openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of apache2-mod_security2

buildservice-autocommit accepted request 1173611 from

Petr Gajdos (pgajdos) about 21 hours ago (revision 93)

baserev update by copy to link target

Petr Gajdos (pgajdos) accepted request 1172451 from

Petr Gajdos (pgajdos) 1 day ago (revision 92)

- added patches
  fix fix build with gcc14
  + apache2-mod_security2-gcc14.patch

buildservice-autocommit accepted request 1149082 from

Petr Gajdos (pgajdos) 3 months ago (revision 91)

baserev update by copy to link target

Petr Gajdos (pgajdos) accepted request 1147828 from

Dominique Leuenberger (dimstar) 3 months ago (revision 90)

Prepare for RPM 4.20

Danilo Spinella (dspinella) accepted request 1101664 from

Danilo Spinella (dspinella) 10 months ago (revision 89)

revert to 87

Danilo Spinella (dspinella) accepted request 1099113 from

Dirk Mueller (dirkmueller) 10 months ago (revision 88)

- reenable tests
- switch to SpiderLabs owasp 3.2.0 release (final release, upstream
  archived the project, please switch to coreruleset instead):
  * Various security fixes, see 
  * https://raw.githubusercontent.com/SpiderLabs/owasp-modsecurity-crs/v3.2.0/CHANGES
- introduce supply chain security by adding gpg signature and keyring

Danilo Spinella (dspinella) accepted request 1098838 from

Dirk Mueller (dirkmueller) 10 months ago (revision 87)

- update to 2.9.7:
  * Fix: FILES_TMP_CONTENT may sometimes lack complete content
  * Support configurable limit on number of arguments processed
  * Silence compiler warning about discarded const
  * Support for JIT option for PCRE2
  * Use uid for user if apr_uid_name_get() fails
  * Fix: handle error with SecConnReadStateLimit configuration
  * Only check for pcre2 install if required
  * Adjustment of previous fix for log messages
  * Mark apache error log messages as from mod_security2
  * Use pkg-config to find libxml2 first
  * Support for PCRE2 in mlogc
  * Support for PCRE2
  * Adjust parser activation rules in modsecurity.conf-
    recommended
  * Multipart parsing fixes and new MULTIPART_PART_HEADERS
    collection
  * Limit rsub null termination to where necessary
  * IIS: Update dependencies for next planned release
  * XML parser cleanup: NULL duplicate pointer
  * Properly cleanup XML parser contexts upon completion
  * Fix memory leak in streams
  * Fix: negative usec on log line when data type long is 32b
  * mlogc log-line parsing fails due to enhanced timestamp
  * Allow no-key, single-value JSON body
  * Set SecStatusEngine Off in modsecurity.conf-recommended
  * Fix memory leak that occurs on JSON parsing error
  * Multipart names/filenames may include single quote if double-
    quote enclosed
  * Add SecRequestBodyJsonDepthLimit to modsecurity.conf-

Danilo Spinella (dspinella) accepted request 907288 from

Danilo Spinella (dspinella) almost 3 years ago (revision 86)

Danilo Spinella (dspinella) accepted request 907282 from

Danilo Spinella (dspinella) almost 3 years ago (revision 85)

- Update to 2.9.4:
  * Add microsec timestamp resolution to the formatted log timestamp
  * Added missing Geo Countries
  * Store temporaries in the request pool for regexes compiled per-request.
  * Fix other usage of the global pool for request temporaries in re_operators.c
  * Adds a sanity check before use ctl:ruleRemoveTargetById and ctl:ruleRemoveTargetByMsg.
  * Fix the order of error_msg validation
  * When the input filter finishes, check whether we returned data
  * fix: care non-null terminated chunk data
  * Fix for apr_global_mutex_create() crashes with mod_security
  * Fix inet addr handling on 64 bit big endian systems
- Run spec-cleaner
- Remove if/else for older version of SUSE distribution

buildservice-autocommit accepted request 874491 from

Petr Gajdos (pgajdos) about 3 years ago (revision 84)

baserev update by copy to link target

Petr Gajdos (pgajdos) committed about 3 years ago (revision 83)

- version update to 2.9.3
 * Enable optimization for large stream input by default on IIS
   [Issue #1299 - @victorhora, @zimmerle]
 * Allow 0 length JSON requests.
   [Issue #1822 - @allanbomsft, @zimmerle, @victorhora, @marcstern]
 * Include unanmed JSON values in unnamed ARGS
   [Issue #1577, #1576 - @marcstern, @victorhora, @zimmerle]
 * Fix buffer size for utf8toUnicode transformation
   [Issue #1208 - @katef, @victorhora]
 * Fix sanitizing JSON request bodies in native audit log format
   [p0pr0ck5, @victorhora]
 * IIS: Update Wix installer to bundle a supported CRS version (3.0)
   [@victorhora, @zimmerle]
 * IIS: Update dependencies for Windows build
   [Issue #1848 - @victorhora, @hsluoyz]
 * IIS: Set SecStreamInBodyInspection by default on IIS builds (#1299)
   [Issue #1299 - @victorhora]
 * IIS: Update modsecurity.conf
   [Issue #788 - @victorhora, @brianclark]
 * Add sanity check for a couple malloc() and make code more resilient
   [Issue #979 - @dogbert2, @victorhora, @zimmerl]
 * Fix NetBSD build by renaming the hmac function to avoid conflicts
   [Issue #1241 - @victorhora, @joerg, @sevan]
 * IIS: Windows build, fix duplicate YAJL dir in script
   [Issue #1612 - @allanbomsft, @victorhora]
 * IIS: Remove body prebuffering due to no locking in modsecProcessRequest
   [Issue #1917 - @allanbomsft, @victorhora]
 * Fix mpm-itk / mod_ruid2 compatibility
   [Issue #712 - @ju5t , @derhansen, @meatlayer, @victorhora]
 * Code cosmetics: checks if actionset is not null before use it

buildservice-autocommit accepted request 777581 from

Factory Maintainer (factory-maintainer) about 4 years ago (revision 82)

baserev update by copy to link target

Petr Gajdos (pgajdos) committed about 4 years ago (revision 81)

- removing %apache_test_* macros, do not test module just by
  loading the module

Petr Gajdos (pgajdos) accepted request 741022 from

Petr Gajdos (pgajdos) over 4 years ago (revision 80)

revert

Petr Gajdos (pgajdos) accepted request 739567 from

Richard Brown (RBrownSUSE) over 4 years ago (revision 79)

Remove obsolete Groups tag (fate#326485)

buildservice-autocommit accepted request 561619 from

Kristyna Streitova (kstreitova) over 6 years ago (revision 78)

baserev update by copy to link target

Kristyna Streitova (kstreitova) accepted request 560465 from

Jan Engelhardt (jengelh) over 6 years ago (revision 77)

* (TM) ought not to be used according to openSUSE's license guidelines (when I last looked at it)
* simplify the find line

Petr Gajdos (pgajdos) committed over 6 years ago (revision 76)

- fix build for SLE_11_SP4: BuildRoot and %deffattr have to be
  present

Kristyna Streitova (kstreitova) accepted request 556963 from

Kristyna Streitova (kstreitova) over 6 years ago (revision 75)

- update to 2.9.2
  * release notes
    https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.2
  * refresh apache2-mod_security2-no_rpath.diff
  * remove apache2-mod_security2-lua-5.3.patch that was applied
    upstream
- remove outdated html pages and diagram (they can be accessed
  online at https://github.com/SpiderLabs/ModSecurity/wiki)
  * Reference-Manual.html.bz2
  * ModSecurity-Frequently-Asked-Questions-FAQ.html.bz2
  * modsecurity_diagram_apache_request_cycle.jpg
- don't pack the whole doc directory as it contains also Makefiles
  or doxygen configuration files
- disable mlogc as we don't pack it and it also can't be built for
  curl <=7.34
- add basic and regression test suite (but disabled for now)
  * add apache2-mod_security2_tests_conf.patch for apache2
    configuration file used for tests that was trying to load
    mpm_worker_module (it's static for our apache2 package)
  * add "BuildRequires: perl-libwww-perl" needed for the test suite

buildservice-autocommit accepted request 505810 from

Petr Gajdos (pgajdos) almost 7 years ago (revision 74)

baserev update by copy to link target

Displaying revisions 1 - 20 of 93

Places

Revisions of apache2-mod_security2

Places