From ca6551fe3a272b9838dc1707ffd1e3c0f206b8adeaf2199c954f437e3aed6c10 Mon Sep 17 00:00:00 2001 From: Danilo Spinella Date: Mon, 17 Jul 2023 08:33:54 +0000 Subject: [PATCH 1/4] Accepting request 1098838 from home:dirkmueller:Factory - update to 2.9.7: * Fix: FILES_TMP_CONTENT may sometimes lack complete content * Support configurable limit on number of arguments processed * Silence compiler warning about discarded const * Support for JIT option for PCRE2 * Use uid for user if apr_uid_name_get() fails * Fix: handle error with SecConnReadStateLimit configuration * Only check for pcre2 install if required * Adjustment of previous fix for log messages * Mark apache error log messages as from mod_security2 * Use pkg-config to find libxml2 first * Support for PCRE2 in mlogc * Support for PCRE2 * Adjust parser activation rules in modsecurity.conf- recommended * Multipart parsing fixes and new MULTIPART_PART_HEADERS collection * Limit rsub null termination to where necessary * IIS: Update dependencies for next planned release * XML parser cleanup: NULL duplicate pointer * Properly cleanup XML parser contexts upon completion * Fix memory leak in streams * Fix: negative usec on log line when data type long is 32b * mlogc log-line parsing fails due to enhanced timestamp * Allow no-key, single-value JSON body * Set SecStatusEngine Off in modsecurity.conf-recommended * Fix memory leak that occurs on JSON parsing error * Multipart names/filenames may include single quote if double- quote enclosed * Add SecRequestBodyJsonDepthLimit to modsecurity.conf- OBS-URL: https://build.opensuse.org/request/show/1098838 OBS-URL: https://build.opensuse.org/package/show/Apache:Modules/apache2-mod_security2?expand=0&rev=87 --- ...sp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz | 4 +- apache2-mod_security2.changes | 37 +++++++++++++++++++ apache2-mod_security2.spec | 12 +++--- modsecurity-2.9.4.tar.gz | 3 -- modsecurity-2.9.7.tar.gz | 3 ++ 5 files changed, 47 insertions(+), 12 deletions(-) delete mode 100644 modsecurity-2.9.4.tar.gz create mode 100644 modsecurity-2.9.7.tar.gz diff --git a/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz b/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz index 78f0869..f6fa190 100644 --- a/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz +++ b/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:bae3ef19925168a3b8ef9663bc9ed677cc6ca2fdbdbdd6111653c1b2991e24e3 -size 280011 +oid sha256:637b53696e96f3855f8d4bc678dd67dc8a4ba1ce7da418dafc74524cbf36c92a +size 291337 diff --git a/apache2-mod_security2.changes b/apache2-mod_security2.changes index 33fce3c..c7ca08f 100644 --- a/apache2-mod_security2.changes +++ b/apache2-mod_security2.changes @@ -1,3 +1,40 @@ +------------------------------------------------------------------- +Sat Jul 15 17:09:55 UTC 2023 - Dirk Müller + +- update to 2.9.7: + * Fix: FILES_TMP_CONTENT may sometimes lack complete content + * Support configurable limit on number of arguments processed + * Silence compiler warning about discarded const + * Support for JIT option for PCRE2 + * Use uid for user if apr_uid_name_get() fails + * Fix: handle error with SecConnReadStateLimit configuration + * Only check for pcre2 install if required + * Adjustment of previous fix for log messages + * Mark apache error log messages as from mod_security2 + * Use pkg-config to find libxml2 first + * Support for PCRE2 in mlogc + * Support for PCRE2 + * Adjust parser activation rules in modsecurity.conf- + recommended + * Multipart parsing fixes and new MULTIPART_PART_HEADERS + collection + * Limit rsub null termination to where necessary + * IIS: Update dependencies for next planned release + * XML parser cleanup: NULL duplicate pointer + * Properly cleanup XML parser contexts upon completion + * Fix memory leak in streams + * Fix: negative usec on log line when data type long is 32b + * mlogc log-line parsing fails due to enhanced timestamp + * Allow no-key, single-value JSON body + * Set SecStatusEngine Off in modsecurity.conf-recommended + * Fix memory leak that occurs on JSON parsing error + * Multipart names/filenames may include single quote if double- + quote enclosed + * Add SecRequestBodyJsonDepthLimit to modsecurity.conf- + recommended + * IIS: Update dependencies for Windows build as of v2.9.5 + * Support configurable limit on depth of JSON parsing + ------------------------------------------------------------------- Mon Jul 19 09:37:45 UTC 2021 - Danilo Spinella diff --git a/apache2-mod_security2.spec b/apache2-mod_security2.spec index 4a81f60..be68b80 100644 --- a/apache2-mod_security2.spec +++ b/apache2-mod_security2.spec @@ -1,7 +1,7 @@ # # spec file for package apache2-mod_security2 # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ %define tarballname modsecurity-%{version} %define usrsharedir %{_datadir}/%{name} Name: apache2-mod_security2 -Version: 2.9.4 +Version: 2.9.7 Release: 0 Summary: Web Application Firewall for apache httpd License: Apache-2.0 @@ -96,13 +96,11 @@ rm -rf %{buildroot}/%{usrsharedir}/rules/util rm -rf %{buildroot}/%{usrsharedir}/rules/lua rm -f %{buildroot}/%{usrsharedir}/rules/READM* rm -f %{buildroot}/%{usrsharedir}/rules/INSTALL %{buildroot}/%{usrsharedir}/rules/CHANGELOG -mv %{buildroot}/%{usrsharedir}/rules/modsecurity_crs_10_setup.conf.example \ - %{buildroot}/%{usrsharedir}/rules/modsecurity_crs_10_setup.conf # Temporarily disable test suite as there are some failures that need to be solved -#%check -#make test -#make test-regression +%check +make test +# make test-regression %files %{apache_libexecdir}/%{modname}.so diff --git a/modsecurity-2.9.4.tar.gz b/modsecurity-2.9.4.tar.gz deleted file mode 100644 index 1ada6e0..0000000 --- a/modsecurity-2.9.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:970e1801907d181e94faec74d595868a3b4abeb07b790b0f30aea3a5d0e05929 -size 4319796 diff --git a/modsecurity-2.9.7.tar.gz b/modsecurity-2.9.7.tar.gz new file mode 100644 index 0000000..155fd62 --- /dev/null +++ b/modsecurity-2.9.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2a28fcfccfef21581486f98d8d5fe0397499749b8380f60ec7bb1c08478e1839 +size 4320766 From b365d4d2031b29a05eb07226275d3619b47e712abd114acf632d4c28661aef17 Mon Sep 17 00:00:00 2001 From: Danilo Spinella Date: Tue, 1 Aug 2023 09:14:57 +0000 Subject: [PATCH 2/4] Accepting request 1099113 from home:dirkmueller:Factory - reenable tests - switch to SpiderLabs owasp 3.2.0 release (final release, upstream archived the project, please switch to coreruleset instead): * Various security fixes, see * https://raw.githubusercontent.com/SpiderLabs/owasp-modsecurity-crs/v3.2.0/CHANGES - introduce supply chain security by adding gpg signature and keyring OBS-URL: https://build.opensuse.org/request/show/1099113 OBS-URL: https://build.opensuse.org/package/show/Apache:Modules/apache2-mod_security2?expand=0&rev=88 --- ...sp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz | 3 - apache2-mod_security2.changes | 6 + apache2-mod_security2.keyring | 104 ++++++++++++++++++ apache2-mod_security2.spec | 8 +- modsecurity-2.9.7.tar.gz.asc | 16 +++ v3.2.0.tar.gz | 3 + 6 files changed, 134 insertions(+), 6 deletions(-) delete mode 100644 SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz create mode 100644 apache2-mod_security2.keyring create mode 100644 modsecurity-2.9.7.tar.gz.asc create mode 100644 v3.2.0.tar.gz diff --git a/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz b/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz deleted file mode 100644 index f6fa190..0000000 --- a/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:637b53696e96f3855f8d4bc678dd67dc8a4ba1ce7da418dafc74524cbf36c92a -size 291337 diff --git a/apache2-mod_security2.changes b/apache2-mod_security2.changes index c7ca08f..1bc9b9d 100644 --- a/apache2-mod_security2.changes +++ b/apache2-mod_security2.changes @@ -34,6 +34,12 @@ Sat Jul 15 17:09:55 UTC 2023 - Dirk Müller recommended * IIS: Update dependencies for Windows build as of v2.9.5 * Support configurable limit on depth of JSON parsing +- reenable tests +- switch to SpiderLabs owasp 3.2.0 release (final release, upstream + archived the project, please switch to coreruleset instead): + * Various security fixes, see + * https://raw.githubusercontent.com/SpiderLabs/owasp-modsecurity-crs/v3.2.0/CHANGES +- introduce supply chain security by adding gpg signature and keyring ------------------------------------------------------------------- Mon Jul 19 09:37:45 UTC 2021 - Danilo Spinella diff --git a/apache2-mod_security2.keyring b/apache2-mod_security2.keyring new file mode 100644 index 0000000..c05b5c5 --- /dev/null +++ b/apache2-mod_security2.keyring @@ -0,0 +1,104 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF2scPUBEADzKAm5+CJ4TC9OGdh/koPHvGkl1h5cHXHCcyn3GAkD6lz9TJs1 +gAJxKuljq1Ux9CGgf+2OUuhPopC7W9gPg+MuyD4AJr3g9b4IBYwnY9yo5Z337j1m ++yp3SRr6bXW0lutboTAMLBXC7WYdb0k/dJZuqsWe34Y+V6EQLIrZQv1ojclZa+I9 +7AmB8bJO8cwq+QRXQYCu8gE7WD54Khv660uHvZtGXId9AOGpE3fjEGIz7r0BW95u +pGXveFDq+3xdBuahqIsvkr7FacXOwf7fJmkBra2IWuWgCdg4CADTdUpYgL+0ugm5 +B8qhzVBdhnnN1sUaLTB0nny6gwaWWvDvzNqant/VT5qckzRA+e2TK2C/t1znuqBn +DwyNwElXas/y+9cD0AEf//xg1y5BKd2akSwNOlhBqZOzotW0ITWI2Rx4yB9PujLD +jgW9Jy9aAHAnAGk2Qtb+MNU2VBqDzXc2npxqLju2b0lp57PeVte1bhK6ZAdpotfX +rAzYMtrgDsmx/9FJbFMJIKaHJC0PSx2UF4qLTaiL66QHXJ9900HqUGzDpElrf4ZZ +5wXyIk0wwDsnzKcJbRqaT9Or14oQYjbiUua12lN6ID9SW1QgacHwjpm8RCSYcFWh +eQblcH7FGueB0FVvN/wdzLOFRkMIgmuuiBW7inz1+jRu0TTzWMr2gqKBJQARAQAB +tC5PV0FTUCBDb3JlIFJ1bGUgU2V0IDxzZWN1cml0eUBjb3JlcnVsZXNldC5vcmc+ +iQJOBBMBCAA4FiEENgBvDguhZ4MhWIIROO6soauKbnIFAl2scPUCGwMFCwkIBwIG +FQoJCAsCBBYCAwECHgECF4AACgkQOO6soauKbnIeOg//SVOZaRwP/ZFFILJXQMd5 +H97d+6LWZc9O1aRhNWfVwee0jmCNOc8E3eooAkiDpHZb/w9kKKfXf4MPOtN6u+yY +5I0OvEsE1torm6PmlTrrM5To8hao0jV/jEmVMM7cNSz18GBp2fjDvXrp/CIR3Jjz +VT3TyFavAfpq9WIThtOM1QB0qt+eRVvP2bYEJHnnchMOS+H2ITr8PTfdF8INNxY5 +ggjdYOS3b20EHOF9CZ4UYFsdsP4C32tTOF75nJVIWAXxgm8M/xKm9DkrpHmROoUH +yPUljA9yZNjtNHkSce1nczj2C5M5CuJuKthsxitE6QZ4AMaLu0GOJfVRw8aRF1Yc +1d9O2Ww2kpBWf5QVo65Qi0puwwUknW8sq3hnfu92se9l+MCaAynvLqDlEQp0gKg8 +ZDrXbpBJa7O948uIjwYDp1N2dKSZeZb5bFP/0Bl3PFLANhGJ2NqEkkOnOTgouI5X +2dNSCgr/YFsPHOGGXwPkleL43JO6I+jN3XJcX4b2TgsW/NpSgR74CGENUcLRSO0z +XSs4ffq2spmEX5j0+o/Yw5slXuu8y+X8cc78QQ2QQYcu5WqXg6ij7/41OtY/e4uC +3Ap1SsjR/GIjhP5uryTkYfugmDn2gsjg7sqqpgBXVuvBL8j094VXj8QGKFLnlu0e +s8ZNAFTIWyjznC7OQX5Xtkm5Ag0EXaxw9QEQAMkyF4/mewIA6Rx/zuPT8v/Euk/q +Hqpr9iKvIIho8e53SfqVSJWTLNvTaIROROaSz/B2RyIgvICCaqFJWKqW80sSCAk0 +uc1OsP5Lt1RrmtM9AgH5L/ZTnZUnFMGz/ba+i8dWF2tKBL4l1I6fNUBP+PtSESgm +/T+Dv32+s8QI/c0J9XwOwF/ZzBfeFj0zv8Sdx3W0S6M7dmGK1LX4r4w2zFRGt5MD +5QgjmlbDzMsCe4flzs2QWIyaSqJWTZPxWG57bc0kNWSC2Hv5UFrnKuElyav+aFkc +/HkN+sPf0y4ahF8xmVkWYumoN4iKKsnGIAtuLrLDL6IKlfjq06DKeOVpXCKBS6vF +w4AcIaoW+aVUGRmIxIHf2Mb9tKShcy4i0yZVpdeJQxFUHBDYaE8a6GpKPzT17LYv +03K5g2w2+hsUi07H8PRMsckr4UvD2pTvRcP0e9K7/qVF0i440CgpX5f+yHefCv2P +nP3apiCS7qK4m02NUU14//tkJLeGLhxUJ9WhxzFUYWs233jjN+5wJsOHyIzqs1kc +jCN1Qx+91hklTWRmmCgO6gk6eIlpKTALFrTlF0A5eMSIb/Zw40aw2mZ7ku3Y3xAf +4yAK210ILFYrGErbr47ArLDfeMKcAu83uIHyc1IacR/8UaqM0GLAq8H8n//lB2Xz +urz9ZsGF8uB3gODtABEBAAGJAjYEGAEIACAWIQQ2AG8OC6FngyFYghE47qyhq4pu +cgUCXaxw9QIbDAAKCRA47qyhq4puciTyD/9dLUF2rAHzBqQr8S7MWbo7SYU+vHkZ +UF1JNYP+YDo7C0ZJ4ANyfh9GOBly2ZSDYTigLel1GKGO5sf2U7N4dQmy9xTCDRM8 +slqnbt6jfvtRBgJB9mg6UTq/o4vUClyXX4iqAInGMFPxIpuSrOKkZ640c9WW2pcM +U8KoGgDu1vCZxZ6160EQzpQubxCHyQhzRnl9Y/AYy/BbjY1IOf4n/u3hwHXD4piP +dQFJDcqEoob5TvxqolNlw9BfpZpFwsCk2MFrxKuwBP57iuy+/gPJoUrWArgJyvvZ +q0u1r+Q/T5XregBf2RJ/sQc1wF3f28KUBHZlnEsLHF6k/wrWq6xaGxvwWzdXOPYn +O/GoEG8Z26+6wNG3NYGFlToupjd4PQ6uQGSVyZf2ud/6ewW6gQuryMKanxqJ5zqR +KN/ah7Kzr4faQnM3Sk0WDzzQlKkmvAZ1PedTNIDL4OLfbt5h6DBuH7pP6nqSMS+4 +AXpW/RIpjHZy6kBBc/wjm1x5cvQfuY/asHwk9OeSRBVuuO7wS63OCxX+x0jzHxj8 +TyO7DXXuD1K+UnI+IN8Ge/84kiKk1AueNbeYmXyHBcl3kWz4g7OEiDb5P12YGMrV +1EDhTZ9V87jkn4QoJmsN6t4EV2IQvQuLlpbzp0c+gnxktQAWfYEWw9BWw9/6IWq5 +XdQEIOeqEZLTZQ== +=F7wV +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGGL8ngBEACsyb//l5LzsYFKmwPrFNyVmWWXKtuj7rGiz7NYDDCcRn+d6Df+ +augCPmvIWLC9NZE6tOFn6NYMMs4GdhcJ3vHddMAaVkkBUpw9lSGYolitlV0k1FI2 +jjHC4e3sETqP4ara1hF9UrAh+NGjW5Nc6gjDWMqCfUmXBgqvpIH5E4M/BkhkuRAj +n7tTCW+JWDTVx4vwK3Zdb2zPPLx9Trmdh33upCKRKUMwRyF3EarEUtHh82j99cyD +sbjkexmpenTsHAJqHEafBRPpNduRtaUOT3HsmZ4nDctMWWoxGoixRaALfLQTvIl6 +gJzTlaoQw5UC7iksEGGmX53w5gqmdR0cpMBiIGEiTCJY38lochf16XtNz006aQYz +gO7L5QxwdDXMlhrcfXKYAjI/NX9SmYr+vBSjmpyA9T3U2kds0NI0L1RLsVGAGH6M +Kx/Wef8iOMn22meM7UFwKh6WKms9V4hseYwJnVw0L5wBS3rvh6mPOQTytYzxneNt +9EGh8wIgiWMhCncOGvHOMfd2tt1CDm9cEmsgzWYfN0yNTopcMDS3z2XjD6tot4bg +9Wwn6Mxt4+OeFiLCpRIfXmnjSsqLEBr6//OKSZW09LZXXEvQIO5IDV46RiQoe7Aj +jqbbgaSUNUjphqcAc5ruLhlkwCgzQUT3oZanXmCwO21BgFr4DZl4Sy1mnQARAQAB +tDpNYXJ0aW4gVmllcnVsYSAoR2l0SHViIGtleSkgPE1hcnRpbi5WaWVydWxhQHRy +dXN0d2F2ZS5jb20+iQJOBBMBCgA4FiEE8SZpLpuoazlY5z7S8vxORYg7y6QFAmGL +8ngCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ8vxORYg7y6Rnyw/+Iq7N +NYDP0Rf/v3N/EMXHmBSnLdlZlEASJpJn6pGvGFTzmCqf1BvraXWjbMFFvF1OC3SS +HawBHzwGseQgEt4vk43cXxp2/neTmJWGORHVODLUZm6o6M/A8aMScCjw+cpt5W5s +Za2cnT/+DZVGQTY33JAuTxeGLZ6c2B4UWH6nRj+DIjBfWzULj+edJ9oTgJRuHgbj +3/SFz4lpUmrzpwo57W8Y+oqzUeDfyw+tm/Vk5XQOTkJqRcG1SmWp1IA40ygg0VDK +TGKE40/6H9LDoR2FA5ArMjkixafLhoVlw84dirz9VXaTTWBcxgT3Rl1WnLtYhUnk +aRd23OkHmLkT+mj/xCnKEqXVMI3Bsma7kd3+oFQHTkY5xpPQ576IcQg6xzGelLJd +tMiWZwj6rtW16UwLruaLaGkMfVNqo0vGgYKjY92IP2Oj8O0Y+zG6CZzd/2xh5i6f +fslaHDl+nfUjsXTn+zgKdoRlLnwT6FVNrHswNKcDuNnIo8rqCjaUOlY26H7kDR/3 +nw0QOE1O8r3+HrCu0Nnszsw0OfPcBuzhOFrFGvaipTR5GVso0VwM1LaDcnveeIlu +BeBIV8hWlfZuf1HQTjFRzTKmbGGJ0pqMwu9rc3u2zX6afC9T9hJOvc+js3PcjpPh +vqQ8ZnQQtMVD9ru1IAfthLIJLaxwssSfh36xBra5Ag0EYYvyeAEQAOTk9zr//CmW +sWdvjNfp5Nh89bymBOqtusDgNh2EHLHXT2pCnQ9YQ7Kf/RGHPuapkaKiXvTy1h0w +ewfL5eSBsx762TJpPbmR9zDu9UDpdxxR6jcgU7ZXYgBcz1uQvHmvGRoAa6rcv757 +5UmROsQz9QNNS4mYnCdeVQuIaGa0uCJgXDI+EQNUKRrAlBhgaDOUpuvqnxDz7A65 +W4u7OchU+GtHqnzgopDQtjGTwCE+F1lutwABc+xrWkvl9ph7zp6VWze62AErWsc0 +bLsCnzVm3+pu1IQO76poqjapfEL13OpZGZfmxzJTc+GPfnevAfF72QkDjldF30MV +fBySxnLcupoPhR56t/Ix0/nkziduvflYWqtIq4LyB4KYFFmylkFHQiPWtG5QJAFc +FwZS/CUJREJ2aR/SFSqjAmASqGIRn0idqZxZdZV3Uw4TyyUaLUJyyV7RgQ+/BEt6 +QLu+Oay/si6nT5Rq5KBQT4a6ttJpyr6C/kdqXCPifPItTFu6HTqyLe+NCENzXr6e +syjxllYJJKI/tVAk+ItQrQ+6370QFOmJnm3jNqS5ylFDUQH+M/ypop6ssajTjaKY +o7FRIN2grfRaKXSrFMCmmgRpXcXZs1kA8C910BeI9z96+RtOl3jp9OEiibZtSDCt +murdZN1kn5eZrq1uJSakNnUg27SFR72LABEBAAGJAjYEGAEKACAWIQTxJmkum6hr +OVjnPtLy/E5FiDvLpAUCYYvyeAIbDAAKCRDy/E5FiDvLpLJuD/9LnDYu1Qjsg9zZ +Q2N4u2gcEfEBn7Gl3J0FkN12mRy8eaVEHuTxcFEsKZVllLBc0yHaM5wBwtln0CpA +oHLQfIKDXP6mPKEU+9/z0oiWP7LiPO5jqKam26GVGIfucx4Yw92eJFpgB3lQzQZN +rStcenUKRmjXdUplalXSXxwqIGMvAJrQyQ7MKTUHKBV/sh1+Mrh9KN1+WRetbOY4 +2k/8Gm42uvmc+u8y2+rzSnoZf3xdVPIbq94rm+IC+jvzMqfL7QPEyT7gsAgGCjlL +CfV1PKj2YRv8IQzQgbRm3Vu++PvIalKQFa2Szc0dz6fgG2AedhYvqloMcgbXgpkM +RRIa7p/lcAR8SGilkiNafOQZBHWVKhXNa2IewyWa6rao1oPydz/6QwuUM6OI9J5a +iH8sEwExEJ74ZZjJ/g4yRaBx13i3tRxXdSG3d7l1VR4Xe0clLW2mo7YDKO3SZXCV +UAVD5SRh/P/WdPJGlpMifccgNZpCGy4Scr+nYXISvrH3+OZl5s/HsxD1eZPEYuvi +QDAljPNWq4BBqRo/cO5wBtZFS8IovT6YA3n9cGslcnlWmpqKvORQMDK35zs/9/Yg +MsjNbAXtv9AnmVSDcUnN20GFLE6lyrn62f2yi3SN3FPLyZP1CmyMDYMkU6LmcGjy +GcN2K4YXkS3Z1QIoOtUvc7FGIEggAA== +=g03h +-----END PGP PUBLIC KEY BLOCK----- diff --git a/apache2-mod_security2.spec b/apache2-mod_security2.spec index be68b80..4a08b70 100644 --- a/apache2-mod_security2.spec +++ b/apache2-mod_security2.spec @@ -27,10 +27,12 @@ License: Apache-2.0 Group: Productivity/Networking/Web/Servers URL: https://www.modsecurity.org/ Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz -Source1: https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master//SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz +Source1: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz.asc +Source10: https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/refs/tags/v3.2.0.tar.gz Source2: mod_security2.conf Source6: README-SUSE-mod_security2.txt Source7: empty.conf +Source99: apache2-mod_security2.keyring Patch0: apache2-mod_security2-no_rpath.diff Patch1: modsecurity-fixes.patch Patch2: apache2-mod_security2_tests_conf.patch @@ -62,8 +64,8 @@ applications from known and unknown attacks. %prep %setup -q -n %{tarballname} -%setup -q -D -T -a 1 -n %{tarballname} -mv -v SpiderLabs* rules +%setup -q -D -T -a 10 -n %{tarballname} +mv -v owasp-modsecurity-crs-3.2.0 rules %patch0 %patch1 -p1 %patch2 -p1 diff --git a/modsecurity-2.9.7.tar.gz.asc b/modsecurity-2.9.7.tar.gz.asc new file mode 100644 index 0000000..32908ad --- /dev/null +++ b/modsecurity-2.9.7.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEE8SZpLpuoazlY5z7S8vxORYg7y6QFAmO19QwACgkQ8vxORYg7 +y6R5yhAApYMN3e2fJu3kh1QS3w5KaNNE5tc58eWLBju4A+rTAenNdeciXfmzndJa +59cgNC8wZigSVN/PhNMhj/OJta88TFwzTkuc5CmOZ0zEgudXmIHifkUZZ+4UkCto +ihcrfb9I7JjA5WJ0AB6vpC4tZzqiI3i6ZOiftcKDJbhfFjhfuoBFbmwzfV9RSCna +7AKQWBfrHj5yvjKiBLMIyu045HpWOdhPqbZGm99417cejix8roAIszx0eNlb0oyJ +qIJx3RQStcduLHyIcxMRVn0ftElK8theAJOeO15e7efdJIyaR7Qmu875A8aB3yFk +v6ewLRE2uy4NJfS1daBscs3Ua4QSmpUqaSaa6zBu4OO5jAoS/WPuiSjy5ulmeWEU +CbE/APCgq9v1uOLN7TMmkcZAFZXgJ0bVfauSCgB4jokLQsRwFwH7v9I1PZfLKNb6 +RsJ3zN82tNeJ8n7rzXwDk8Qj1PJFTB/5TXIwlzlACh6774I2Q0mvfdXhUuTphcc4 +P8FQR6lW4uePMZAkNS3yrnzL9XT7NduQNuKGvYS16xMnIwH0C/4X6IL9C5YET6I8 +S8OBBLJ0LRw+M6+jb5Ev9bby7NcY3rB2eXcPjKg2XYhicmLbZ0F9SY8vGyJG0RwK +g0z3+d36XnpHQw8247xEBjdtmKWgNWbpJMZcqVWBwCsAscft3v4= +=ycKi +-----END PGP SIGNATURE----- diff --git a/v3.2.0.tar.gz b/v3.2.0.tar.gz new file mode 100644 index 0000000..bcadaab --- /dev/null +++ b/v3.2.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1e5431d83c24bb745a0d7ae520328a5bcee066e33b0303bd22c864436bdf97a0 +size 282225 From 196d82d91e750788018224c37d7086076bc395d9059a14f37e7d739bf9afe256 Mon Sep 17 00:00:00 2001 From: Danilo Spinella Date: Tue, 1 Aug 2023 09:41:33 +0000 Subject: [PATCH 3/4] Accepting request 1101664 from Apache:Modules revert to 87 OBS-URL: https://build.opensuse.org/request/show/1101664 OBS-URL: https://build.opensuse.org/package/show/Apache:Modules/apache2-mod_security2?expand=0&rev=89 --- ...sp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz | 3 + apache2-mod_security2.changes | 6 - apache2-mod_security2.keyring | 104 ------------------ apache2-mod_security2.spec | 8 +- modsecurity-2.9.7.tar.gz.asc | 16 --- v3.2.0.tar.gz | 3 - 6 files changed, 6 insertions(+), 134 deletions(-) create mode 100644 SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz delete mode 100644 apache2-mod_security2.keyring delete mode 100644 modsecurity-2.9.7.tar.gz.asc delete mode 100644 v3.2.0.tar.gz diff --git a/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz b/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz new file mode 100644 index 0000000..f6fa190 --- /dev/null +++ b/SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:637b53696e96f3855f8d4bc678dd67dc8a4ba1ce7da418dafc74524cbf36c92a +size 291337 diff --git a/apache2-mod_security2.changes b/apache2-mod_security2.changes index 1bc9b9d..c7ca08f 100644 --- a/apache2-mod_security2.changes +++ b/apache2-mod_security2.changes @@ -34,12 +34,6 @@ Sat Jul 15 17:09:55 UTC 2023 - Dirk Müller recommended * IIS: Update dependencies for Windows build as of v2.9.5 * Support configurable limit on depth of JSON parsing -- reenable tests -- switch to SpiderLabs owasp 3.2.0 release (final release, upstream - archived the project, please switch to coreruleset instead): - * Various security fixes, see - * https://raw.githubusercontent.com/SpiderLabs/owasp-modsecurity-crs/v3.2.0/CHANGES -- introduce supply chain security by adding gpg signature and keyring ------------------------------------------------------------------- Mon Jul 19 09:37:45 UTC 2021 - Danilo Spinella diff --git a/apache2-mod_security2.keyring b/apache2-mod_security2.keyring deleted file mode 100644 index c05b5c5..0000000 --- a/apache2-mod_security2.keyring +++ /dev/null @@ -1,104 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBF2scPUBEADzKAm5+CJ4TC9OGdh/koPHvGkl1h5cHXHCcyn3GAkD6lz9TJs1 -gAJxKuljq1Ux9CGgf+2OUuhPopC7W9gPg+MuyD4AJr3g9b4IBYwnY9yo5Z337j1m -+yp3SRr6bXW0lutboTAMLBXC7WYdb0k/dJZuqsWe34Y+V6EQLIrZQv1ojclZa+I9 -7AmB8bJO8cwq+QRXQYCu8gE7WD54Khv660uHvZtGXId9AOGpE3fjEGIz7r0BW95u -pGXveFDq+3xdBuahqIsvkr7FacXOwf7fJmkBra2IWuWgCdg4CADTdUpYgL+0ugm5 -B8qhzVBdhnnN1sUaLTB0nny6gwaWWvDvzNqant/VT5qckzRA+e2TK2C/t1znuqBn -DwyNwElXas/y+9cD0AEf//xg1y5BKd2akSwNOlhBqZOzotW0ITWI2Rx4yB9PujLD -jgW9Jy9aAHAnAGk2Qtb+MNU2VBqDzXc2npxqLju2b0lp57PeVte1bhK6ZAdpotfX -rAzYMtrgDsmx/9FJbFMJIKaHJC0PSx2UF4qLTaiL66QHXJ9900HqUGzDpElrf4ZZ -5wXyIk0wwDsnzKcJbRqaT9Or14oQYjbiUua12lN6ID9SW1QgacHwjpm8RCSYcFWh -eQblcH7FGueB0FVvN/wdzLOFRkMIgmuuiBW7inz1+jRu0TTzWMr2gqKBJQARAQAB -tC5PV0FTUCBDb3JlIFJ1bGUgU2V0IDxzZWN1cml0eUBjb3JlcnVsZXNldC5vcmc+ -iQJOBBMBCAA4FiEENgBvDguhZ4MhWIIROO6soauKbnIFAl2scPUCGwMFCwkIBwIG -FQoJCAsCBBYCAwECHgECF4AACgkQOO6soauKbnIeOg//SVOZaRwP/ZFFILJXQMd5 -H97d+6LWZc9O1aRhNWfVwee0jmCNOc8E3eooAkiDpHZb/w9kKKfXf4MPOtN6u+yY -5I0OvEsE1torm6PmlTrrM5To8hao0jV/jEmVMM7cNSz18GBp2fjDvXrp/CIR3Jjz -VT3TyFavAfpq9WIThtOM1QB0qt+eRVvP2bYEJHnnchMOS+H2ITr8PTfdF8INNxY5 -ggjdYOS3b20EHOF9CZ4UYFsdsP4C32tTOF75nJVIWAXxgm8M/xKm9DkrpHmROoUH -yPUljA9yZNjtNHkSce1nczj2C5M5CuJuKthsxitE6QZ4AMaLu0GOJfVRw8aRF1Yc -1d9O2Ww2kpBWf5QVo65Qi0puwwUknW8sq3hnfu92se9l+MCaAynvLqDlEQp0gKg8 -ZDrXbpBJa7O948uIjwYDp1N2dKSZeZb5bFP/0Bl3PFLANhGJ2NqEkkOnOTgouI5X -2dNSCgr/YFsPHOGGXwPkleL43JO6I+jN3XJcX4b2TgsW/NpSgR74CGENUcLRSO0z -XSs4ffq2spmEX5j0+o/Yw5slXuu8y+X8cc78QQ2QQYcu5WqXg6ij7/41OtY/e4uC -3Ap1SsjR/GIjhP5uryTkYfugmDn2gsjg7sqqpgBXVuvBL8j094VXj8QGKFLnlu0e -s8ZNAFTIWyjznC7OQX5Xtkm5Ag0EXaxw9QEQAMkyF4/mewIA6Rx/zuPT8v/Euk/q -Hqpr9iKvIIho8e53SfqVSJWTLNvTaIROROaSz/B2RyIgvICCaqFJWKqW80sSCAk0 -uc1OsP5Lt1RrmtM9AgH5L/ZTnZUnFMGz/ba+i8dWF2tKBL4l1I6fNUBP+PtSESgm -/T+Dv32+s8QI/c0J9XwOwF/ZzBfeFj0zv8Sdx3W0S6M7dmGK1LX4r4w2zFRGt5MD -5QgjmlbDzMsCe4flzs2QWIyaSqJWTZPxWG57bc0kNWSC2Hv5UFrnKuElyav+aFkc -/HkN+sPf0y4ahF8xmVkWYumoN4iKKsnGIAtuLrLDL6IKlfjq06DKeOVpXCKBS6vF -w4AcIaoW+aVUGRmIxIHf2Mb9tKShcy4i0yZVpdeJQxFUHBDYaE8a6GpKPzT17LYv -03K5g2w2+hsUi07H8PRMsckr4UvD2pTvRcP0e9K7/qVF0i440CgpX5f+yHefCv2P -nP3apiCS7qK4m02NUU14//tkJLeGLhxUJ9WhxzFUYWs233jjN+5wJsOHyIzqs1kc -jCN1Qx+91hklTWRmmCgO6gk6eIlpKTALFrTlF0A5eMSIb/Zw40aw2mZ7ku3Y3xAf -4yAK210ILFYrGErbr47ArLDfeMKcAu83uIHyc1IacR/8UaqM0GLAq8H8n//lB2Xz -urz9ZsGF8uB3gODtABEBAAGJAjYEGAEIACAWIQQ2AG8OC6FngyFYghE47qyhq4pu -cgUCXaxw9QIbDAAKCRA47qyhq4puciTyD/9dLUF2rAHzBqQr8S7MWbo7SYU+vHkZ -UF1JNYP+YDo7C0ZJ4ANyfh9GOBly2ZSDYTigLel1GKGO5sf2U7N4dQmy9xTCDRM8 -slqnbt6jfvtRBgJB9mg6UTq/o4vUClyXX4iqAInGMFPxIpuSrOKkZ640c9WW2pcM -U8KoGgDu1vCZxZ6160EQzpQubxCHyQhzRnl9Y/AYy/BbjY1IOf4n/u3hwHXD4piP -dQFJDcqEoob5TvxqolNlw9BfpZpFwsCk2MFrxKuwBP57iuy+/gPJoUrWArgJyvvZ -q0u1r+Q/T5XregBf2RJ/sQc1wF3f28KUBHZlnEsLHF6k/wrWq6xaGxvwWzdXOPYn -O/GoEG8Z26+6wNG3NYGFlToupjd4PQ6uQGSVyZf2ud/6ewW6gQuryMKanxqJ5zqR -KN/ah7Kzr4faQnM3Sk0WDzzQlKkmvAZ1PedTNIDL4OLfbt5h6DBuH7pP6nqSMS+4 -AXpW/RIpjHZy6kBBc/wjm1x5cvQfuY/asHwk9OeSRBVuuO7wS63OCxX+x0jzHxj8 -TyO7DXXuD1K+UnI+IN8Ge/84kiKk1AueNbeYmXyHBcl3kWz4g7OEiDb5P12YGMrV -1EDhTZ9V87jkn4QoJmsN6t4EV2IQvQuLlpbzp0c+gnxktQAWfYEWw9BWw9/6IWq5 -XdQEIOeqEZLTZQ== -=F7wV ------END PGP PUBLIC KEY BLOCK----- ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBGGL8ngBEACsyb//l5LzsYFKmwPrFNyVmWWXKtuj7rGiz7NYDDCcRn+d6Df+ -augCPmvIWLC9NZE6tOFn6NYMMs4GdhcJ3vHddMAaVkkBUpw9lSGYolitlV0k1FI2 -jjHC4e3sETqP4ara1hF9UrAh+NGjW5Nc6gjDWMqCfUmXBgqvpIH5E4M/BkhkuRAj -n7tTCW+JWDTVx4vwK3Zdb2zPPLx9Trmdh33upCKRKUMwRyF3EarEUtHh82j99cyD -sbjkexmpenTsHAJqHEafBRPpNduRtaUOT3HsmZ4nDctMWWoxGoixRaALfLQTvIl6 -gJzTlaoQw5UC7iksEGGmX53w5gqmdR0cpMBiIGEiTCJY38lochf16XtNz006aQYz -gO7L5QxwdDXMlhrcfXKYAjI/NX9SmYr+vBSjmpyA9T3U2kds0NI0L1RLsVGAGH6M -Kx/Wef8iOMn22meM7UFwKh6WKms9V4hseYwJnVw0L5wBS3rvh6mPOQTytYzxneNt -9EGh8wIgiWMhCncOGvHOMfd2tt1CDm9cEmsgzWYfN0yNTopcMDS3z2XjD6tot4bg -9Wwn6Mxt4+OeFiLCpRIfXmnjSsqLEBr6//OKSZW09LZXXEvQIO5IDV46RiQoe7Aj -jqbbgaSUNUjphqcAc5ruLhlkwCgzQUT3oZanXmCwO21BgFr4DZl4Sy1mnQARAQAB -tDpNYXJ0aW4gVmllcnVsYSAoR2l0SHViIGtleSkgPE1hcnRpbi5WaWVydWxhQHRy -dXN0d2F2ZS5jb20+iQJOBBMBCgA4FiEE8SZpLpuoazlY5z7S8vxORYg7y6QFAmGL -8ngCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ8vxORYg7y6Rnyw/+Iq7N -NYDP0Rf/v3N/EMXHmBSnLdlZlEASJpJn6pGvGFTzmCqf1BvraXWjbMFFvF1OC3SS -HawBHzwGseQgEt4vk43cXxp2/neTmJWGORHVODLUZm6o6M/A8aMScCjw+cpt5W5s -Za2cnT/+DZVGQTY33JAuTxeGLZ6c2B4UWH6nRj+DIjBfWzULj+edJ9oTgJRuHgbj -3/SFz4lpUmrzpwo57W8Y+oqzUeDfyw+tm/Vk5XQOTkJqRcG1SmWp1IA40ygg0VDK -TGKE40/6H9LDoR2FA5ArMjkixafLhoVlw84dirz9VXaTTWBcxgT3Rl1WnLtYhUnk -aRd23OkHmLkT+mj/xCnKEqXVMI3Bsma7kd3+oFQHTkY5xpPQ576IcQg6xzGelLJd -tMiWZwj6rtW16UwLruaLaGkMfVNqo0vGgYKjY92IP2Oj8O0Y+zG6CZzd/2xh5i6f -fslaHDl+nfUjsXTn+zgKdoRlLnwT6FVNrHswNKcDuNnIo8rqCjaUOlY26H7kDR/3 -nw0QOE1O8r3+HrCu0Nnszsw0OfPcBuzhOFrFGvaipTR5GVso0VwM1LaDcnveeIlu -BeBIV8hWlfZuf1HQTjFRzTKmbGGJ0pqMwu9rc3u2zX6afC9T9hJOvc+js3PcjpPh -vqQ8ZnQQtMVD9ru1IAfthLIJLaxwssSfh36xBra5Ag0EYYvyeAEQAOTk9zr//CmW -sWdvjNfp5Nh89bymBOqtusDgNh2EHLHXT2pCnQ9YQ7Kf/RGHPuapkaKiXvTy1h0w -ewfL5eSBsx762TJpPbmR9zDu9UDpdxxR6jcgU7ZXYgBcz1uQvHmvGRoAa6rcv757 -5UmROsQz9QNNS4mYnCdeVQuIaGa0uCJgXDI+EQNUKRrAlBhgaDOUpuvqnxDz7A65 -W4u7OchU+GtHqnzgopDQtjGTwCE+F1lutwABc+xrWkvl9ph7zp6VWze62AErWsc0 -bLsCnzVm3+pu1IQO76poqjapfEL13OpZGZfmxzJTc+GPfnevAfF72QkDjldF30MV -fBySxnLcupoPhR56t/Ix0/nkziduvflYWqtIq4LyB4KYFFmylkFHQiPWtG5QJAFc -FwZS/CUJREJ2aR/SFSqjAmASqGIRn0idqZxZdZV3Uw4TyyUaLUJyyV7RgQ+/BEt6 -QLu+Oay/si6nT5Rq5KBQT4a6ttJpyr6C/kdqXCPifPItTFu6HTqyLe+NCENzXr6e -syjxllYJJKI/tVAk+ItQrQ+6370QFOmJnm3jNqS5ylFDUQH+M/ypop6ssajTjaKY -o7FRIN2grfRaKXSrFMCmmgRpXcXZs1kA8C910BeI9z96+RtOl3jp9OEiibZtSDCt -murdZN1kn5eZrq1uJSakNnUg27SFR72LABEBAAGJAjYEGAEKACAWIQTxJmkum6hr -OVjnPtLy/E5FiDvLpAUCYYvyeAIbDAAKCRDy/E5FiDvLpLJuD/9LnDYu1Qjsg9zZ -Q2N4u2gcEfEBn7Gl3J0FkN12mRy8eaVEHuTxcFEsKZVllLBc0yHaM5wBwtln0CpA -oHLQfIKDXP6mPKEU+9/z0oiWP7LiPO5jqKam26GVGIfucx4Yw92eJFpgB3lQzQZN -rStcenUKRmjXdUplalXSXxwqIGMvAJrQyQ7MKTUHKBV/sh1+Mrh9KN1+WRetbOY4 -2k/8Gm42uvmc+u8y2+rzSnoZf3xdVPIbq94rm+IC+jvzMqfL7QPEyT7gsAgGCjlL -CfV1PKj2YRv8IQzQgbRm3Vu++PvIalKQFa2Szc0dz6fgG2AedhYvqloMcgbXgpkM -RRIa7p/lcAR8SGilkiNafOQZBHWVKhXNa2IewyWa6rao1oPydz/6QwuUM6OI9J5a -iH8sEwExEJ74ZZjJ/g4yRaBx13i3tRxXdSG3d7l1VR4Xe0clLW2mo7YDKO3SZXCV -UAVD5SRh/P/WdPJGlpMifccgNZpCGy4Scr+nYXISvrH3+OZl5s/HsxD1eZPEYuvi -QDAljPNWq4BBqRo/cO5wBtZFS8IovT6YA3n9cGslcnlWmpqKvORQMDK35zs/9/Yg -MsjNbAXtv9AnmVSDcUnN20GFLE6lyrn62f2yi3SN3FPLyZP1CmyMDYMkU6LmcGjy -GcN2K4YXkS3Z1QIoOtUvc7FGIEggAA== -=g03h ------END PGP PUBLIC KEY BLOCK----- diff --git a/apache2-mod_security2.spec b/apache2-mod_security2.spec index 4a08b70..be68b80 100644 --- a/apache2-mod_security2.spec +++ b/apache2-mod_security2.spec @@ -27,12 +27,10 @@ License: Apache-2.0 Group: Productivity/Networking/Web/Servers URL: https://www.modsecurity.org/ Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz -Source1: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz.asc -Source10: https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/refs/tags/v3.2.0.tar.gz +Source1: https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master//SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz Source2: mod_security2.conf Source6: README-SUSE-mod_security2.txt Source7: empty.conf -Source99: apache2-mod_security2.keyring Patch0: apache2-mod_security2-no_rpath.diff Patch1: modsecurity-fixes.patch Patch2: apache2-mod_security2_tests_conf.patch @@ -64,8 +62,8 @@ applications from known and unknown attacks. %prep %setup -q -n %{tarballname} -%setup -q -D -T -a 10 -n %{tarballname} -mv -v owasp-modsecurity-crs-3.2.0 rules +%setup -q -D -T -a 1 -n %{tarballname} +mv -v SpiderLabs* rules %patch0 %patch1 -p1 %patch2 -p1 diff --git a/modsecurity-2.9.7.tar.gz.asc b/modsecurity-2.9.7.tar.gz.asc deleted file mode 100644 index 32908ad..0000000 --- a/modsecurity-2.9.7.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEE8SZpLpuoazlY5z7S8vxORYg7y6QFAmO19QwACgkQ8vxORYg7 -y6R5yhAApYMN3e2fJu3kh1QS3w5KaNNE5tc58eWLBju4A+rTAenNdeciXfmzndJa -59cgNC8wZigSVN/PhNMhj/OJta88TFwzTkuc5CmOZ0zEgudXmIHifkUZZ+4UkCto -ihcrfb9I7JjA5WJ0AB6vpC4tZzqiI3i6ZOiftcKDJbhfFjhfuoBFbmwzfV9RSCna -7AKQWBfrHj5yvjKiBLMIyu045HpWOdhPqbZGm99417cejix8roAIszx0eNlb0oyJ -qIJx3RQStcduLHyIcxMRVn0ftElK8theAJOeO15e7efdJIyaR7Qmu875A8aB3yFk -v6ewLRE2uy4NJfS1daBscs3Ua4QSmpUqaSaa6zBu4OO5jAoS/WPuiSjy5ulmeWEU -CbE/APCgq9v1uOLN7TMmkcZAFZXgJ0bVfauSCgB4jokLQsRwFwH7v9I1PZfLKNb6 -RsJ3zN82tNeJ8n7rzXwDk8Qj1PJFTB/5TXIwlzlACh6774I2Q0mvfdXhUuTphcc4 -P8FQR6lW4uePMZAkNS3yrnzL9XT7NduQNuKGvYS16xMnIwH0C/4X6IL9C5YET6I8 -S8OBBLJ0LRw+M6+jb5Ev9bby7NcY3rB2eXcPjKg2XYhicmLbZ0F9SY8vGyJG0RwK -g0z3+d36XnpHQw8247xEBjdtmKWgNWbpJMZcqVWBwCsAscft3v4= -=ycKi ------END PGP SIGNATURE----- diff --git a/v3.2.0.tar.gz b/v3.2.0.tar.gz deleted file mode 100644 index bcadaab..0000000 --- a/v3.2.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1e5431d83c24bb745a0d7ae520328a5bcee066e33b0303bd22c864436bdf97a0 -size 282225 From 933e8d6dbd6916fdaa35322c9861985aa292c49619957d849a0dec3045987223 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Thu, 22 Feb 2024 08:23:14 +0000 Subject: [PATCH 4/4] Accepting request 1147828 from home:dimstar:rpm4.20:a Prepare for RPM 4.20 OBS-URL: https://build.opensuse.org/request/show/1147828 OBS-URL: https://build.opensuse.org/package/show/Apache:Modules/apache2-mod_security2?expand=0&rev=90 --- apache2-mod_security2.changes | 5 +++++ apache2-mod_security2.spec | 8 ++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/apache2-mod_security2.changes b/apache2-mod_security2.changes index c7ca08f..9953425 100644 --- a/apache2-mod_security2.changes +++ b/apache2-mod_security2.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Feb 20 11:02:36 UTC 2024 - Dominique Leuenberger + +- Use %patch -P N instead of deprecated %patchN. + ------------------------------------------------------------------- Sat Jul 15 17:09:55 UTC 2023 - Dirk Müller diff --git a/apache2-mod_security2.spec b/apache2-mod_security2.spec index be68b80..cfc7c53 100644 --- a/apache2-mod_security2.spec +++ b/apache2-mod_security2.spec @@ -64,10 +64,10 @@ applications from known and unknown attacks. %setup -q -n %{tarballname} %setup -q -D -T -a 1 -n %{tarballname} mv -v SpiderLabs* rules -%patch0 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 +%patch -P 0 +%patch -P 1 -p1 +%patch -P 2 -p1 +%patch -P 3 -p1 %build aclocal