 22:39, Ervin Hegedüs wrote:
sorry to join this conversation :),
No, not at all.
On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
I think there is absolutely no risk. Bot package (libmodsecurity3
and libnginx-mod-http-modsecurity) is totally new packages, we
won'
Hi Salvatore,
On Thu, Jun 01, 2023 at 10:24:28PM +0200, Salvatore Bonaccorso wrote:
> Hi Paul,
>
> > Yet there is a huge amount of white space changes and other changes that
> > look gratuitous. This is really not looking like a targeted fix. @Salvatore,
> > can we do a targeted security upload v
hi there,
sorry to join this conversation :),
On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
> control: tags -1 moreinfo
>
> Hi,
>
> On 28-05-2023 21:30, Alberto Gonzalez Iniesta wrote:
> > 2) The risks on the release quality are almost zero. Only
> > libnginx-mod-http-modsecurity
Hi Paul,
On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
> control: tags -1 moreinfo
>
> Hi,
>
> On 28-05-2023 21:30, Alberto Gonzalez Iniesta wrote:
> > 2) The risks on the release quality are almost zero. Only
> > libnginx-mod-http-modsecurity depends on it (being modsecurity a
>
control: tags -1 moreinfo
Hi,
On 28-05-2023 21:30, Alberto Gonzalez Iniesta wrote:
2) The risks on the release quality are almost zero. Only
libnginx-mod-http-modsecurity depends on it (being modsecurity a
library).
That's not the only part that we mean here. We also mean, how big is the
ris
Processing control commands:
> tags -1 moreinfo
Bug #1035748 [release.debian.org] unblock: modsecurity/3.0.9-1
Ignoring request to alter tags of bug #1035748 to the same tags previously set
--
1035748: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035748
Debian Bug Tracking System
Contact o
Hi, Salvatore. Thanks for the heads up!
Hi, Paul et al.
Answering the questions on the referred page:
1) Yes, mainly a bugfix release as noted in its changelog [1]
2) The risks on the release quality are almost zero. Only
libnginx-mod-http-modsecurity depends on it (being modsecurity a
library).
Hi Alberto,
On Wed, May 24, 2023 at 12:26:33PM +0200, Paul Gevers wrote:
> control: tags -1 moreinfo
>
> Hi,
>
> On Mon, 08 May 2023 18:16:51 +0200 Alberto Gonzalez Iniesta
> wrote:
> > A new upstream version of modsecurity fixes a security bug
> > (CVE-2023-28882, #1035083).
> > We also fixed
control: tags -1 moreinfo
Hi,
On Mon, 08 May 2023 18:16:51 +0200 Alberto Gonzalez Iniesta
wrote:
A new upstream version of modsecurity fixes a security bug
(CVE-2023-28882, #1035083).
We also fixed a FTBFS in the meantime (#1034760).
Also nginx moved to pcre2, which we also did after the curr
10 matches
Mail list logo
