Changes - j0ke.net Open Build Service

Difference Between Revision 40 and internetx:managed:testing / mod_security

[-] [+]	Changed	mod_security-ix.changes
@@ -1,56 +1,4 @@ ------------------------------------------------------------------- -Wed Jan 11 06:34:21 UTC 2023 - Carsten Schoene <carsten.schoene@internetx.com> - -- Update to release 2.9.7 - -------------------------------------------------------------------- -Thu Mar 17 10:30:16 UTC 2022 - Local OBS User <cs@linux-administrator.com> - -- Update to release 2.9.5 - -------------------------------------------------------------------- -Mon Aug 23 11:39:54 UTC 2021 - Local OBS User <cs@linux-administrator.com> - -- Update to release 2.9.4 - -------------------------------------------------------------------- -Wed Feb 5 09:52:49 UTC 2020 - Local OBS User <cs@linux-administrator.com> - -- Update to release 2.9.3 - -------------------------------------------------------------------- -Wed May 16 06:44:59 UTC 2018 - cs@linux-administrator.com - -- Update to release 2.9.2 - -------------------------------------------------------------------- -Thu Apr 9 09:26:32 UTC 2015 - cs@linux-administrator.com - -- Update to relesae 2.9.0 -- set PERL ENV var to /usr/bin/perl -- drop mlogc-disable-force-sslv3.patch (TLSv1 is default now) - -------------------------------------------------------------------- -Fri Aug 8 17:29:19 UTC 2014 - cs@linux-administrator.com - -- Update to release 2.8.0 - -------------------------------------------------------------------- -Sun Jan 5 16:20:52 UTC 2014 - cs@linux-administrator.com - -- enable --enable-htaccess-config - -------------------------------------------------------------------- -Thu Dec 19 23:23:46 UTC 2013 - cs@linux-administrator.com - -- Update to release 2.7.7 - -------------------------------------------------------------------- -Tue Jul 30 17:01:30 UTC 2013 - cs@linux-administrator.com - -- Update to release 2.7.5 - -------------------------------------------------------------------- Thu Jul 11 19:33:18 UTC 2013 - cs@linux-administrator.com - build against asl-libxml2 for EL5 based systems x 1 @@ -1,56 +1,4 @@ 2 ------------------------------------------------------------------- 3 -Wed Jan 11 06:34:21 UTC 2023 - Carsten Schoene <carsten.schoene@internetx.com> 4 - 5 -- Update to release 2.9.7 6 - 7 -------------------------------------------------------------------- 8 -Thu Mar 17 10:30:16 UTC 2022 - Local OBS User <cs@linux-administrator.com> 9 - 10 -- Update to release 2.9.5 11 - 12 -------------------------------------------------------------------- 13 -Mon Aug 23 11:39:54 UTC 2021 - Local OBS User <cs@linux-administrator.com> 14 - 15 -- Update to release 2.9.4 16 - 17 -------------------------------------------------------------------- 18 -Wed Feb 5 09:52:49 UTC 2020 - Local OBS User <cs@linux-administrator.com> 19 - 20 -- Update to release 2.9.3 21 - 22 -------------------------------------------------------------------- 23 -Wed May 16 06:44:59 UTC 2018 - cs@linux-administrator.com 24 - 25 -- Update to release 2.9.2 26 - 27 -------------------------------------------------------------------- 28 -Thu Apr 9 09:26:32 UTC 2015 - cs@linux-administrator.com 29 - 30 -- Update to relesae 2.9.0 31 -- set PERL ENV var to /usr/bin/perl 32 -- drop mlogc-disable-force-sslv3.patch (TLSv1 is default now) 33 - 34 -------------------------------------------------------------------- 35 -Fri Aug 8 17:29:19 UTC 2014 - cs@linux-administrator.com 36 - 37 -- Update to release 2.8.0 38 - 39 -------------------------------------------------------------------- 40 -Sun Jan 5 16:20:52 UTC 2014 - cs@linux-administrator.com 41 - 42 -- enable --enable-htaccess-config 43 - 44 -------------------------------------------------------------------- 45 -Thu Dec 19 23:23:46 UTC 2013 - cs@linux-administrator.com 46 - 47 -- Update to release 2.7.7 48 - 49 -------------------------------------------------------------------- 50 -Tue Jul 30 17:01:30 UTC 2013 - cs@linux-administrator.com 51 - 52 -- Update to release 2.7.5 53 - 54 -------------------------------------------------------------------- 55 Thu Jul 11 19:33:18 UTC 2013 - cs@linux-administrator.com 56 57 - build against asl-libxml2 for EL5 based systems 58
[-] [+]	Changed	mod_security-ix.spec ^
@@ -1,36 +1,31 @@ %define aslxml 1 -%define pkgname modsecurity- + Summary: Security module for the Apache HTTP Server Name: mod_security %if 0%{?centos_version} >= 6 \|\| 0%{?rhel_version} >= 600 \|\| 0%{?sl_version} >= 600 \|\| 0%{?suse_version} >= 1110 \|\| 0%{?sles_version} >= 11 -%define pkgversion 2.9.7 +%define pkgversion 2.7.4 %define oldver 0 %define _aslxml 0 -%define epoch 1 BuildRequires: libxml2-devel %else %if %{aslxml} -%define pkgversion 2.9.7 +%define pkgversion 2.7.4 %define oldver 0 %define _aslxml 1 -%define epoch 1 BuildRequires: asl-libxml2-devel %else %define pkgversion 2.6.8 -%define pkgname modsecurity-apache_ %define oldver 1 %define _aslxml 0 -%define epoch 0 BuildRequires: libxml2-devel %endif %endif Version: %{pkgversion} -Epoch: %{epoch} Release: 35 License: GPLv2 URL: http://www.modsecurity.org/ Group: System Environment/Daemons -Source: http://www.modsecurity.org/download/%{pkgname}%{version}.tar.bz2 +Source: http://www.modsecurity.org/download/modsecurity-apache_%{version}.tar.bz2 %if 0%{?rhel_version} \|\| 0%{?centos_version} \|\| 0%{?sl_version} \|\| 0%{?redhat_version} Source1: 00_mod_security.conf Source2: modsecurity_crs_10_config-default.conf @@ -44,18 +39,14 @@ Source5: modsec-clamscan.pl Source6: modsec-clean_var-asl-data-audit Patch1: waf-label.patch -Patch2: modsecurity-2.9.1_curl-lower_7.34.patch +Patch2: mlogc-disable-force-sslv3.patch Patch50: CVE-2013-2765.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %if 0%{?rhel_version} \|\| 0%{?centos_version} \|\| 0%{?sl_version} \|\| 0%{?redhat_version} Requires: httpd httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && cat %{_includedir}/httpd/.mmn \|\| echo missing) BuildRequires: httpd-devel pkgconfig lua-devel Requires: lua -%if 0%{?rhel} >= 7 -%define apxs %{_bindir}/apxs -%else %define apxs %{_sbindir}/apxs -%endif %define apache_libexecdir %(%{apxs} -q LIBEXECDIR) ##%define apache_sysconfdir %(%{apxs} -q SYSCONFDIR) %define apache_sysconfdir /etc/httpd @@ -82,7 +73,6 @@ BuildRequires: pcre-devel libtool curl-devel BuildRequires: curl -BuildRequires: autoconf automake Requires: libxml2 pcre Provides: ix-mod_security = %{version} @@ -92,9 +82,9 @@ as a powerful umbrella - shielding web applications from attacks. %prep -%setup -n %{pkgname}%{version} +%setup -n modsecurity-apache_%{version} %patch1 -p1 -%patch2 -p0 +%patch2 %if 0%{?oldver} == 1 %patch50 -p1 %endif @@ -102,9 +92,6 @@ %build CFLAGS="%{optflags}" export CFLAGS -export PERL=/usr/bin/perl - -[ ! -f configure ] && ./autogen.sh %configure \ %if 0%{_aslxml} == 1 @@ -112,8 +99,7 @@ %endif --enable-pcre-match-limit=no \ --enable-pcre-match-limit-recursion=no \ - --enable-pcre-study \ - --enable-htaccess-config + --enable-pcre-study make %{_smp_mflags} 102 1 @@ -1,36 +1,31 @@ 2 %define aslxml 1 3 -%define pkgname modsecurity- 4 + 5 Summary: Security module for the Apache HTTP Server 6 Name: mod_security 7 %if 0%{?centos_version} >= 6 \|\| 0%{?rhel_version} >= 600 \|\| 0%{?sl_version} >= 600 \|\| 0%{?suse_version} >= 1110 \|\| 0%{?sles_version} >= 11 8 -%define pkgversion 2.9.7 9 +%define pkgversion 2.7.4 10 %define oldver 0 11 %define _aslxml 0 12 -%define epoch 1 13 BuildRequires: libxml2-devel 14 %else 15 %if %{aslxml} 16 -%define pkgversion 2.9.7 17 +%define pkgversion 2.7.4 18 %define oldver 0 19 %define _aslxml 1 20 -%define epoch 1 21 BuildRequires: asl-libxml2-devel 22 %else 23 %define pkgversion 2.6.8 24 -%define pkgname modsecurity-apache_ 25 %define oldver 1 26 %define _aslxml 0 27 -%define epoch 0 28 BuildRequires: libxml2-devel 29 %endif 30 %endif 31 Version: %{pkgversion} 32 -Epoch: %{epoch} 33 Release: 35 34 License: GPLv2 35 URL: http://www.modsecurity.org/ 36 Group: System Environment/Daemons 37 -Source: http://www.modsecurity.org/download/%{pkgname}%{version}.tar.bz2 38 +Source: http://www.modsecurity.org/download/modsecurity-apache_%{version}.tar.bz2 39 %if 0%{?rhel_version} \|\| 0%{?centos_version} \|\| 0%{?sl_version} \|\| 0%{?redhat_version} 40 Source1: 00_mod_security.conf 41 Source2: modsecurity_crs_10_config-default.conf 42 @@ -44,18 +39,14 @@ 43 Source5: modsec-clamscan.pl 44 Source6: modsec-clean_var-asl-data-audit 45 Patch1: waf-label.patch 46 -Patch2: modsecurity-2.9.1_curl-lower_7.34.patch 47 +Patch2: mlogc-disable-force-sslv3.patch 48 Patch50: CVE-2013-2765.patch 49 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) 50 %if 0%{?rhel_version} \|\| 0%{?centos_version} \|\| 0%{?sl_version} \|\| 0%{?redhat_version} 51 Requires: httpd httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && cat %{_includedir}/httpd/.mmn \|\| echo missing) 52 BuildRequires: httpd-devel pkgconfig lua-devel 53 Requires: lua 54 -%if 0%{?rhel} >= 7 55 -%define apxs %{_bindir}/apxs 56 -%else 57 %define apxs %{_sbindir}/apxs 58 -%endif 59 %define apache_libexecdir %(%{apxs} -q LIBEXECDIR) 60 ##%define apache_sysconfdir %(%{apxs} -q SYSCONFDIR) 61 %define apache_sysconfdir /etc/httpd 62 @@ -82,7 +73,6 @@ 63 BuildRequires: pcre-devel libtool curl-devel 64 BuildRequires: curl 65 66 -BuildRequires: autoconf automake 67 Requires: libxml2 pcre 68 Provides: ix-mod_security = %{version} 69 70 @@ -92,9 +82,9 @@ 71 as a powerful umbrella - shielding web applications from attacks. 72 73 %prep 74 -%setup -n %{pkgname}%{version} 75 +%setup -n modsecurity-apache_%{version} 76 %patch1 -p1 77 -%patch2 -p0 78 +%patch2 79 %if 0%{?oldver} == 1 80 %patch50 -p1 81 %endif 82 @@ -102,9 +92,6 @@ 83 %build 84 CFLAGS="%{optflags}" 85 export CFLAGS 86 -export PERL=/usr/bin/perl 87 - 88 -[ ! -f configure ] && ./autogen.sh 89 90 %configure \ 91 %if 0%{_aslxml} == 1 92 @@ -112,8 +99,7 @@ 93 %endif 94 --enable-pcre-match-limit=no \ 95 --enable-pcre-match-limit-recursion=no \ 96 - --enable-pcre-study \ 97 - --enable-htaccess-config 98 + --enable-pcre-study 99 100 make %{_smp_mflags} 101 102
[-] [+]	Deleted	modsecurity-2.9.1_curl-lower_7.34.patch ^
@@ -1,60 +0,0 @@ ---- mlogc/mlogc.c.orig 2016-06-02 09:15:03.283648355 +0200 -+++ mlogc/mlogc.c 2016-06-02 10:59:44.378377602 +0200 -@@ -1270,33 +1270,36 @@ - } - - -- /* Seems like CURL_SSLVERSION_TLSv1_2 is not supported on libcurl -- * < v7.34.0 -- * -- * version_num is a 24 bit number created like this: -- * <8 bits major number> \| <8 bits minor number> \| <8 bits patch number>. -- / -- switch (tlsprotocol) { -- case 0: -- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0); -- break; -- case 1: -- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1); -- break; -- case 2: -- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); -- break; -- default: -- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); -- break; -- } - cmaj = curlversion->version_num >> 16; - cmin = (curlversion->version_num & 0x00ff00) >> 8; - cpat = (curlversion->version_num & 0x0000ff); - / If cURL version < v7.34.0, use TLS v1.x / - if (cmaj <= 7 && cmin < 34) { - curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1); -- } -+#ifdef CURL_SSLVERSION_TLSv1_0 -+ } else { -+ / Seems like CURL_SSLVERSION_TLSv1_2 is not supported on libcurl -+ * < v7.34.0 -+ * -+ * version_num is a 24 bit number created like this: -+ * <8 bits major number> \| <8 bits minor number> \| <8 bits patch number>. -+ */ -+ switch (tlsprotocol) { -+ case 0: -+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0); -+ break; -+ case 1: -+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1); -+ break; -+ case 2: -+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); -+ break; -+ default: -+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); -+ break; -+ } -+#endif -+ } - - curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 15); - curl_easy_setopt(curl, CURLOPT_NOSIGNAL, TRUE);
[-] [+]	Changed	modsec-clamscan.pl ^
@@ -27,7 +27,7 @@ my ($FILE) = @ARGV; -$cmd = "$CLAMSCAN --stdout --no-summary $FILE"; +$cmd = "$CLAMSCAN --stdout --disable-summary $FILE"; $input = `$cmd`; $input =~ m/^(.+)/; $error_message = $1;
	Deleted	modsecurity-2.8.0.tar.bz2 ^
	Deleted	modsecurity-2.9.0.tar.bz2 ^
	Deleted	modsecurity-2.9.2.tar.bz2 ^
	Deleted	modsecurity-2.9.3.tar.bz2 ^
	Deleted	modsecurity-2.9.4.tar.bz2 ^
	Deleted	modsecurity-2.9.5.tar.bz2 ^
	Deleted	modsecurity-2.9.7.tar.bz2 ^
	Deleted	modsecurity-apache_2.7.5.tar.bz2 ^
	Deleted	modsecurity-apache_2.7.7.tar.bz2 ^