This website requires JavaScript.
9292575705
add apache2-mod_security2-CVE-2025-54571.patch
2025-08-28 11:27:42 +02:00
5f6ed1e7cc
-CVE-2025-54571
2025-08-22 13:04:02 +02:00
4e08ee7571
Accepting request 1300032 from Apache:Modules
Ana Guerrero
2025-08-18 14:08:56 +00:00
c5663755ff
Accepting request 1300030 from home:AndreasStieger:branches:Apache:Modules
Petr Gajdos
2025-08-18 10:01:09 +00:00
f6c08da3d2
Accepting request 1300022 from home:AndreasStieger:branches:Apache:Modules
Petr Gajdos
2025-08-18 09:36:02 +00:00
25e828d174
Accepting request 1298012 from home:AndreasStieger:branches:Apache:Modules
Petr Gajdos
2025-08-18 07:42:46 +00:00
e44551e136
Accepting request 1290193 from Apache:Modules
Ana Guerrero
2025-07-06 15:07:05 +00:00
4333567e8e
Accepting request 1290193 from Apache:Modules
Ana Guerrero
2025-07-06 15:07:05 +00:00
c463458b46
checkin
Petr Gajdos
2025-07-03 11:14:31 +00:00
b6eddc20a1
checkin
Petr Gajdos
2025-07-03 11:14:31 +00:00
6e6f94d3d8
Accepting request 1282334 from Apache:Modules
Ana Guerrero
2025-06-03 15:57:14 +00:00
5a0959c206
Accepting request 1282334 from Apache:Modules
Ana Guerrero
2025-06-03 15:57:14 +00:00
3a561b5cff
apache2-mod_security2 2.9.10 CVE-2025-48866 (boo#1243976) CVE-2025-47947 (boo#1243978)
Petr Gajdos
2025-06-03 13:20:19 +00:00
76013c7004
Accepting request 1282154 from home:AndreasStieger:branches:Apache:Modules
Petr Gajdos
2025-06-03 13:20:19 +00:00
6c5b4c8a62
Accepting request 1265135 from Apache:Modules
Ana Guerrero
2025-03-31 09:39:41 +00:00
cd523e1151
Accepting request 1265135 from Apache:Modules
Ana Guerrero
2025-03-31 09:39:41 +00:00
ee595a5847
- build with pcre2 (test suite disabled temporarily)
Petr Gajdos
2025-03-28 09:59:34 +00:00
004cac6b45
Accepting request 1253263 from home:AndreasStieger:branches:Apache:Modules
Petr Gajdos
2025-03-28 09:59:34 +00:00
86e3cb04e5
Accepting request 1240740 from Apache:Modules
Ana Guerrero
2025-01-28 13:59:43 +00:00
34eb874069
Accepting request 1240740 from Apache:Modules
Ana Guerrero
2025-01-28 13:59:43 +00:00
d41eeb0bce
- fixes CVE-2022-48279 [bsc#1207378], CVE-2023-24021 [bsc#1207379]
Petr Gajdos
2025-01-28 09:25:37 +00:00
fb40e667f9
Accepting request 1240738 from home:pgajdos
Petr Gajdos
2025-01-28 09:25:37 +00:00
d91a19e9f0
Accepting request 1240477 from Apache:Modules
Ana Guerrero
2025-01-27 19:55:30 +00:00
9706907599
Accepting request 1240477 from Apache:Modules
Ana Guerrero
2025-01-27 19:55:30 +00:00
7312016b17
- package cleanup, coordinated with owasp-modsecurity-crs cleanup - version update to 2.9.8 (changed upstream: Trustwave -> OWASP) * Fixed ap_log_perror() usage * Memory leaks + enhanced logging * CI improvement: First check syntax & always display error/audit logs * Fixed assert() usage * Removed useless code * feat: Check if the MP header contains invalid character * Use standard httpd logging format in error log * fix msc_regexec() != PCRE_ERROR_NOMATCH strict check * Move xmlFree() call to the right place * Add collection size in log in case of writing error * Passing address of lock instead of lock in acquire_global_lock() * Invalid pointer access in case rule id == NOT_SET_P * Show error.log after httpd start in CI * chore: add pull request template * chore: add gitignore file * Possible double free * Set 'jit' variable's initial value * Missing null byte + optimization * fix: remove usage of insecure tmpname * docs: update copyright * Enhanced logging [Issue #3107 ] * Check for null pointer dereference (almost) everywhere * Fix possible segfault in collection_unpack * fix: Replace obsolete macros * chore: update bug-report-for-version-2-x.md * feat: Add more steps: install built module and restart the server * Add new flag: --without-lua * Initial release of CI worklow
Petr Gajdos
2025-01-27 09:41:24 +00:00
76aae411f6
Accepting request 1239893 from home:pgajdos
Petr Gajdos
2025-01-27 09:41:24 +00:00
f10c880c82
Accepting request 1178493 from Apache:Modules
Ana Guerrero
2024-06-05 15:39:46 +00:00
1c9d36229d
Accepting request 1178493 from Apache:Modules
Ana Guerrero
2024-06-05 15:39:46 +00:00
d07185cefe
checkin
Petr Gajdos
2024-06-04 12:15:05 +00:00
ebfc3143a2
checkin
Petr Gajdos
2024-06-04 12:15:05 +00:00
4f58a94cd5
Accepting request 1178487 from home:dimstar:Factory
Petr Gajdos
2024-06-04 12:11:39 +00:00
93206ebb6b
Accepting request 1178487 from home:dimstar:Factory
Petr Gajdos
2024-06-04 12:11:39 +00:00
22a2f6eab5
Accepting request 1173611 from Apache:Modules
Ana Guerrero
2024-05-13 15:58:23 +00:00
1fe5246ddb
Accepting request 1173611 from Apache:Modules
Ana Guerrero
2024-05-13 15:58:23 +00:00
deb0e0b6c9
Accepting request 1172451 from home:pgajdos
Petr Gajdos
2024-05-13 09:19:16 +00:00
335d14841e
Accepting request 1172451 from home:pgajdos
Petr Gajdos
2024-05-13 09:19:16 +00:00
768d5ed2e7
Accepting request 1149082 from Apache:Modules
Ana Guerrero
2024-02-22 19:59:10 +00:00
780cbe3d60
Accepting request 1149082 from Apache:Modules
Ana Guerrero
2024-02-22 19:59:10 +00:00
933e8d6dbd
Accepting request 1147828 from home:dimstar:rpm4.20:a
Petr Gajdos
2024-02-22 08:23:14 +00:00
9399a62d91
Accepting request 1147828 from home:dimstar:rpm4.20:a
Petr Gajdos
2024-02-22 08:23:14 +00:00
196d82d91e
Accepting request 1101664 from Apache:Modules
2023-08-01 09:41:33 +00:00
2a11cb654d
Accepting request 1101664 from Apache:Modules
2023-08-01 09:41:33 +00:00
b365d4d203
Accepting request 1099113 from home:dirkmueller:Factory
2023-08-01 09:14:57 +00:00
59a8a1a4af
Accepting request 1099113 from home:dirkmueller:Factory
2023-08-01 09:14:57 +00:00
ca6551fe3a
Accepting request 1098838 from home:dirkmueller:Factory
2023-07-17 08:33:54 +00:00
8f93005dd6
Accepting request 1098838 from home:dirkmueller:Factory
2023-07-17 08:33:54 +00:00
e21ae5f2cf
Accepting request 907289 from Apache:Modules
Dominique Leuenberger
2021-07-20 13:39:41 +00:00
7ec78fcfcc
Accepting request 907289 from Apache:Modules
Dominique Leuenberger
2021-07-20 13:39:41 +00:00
1dd8c36c28
Accepting request 907288 from home:dspinella:branches:Apache:Modules
2021-07-20 09:51:27 +00:00
9354fbfd19
Accepting request 907288 from home:dspinella:branches:Apache:Modules
2021-07-20 09:51:27 +00:00
2bc003e915
Accepting request 907282 from home:dspinella:branches:Apache:Modules
2021-07-20 09:36:03 +00:00
25bbc70abe
Accepting request 907282 from home:dspinella:branches:Apache:Modules
2021-07-20 09:36:03 +00:00
bdf2c9008a
Accepting request 874491 from Apache:Modules
Dominique Leuenberger
2021-02-23 19:21:41 +00:00
b583de4699
Accepting request 874491 from Apache:Modules
Dominique Leuenberger
2021-02-23 19:21:41 +00:00
1f5c2cdf32
- version update to 2.9.3 * Enable optimization for large stream input by default on IIS [Issue #1299 - @victorhora, @zimmerle] * Allow 0 length JSON requests. [Issue #1822 - @allanbomsft, @zimmerle, @victorhora, @marcstern] * Include unanmed JSON values in unnamed ARGS [Issue #1577 , #1576 - @marcstern, @victorhora, @zimmerle] * Fix buffer size for utf8toUnicode transformation [Issue #1208 - @katef, @victorhora] * Fix sanitizing JSON request bodies in native audit log format [p0pr0ck5, @victorhora] * IIS: Update Wix installer to bundle a supported CRS version (3.0) [@victorhora, @zimmerle] * IIS: Update dependencies for Windows build [Issue #1848 - @victorhora, @hsluoyz] * IIS: Set SecStreamInBodyInspection by default on IIS builds (#1299 ) [Issue #1299 - @victorhora] * IIS: Update modsecurity.conf [Issue #788 - @victorhora, @brianclark] * Add sanity check for a couple malloc() and make code more resilient [Issue #979 - @dogbert2, @victorhora, @zimmerl] * Fix NetBSD build by renaming the hmac function to avoid conflicts [Issue #1241 - @victorhora, @joerg, @sevan] * IIS: Windows build, fix duplicate YAJL dir in script [Issue #1612 - @allanbomsft, @victorhora] * IIS: Remove body prebuffering due to no locking in modsecProcessRequest [Issue #1917 - @allanbomsft, @victorhora] * Fix mpm-itk / mod_ruid2 compatibility [Issue #712 - @ju5t , @derhansen, @meatlayer, @victorhora] * Code cosmetics: checks if actionset is not null before use it
Petr Gajdos
2021-02-23 07:55:22 +00:00
027ac63b0c
- version update to 2.9.3 * Enable optimization for large stream input by default on IIS [Issue #1299 - @victorhora, @zimmerle] * Allow 0 length JSON requests. [Issue #1822 - @allanbomsft, @zimmerle, @victorhora, @marcstern] * Include unanmed JSON values in unnamed ARGS [Issue #1577 , #1576 - @marcstern, @victorhora, @zimmerle] * Fix buffer size for utf8toUnicode transformation [Issue #1208 - @katef, @victorhora] * Fix sanitizing JSON request bodies in native audit log format [p0pr0ck5, @victorhora] * IIS: Update Wix installer to bundle a supported CRS version (3.0) [@victorhora, @zimmerle] * IIS: Update dependencies for Windows build [Issue #1848 - @victorhora, @hsluoyz] * IIS: Set SecStreamInBodyInspection by default on IIS builds (#1299 ) [Issue #1299 - @victorhora] * IIS: Update modsecurity.conf [Issue #788 - @victorhora, @brianclark] * Add sanity check for a couple malloc() and make code more resilient [Issue #979 - @dogbert2, @victorhora, @zimmerl] * Fix NetBSD build by renaming the hmac function to avoid conflicts [Issue #1241 - @victorhora, @joerg, @sevan] * IIS: Windows build, fix duplicate YAJL dir in script [Issue #1612 - @allanbomsft, @victorhora] * IIS: Remove body prebuffering due to no locking in modsecProcessRequest [Issue #1917 - @allanbomsft, @victorhora] * Fix mpm-itk / mod_ruid2 compatibility [Issue #712 - @ju5t , @derhansen, @meatlayer, @victorhora] * Code cosmetics: checks if actionset is not null before use it
Petr Gajdos
2021-02-23 07:55:22 +00:00
fa79cf847b
Accepting request 777581 from Apache:Modules
Dominique Leuenberger
2020-02-20 13:57:56 +00:00
45dd12ec64
Accepting request 777581 from Apache:Modules
Dominique Leuenberger
2020-02-20 13:57:56 +00:00
edc44d368e
- removing %apache_test_* macros, do not test module just by loading the module
Petr Gajdos
2020-02-13 07:56:49 +00:00
f7efbacfbe
- removing %apache_test_* macros, do not test module just by loading the module
Petr Gajdos
2020-02-13 07:56:49 +00:00
4374cdecf2
Accepting request 741022 from openSUSE:Factory
Petr Gajdos
2019-10-18 09:16:43 +00:00
63ecdfc309
Accepting request 741022 from openSUSE:Factory
Petr Gajdos
2019-10-18 09:16:43 +00:00
45ffd97882
Accepting request 739567 from home:RBrownSUSE:branches:Apache:Modules
Petr Gajdos
2019-10-17 13:42:44 +00:00
96bd82740e
Accepting request 739567 from home:RBrownSUSE:branches:Apache:Modules
Petr Gajdos
2019-10-17 13:42:44 +00:00
9dd6e62366
Accepting request 561619 from Apache:Modules
Dominique Leuenberger
2018-01-09 13:52:25 +00:00
e7381dc042
Accepting request 561619 from Apache:Modules
Dominique Leuenberger
2018-01-09 13:52:25 +00:00
11811bcb4e
Accepting request 560465 from home:jengelh:branches:Apache:Modules
Kristyna Streitova
2018-01-04 12:36:56 +00:00
1818d3cb9c
Accepting request 560465 from home:jengelh:branches:Apache:Modules
Kristyna Streitova
2018-01-04 12:36:56 +00:00
0cf4ea6d08
- fix build for SLE_11_SP4: BuildRoot and %deffattr have to be present
Petr Gajdos
2017-12-20 09:21:12 +00:00
bb2b524bac
- fix build for SLE_11_SP4: BuildRoot and %deffattr have to be present
Petr Gajdos
2017-12-20 09:21:12 +00:00
8a706f0f57
Accepting request 556963 from home:kstreitova:branches:Apache:Modules
Kristyna Streitova
2017-12-18 09:36:29 +00:00
831ca78d58
Accepting request 556963 from home:kstreitova:branches:Apache:Modules
Kristyna Streitova
2017-12-18 09:36:29 +00:00
805deb3424
Accepting request 505810 from Apache:Modules
Dominique Leuenberger
2017-06-26 13:52:32 +00:00
7b1f1b72a9
Accepting request 505810 from Apache:Modules
Dominique Leuenberger
2017-06-26 13:52:32 +00:00
57568dbaa7
Accepting request 505247 from home:dimstar:Factory
Petr Gajdos
2017-06-23 06:38:29 +00:00
3b5ebd0659
Accepting request 505247 from home:dimstar:Factory
Petr Gajdos
2017-06-23 06:38:29 +00:00
efb9e595f9
Accepting request 482450 from Apache:Modules
Yuchen Lin
2017-03-31 13:08:39 +00:00
bf7cb12c86
Accepting request 482450 from Apache:Modules
Yuchen Lin
2017-03-31 13:08:39 +00:00
70673e6619
Accepting request 482327 from home:kstreitova:branches:Apache:Modules
Kristyna Streitova
2017-03-24 09:57:51 +00:00
d9db3781a2
Accepting request 482327 from home:kstreitova:branches:Apache:Modules
Kristyna Streitova
2017-03-24 09:57:51 +00:00
edc5905530
Accepting request 331626 from home:pgajdos:apache2
Petr Gajdos
2015-09-18 11:51:55 +00:00
46742795ae
Accepting request 331626 from home:pgajdos:apache2
Petr Gajdos
2015-09-18 11:51:55 +00:00
4a7d4333c1
Accepting request 319208 from Apache:Modules
2015-08-05 04:50:58 +00:00
f975f3e4bd
Accepting request 319208 from Apache:Modules
2015-08-05 04:50:58 +00:00
f42c808926
Accepting request 319207 from home:pgajdos:apache2
Petr Gajdos
2015-07-29 07:23:29 +00:00
2afb615729
Accepting request 319207 from home:pgajdos:apache2
Petr Gajdos
2015-07-29 07:23:29 +00:00
404e95423a
Accepting request 319200 from home:pgajdos:apache2
Petr Gajdos
2015-07-29 07:02:10 +00:00
371cfbadae
Accepting request 319200 from home:pgajdos:apache2
Petr Gajdos
2015-07-29 07:02:10 +00:00
ec7a0121c1
Accepting request 317182 from Apache:Modules
2015-07-20 09:21:07 +00:00
ca616dd933
Accepting request 317182 from Apache:Modules
2015-07-20 09:21:07 +00:00
73cc1b8056
Accepting request 317137 from home:pgajdos:apache2
Kristyna Streitova
2015-07-16 17:01:10 +00:00
91a69741d9
Accepting request 317137 from home:pgajdos:apache2
Kristyna Streitova
2015-07-16 17:01:10 +00:00
b358fcf6e0
Accepting request 290126 from Apache:Modules
Dominique Leuenberger
2015-03-11 08:58:49 +00:00
cf63dbf4db
Accepting request 290126 from Apache:Modules
Dominique Leuenberger
2015-03-11 08:58:49 +00:00
b5854b719c
Accepting request 288294 from Apache:Modules
Dominique Leuenberger
2015-03-03 10:14:44 +00:00
5c92382723
Accepting request 288294 from Apache:Modules
Dominique Leuenberger
2015-03-03 10:14:44 +00:00
9215730c17
- Remove useless comment lines/whitespace
2015-03-02 14:46:30 +00:00
4cf7588ffc
- Remove useless comment lines/whitespace
2015-03-02 14:46:30 +00:00
c648fa3d5c
Accepting request 287448 from home:elvigia:branches:Apache:Modules
2015-03-01 11:04:28 +00:00
c5b875dfdc
Accepting request 287448 from home:elvigia:branches:Apache:Modules
2015-03-01 11:04:28 +00:00
Petr Gajdos
Ana Guerrero
Petr Gajdos
Danilo Spinella
Dominique Leuenberger
Kristyna Streitova
Yuchen Lin
Stephan Kulow
Tomáš Chvátal