Revisions of modsecurity
buildservice-autocommit
accepted
request 1153184
from
Adam Majer (adamm)
(revision 23)
baserev update by copy to link target
Adam Majer (adamm)
accepted
request 1146901
from
Dominique Leuenberger (dimstar)
(revision 22)
- Update to version 3.0.12: + Change REQUEST_FILENAME and REQUEST_BASENAME behavior WAF bypass of the ModSecurity v3 release line for path-based payloads by submitting a specially crafted request URL (CVE-2024-1019). + Enhancements and bug fixes - Set the minimum security protocol version (TLSv1.2) for SecRemoteRules.
buildservice-autocommit
accepted
request 1142603
from
Marcus Rueckert (darix)
(revision 21)
baserev update by copy to link target
Marcus Rueckert (darix)
accepted
request 1142490
from
Dirk Mueller (dirkmueller)
(revision 20)
- update to 3.0.11: * Add WRDE_NOCMD to wordexp call * Fix: validateDTD compile fails if when libxml2 not installed * Fix memory leak of validateDTD's dtd object * Fix memory leaks in ValidateSchema * Add support for expirevar action * Fix: lmdb regex match on non-null terminated string * Fix memory leaks in lmdb code (new'd strings) * Configure: add additional name to pcre2 pkg-config list - Additional information on this issue is available at - Fix variable FILES_TMPNAMES
buildservice-autocommit
accepted
request 1109075
from
Adam Majer (adamm)
(revision 19)
baserev update by copy to link target
Adam Majer (adamm)
accepted
request 1108933
from
David Anes (david.anes)
(revision 18)
- Update to version 3.0.10: * Security impacting issue (fix bsc#1213702, CVE-2023-38285) - Fix: worst-case time in implementation of four transformations - Additional information on this issue is available at https://www.trustwave.com/resources/blogs/spiderlabs-blog/modsecurity-v3-dos-vulnerability-in-four-transformations-cve-2023-38285/ * Enhancements and bug fixes - Add TX synonym for MSC_PCRE_LIMITS_EXCEEDED - Make MULTIPART_PART_HEADERS accessible to lua - Fix: Lua scripts cannot read whole collection at once - Fix: quoted Include config with wildcard - Support isolated PCRE match limits - Fix: meta actions not applied if multiMatch in first rule of chain - Fix: audit log may omit tags when multiMatch - Exclude CRLF from MULTIPART_PART_HEADER value - Configure: use AS_ECHO_N instead echo -n - Adjust position of memset from 2890
buildservice-autocommit
accepted
request 1087408
from
Adam Majer (adamm)
(revision 17)
baserev update by copy to link target
Adam Majer (adamm)
accepted
request 1085687
from
Danilo Spinella (dspinella)
(revision 16)
- Update to version 3.0.9: * Add some member variable inits in Transaction class (possible segfault) * Fix: possible segfault on reload if duplicate ip+CIDR in ip match list * Resolve memory leak on reload (bison-generated variable) * Support equals sign in XPath expressions * Encode two special chars in error.log output * Add JIT support for PCRE2 * Support comments in ipMatchFromFile file via '#' token * Use name package name libmaxminddb with pkg-config * Fix: FILES_TMP_CONTENT collection key should use part name * Use AS_HELP_STRING instead of obsolete AC_HELP_STRING macro * During configure, do not check for pcre if pcre2 specified * Use pkg-config to find libxml2 first * Fix two rule-reload memory leak issues * Correct whitespace handling for Include directive - Fix CVE-2023-28882, a segfault and a resultant crash of a worker process in some configurations with certain inputs, bsc#1210993
buildservice-autocommit
accepted
request 1057876
from
Factory Maintainer (factory-maintainer)
(revision 15)
baserev update by copy to link target
Marcus Rueckert (darix)
accepted
request 1043345
from
Michael Ströder (stroeder)
(revision 14)
Update to version 3.0.8 (rebased)
buildservice-autocommit
accepted
request 1042903
from
Dominique Leuenberger (dimstar_suse)
(revision 13)
baserev update by copy to link target
Dominique Leuenberger (dimstar_suse)
accepted
request 995036
from
Georg Pfuetzenreuter (crameleon)
(revision 12)
Update to ModSecurity version 3.0.7
buildservice-autocommit
accepted
request 980136
from
Factory Maintainer (factory-maintainer)
(revision 11)
baserev update by copy to link target
Marcus Rueckert (darix)
accepted
request 957583
from
Ferdinand Thiessen (susnux)
(revision 10)
- Update to version 3.0.6 CVE-2021-42717 CVE-2020-15598
buildservice-autocommit
accepted
request 823577
from
Michał Rostecki (mrostecki)
(revision 9)
baserev update by copy to link target
Michał Rostecki (mrostecki)
accepted
request 823576
from
Michał Rostecki (mrostecki)
(revision 8)
add baselibs.conf to sources
Michał Rostecki (mrostecki)
accepted
request 822219
from
Dirk Mueller (dirkmueller)
(revision 7)
- add baselibs, fix packaging (install into %_libdir) - update to 3.0.4: - Fix: audit log data omitted when nolog,auditlog - Fix: ModSecurity 3.x inspectFile operator does not pass - XML: Remove error messages from stderr - Filter comment or blank line for pmFromFile operator - Additional adjustment to Cookie header parsing - Restore chained rule part H logging to be more like 2.9 behaviour - Small fixes in log messages to help debugging the file upload - Fix Cookie header parsing issues - Fix rules with nolog are logging to part H - Fix argument key-value pair parsing cases - Fix: audit log part for response body for JSON format to be E - Make sure m_rulesMessages is filled after successfull match - Fix @pm lookup for possible matches on offset zero. - Regex lookup on the key name instead of COLLECTION:key - Missing throw in Operator::instantiate - Making block action execution dependent of the SecEngine status - Making block action execution dependent of the SecEngine status - Having body limits to respect the rule engine state - Fix SecRuleUpdateTargetById does not match regular expressions - Adds missing check for runtime ctl:ruleRemoveByTag - Adds a new operator verifySVNR that checks for Austrian social security numbers. - Fix variables output in debug logs - Correct typo validade in log output - fix/minor: Error encoding hexa decimal. - Limit more log variables to 200 characters. - parser: fix parsed file names - Allow empty anchored variable
buildservice-autocommit
accepted
request 623120
from
Michał Rostecki (mrostecki)
(revision 6)
baserev update by copy to link target
Michał Rostecki (mrostecki)
accepted
request 622797
from
Jan Engelhardt (jengelh)
(revision 5)
- Remove rhetoric part from descriptions.
Dominique Leuenberger (dimstar_suse)
accepted
request 621691
from
Michał Rostecki (mrostecki)
(revision 4)
initialized devel package after accepting 621691
Displaying revisions 1 - 20 of 23