From 6341f03002ef2d9784768d0231f430ac849837386dc966723658d60578d1bece Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Mon, 27 Aug 2012 13:45:37 +0000 Subject: [PATCH] Accepting request 131757 from Apache:Modules license update: Apache-2.0 and GPL-2.0 Many of the files in the rules/ subdirectory are GPL-2.0 licensed (forwarded request 131755 from babelworx) OBS-URL: https://build.opensuse.org/request/show/131757 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2-mod_security2?expand=0&rev=12 --- apache2-mod_security2.changes | 35 +++++++++ apache2-mod_security2.spec | 130 +++++++++++--------------------- modsecurity-apache_2.5.9.tar.gz | 3 - modsecurity-apache_2.6.7.tar.gz | 3 + rules.tar.bz2 | 3 + 5 files changed, 85 insertions(+), 89 deletions(-) delete mode 100644 modsecurity-apache_2.5.9.tar.gz create mode 100644 modsecurity-apache_2.6.7.tar.gz create mode 100644 rules.tar.bz2 diff --git a/apache2-mod_security2.changes b/apache2-mod_security2.changes index a321457..ea55bbd 100644 --- a/apache2-mod_security2.changes +++ b/apache2-mod_security2.changes @@ -1,3 +1,38 @@ +------------------------------------------------------------------- +Mon Aug 27 11:43:47 UTC 2012 - cfarrell@suse.com + +- license update: Apache-2.0 and GPL-2.0 + Many of the files in the rules/ subdirectory are GPL-2.0 licensed + +------------------------------------------------------------------- +Mon Aug 6 20:59:45 UTC 2012 - crrodriguez@opensuse.org + +- Update to version 2.6.7, fixes build in apache 2.4 +- Update spec file macros. + +------------------------------------------------------------------- +Sat Sep 17 11:20:39 UTC 2011 - jengelh@medozas.de + +- Remove redundant tags/sections from specfile +- Use %_smp_mflags for parallel build + +------------------------------------------------------------------- +Wed Jul 6 04:33:49 CEST 2011 - draht@suse.de + +- update to version 2.6.1-rc1 for submission to SLE11-SP2 (fate#309433): + - SecUnicodeCodePage and SecUnicodeMapFile directives added + - fixed bug: SecRequestBodyLimit was truncating the real request + body + additional fixes from 2.6.0: + - buffering filter problems fixed + - memory leak fix when using MATCHED_VAR_NAMES + - SecWriteStateLimit added against slow DoS + additional fixes from 2.6.0 release candidates: + - optimizations + - bug in logging code fixed + - cleanup + - google safe browsing support + ------------------------------------------------------------------- Thu May 14 18:05:26 CEST 2009 - mrueckert@suse.de diff --git a/apache2-mod_security2.spec b/apache2-mod_security2.spec index d1fc656..bc21cf5 100644 --- a/apache2-mod_security2.spec +++ b/apache2-mod_security2.spec @@ -1,7 +1,7 @@ # -# spec file for package apache2-mod_security2 (Version 2.5.9) +# spec file for package apache2-mod_security2 # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,33 +15,44 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild - Name: apache2-mod_security2 -Version: 2.5.9 -Release: 2 +Version: 2.6.7 +Release: 0 +%define aversion 2.6.7 # -License: GPL v2 only; GPLv2 with some FLOSS linking exceptions -Group: Productivity/Networking/Web/Servers # BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: apache2-devel apache2-prefork c++_compiler curl-devel libxml2-devel pcre-devel +BuildRequires: apache2-devel +BuildRequires: apache2-prefork +BuildRequires: c++_compiler +BuildRequires: curl-devel +BuildRequires: libxml2-devel +BuildRequires: pcre-devel %define apache apache2 %define modname mod_security2 -%define tarballname modsecurity-apache_%{version} +%define tarballname modsecurity-apache_%{aversion} # -%define apxs %{_sbindir}/apxs2 -%define apache_libexecdir %(%{apxs} -q LIBEXECDIR) -%define apache_sysconfdir %(%{apxs} -q SYSCONFDIR) -%define apache_mmn %(MMN=$(%{apxs} -q LIBEXECDIR)/MMN; test -x $MMN && $MMN) -Requires: apache2 %{apache_mmn} + +%{!?apxs: %global apxs /usr/sbin/apxs2} +%{!?apache_libexecdir: %global apache_libexecdir %(%{apxs} -q LIBEXECDIR)} +%{!?apache_sysconfdir: %global apache_sysconfdir %(%{apxs} -q SYSCONFDIR)} +%{!?apache_includedir: %global apache_includedir %(%{apxs} -q INCLUDEDIR)} +%{!?apache_serveroot: %global apache_serverroot %(%{apxs} -q PREFIX)} +%{!?apache_localstatedir: %global apache_localstatedir %(%{apxs} -q LOCALSTATEDIR)} +%{!?apache_mmn: %global apache_mmn %(MMN=$(%{apxs} -q LIBEXECDIR)_MMN; test -x $MMN && $MMN)} + +Requires: %{apache_mmn} +Requires: apache2 # Url: http://www.modsecurity.org/ Source: http://www.modsecurity.org/download/%{tarballname}.tar.gz Source1: mod_security2.conf +Source2: rules.tar.bz2 # Summary: ModSecurity Open Source Web Application Firewall +License: Apache-2.0 and GPL-2.0 +Group: Productivity/Networking/Web/Servers %description ModSecurity(TM) is an open source intrusion detection and prevention @@ -54,93 +65,40 @@ applications from known and unknown attacks. %prep %setup -n %{tarballname} +tar -xvjpf %{S:2} %build -pushd %{apache} +#pushd %{apache} ./configure - make - make -C mlogc-src/ -popd + make %{?_smp_mflags} +# make -C mlogc-src/ +#popd %install pushd %{apache} install -D -m 0755 .libs/mod_security2.so %{buildroot}%{apache_libexecdir}/%{modname}.so - install -D -m 0755 mlogc-src/mlogc %{buildroot}%{_sbindir}/mlogc - install -D -m 0755 mlogc-src/mlogc-batch-load.pl %{buildroot}%{_sbindir}/mlogc-batch-load.pl - install -D -m 0640 mlogc-src/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf - cp mlogc-src/INSTALL mlogc-src/INSTALL.mlogc popd + install -D -m 0755 mlogc/mlogc %{buildroot}%{_sbindir}/mlogc + install -D -m 0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_sbindir}/mlogc-batch-load.pl + install -D -m 0640 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf + cp mlogc/INSTALL mlogc/INSTALL.mlogc install -D -m 0644 %{SOURCE1} %{buildroot}%{apache_sysconfdir}/conf.d/%{modname}.conf - -%clean -%{__rm} -rf %{buildroot}; +mkdir examples +cp -a tools examples +rm -f examples/tools/M* +chmod 644 examples/tools/* %files %defattr(-, root, root, 0755) %{apache_libexecdir}/%{modname}.so %config(noreplace) %{apache_sysconfdir}/conf.d/%{modname}.conf -%doc doc/html-multipage/ doc/*.pdf -%doc README.TXT CHANGES LICENSE MODSECURITY_LICENSING_EXCEPTION modsecurity.conf-minimal -%doc apache2/mlogc-src/INSTALL.mlogc apache2/mlogc-src/mlogc-default.conf -%doc tools/ rules/ apache2/api/ +%doc doc/Reference_Manual.html +%doc README.TXT CHANGES LICENSE modsecurity.conf-recommended +%doc mlogc/INSTALL.mlogc mlogc/mlogc-default.conf +%doc examples/ +%doc rules/ %{_sbindir}/mlogc %{_sbindir}/mlogc-batch-load.pl %config(noreplace) %{_sysconfdir}/mlogc.conf %changelog -* Thu May 14 2009 mrueckert@suse.de -- update to version 2.5.9 - - Fixed parsing multipart content with a missing part header name - which would crash Apache. Discovered by "Internet Security - Auditors" (isecauditors.com). - - Added ability to specify the config script directly using - --with-apr and --with-apu. - - Added macro expansion for append/prepend action. - - Fixed race condition in concurrent updates of persistent - counters. Updates are now atomic. - - Cleaned up build, adding an option for verbose configure output - and making the mlogc build more portable. -- additional changes from 2.5.8 - - Fixed PDF XSS issue where a non-GET request for a PDF file - would crash the Apache httpd process. Discovered by Steve - Grubb at Red Hat. - - Removed an invalid "Internal error: Issuing "%%s" for - unspecified error." message that was logged when denying with - nolog/noauditlog set and causing the request to be audited. -- additional changes from 2.5.7 - - Fixed XML DTD/Schema validation which will now fail after - request body processing errors, even if the XML parser returns - a document tree. - - Added ctl:forceRequestBodyVariable=on|off which, when enabled, - will force the REQUEST_BODY variable to be set when a request - body processor is not set. Previously the REQUEST_BODY target - was only populated by the URLENCODED request body processor. - - Integrated mlogc source. - - Fixed logging the hostname in the error_log which was logging - the request hostname instead of the Apache resolved hostname. - - Allow for disabling request body limit checks in phase:1. - - Added transformations for processing parity for legacy - protocols ported to HTTP(S): t:parityEven7bit, t:parityOdd7bit, - t:parityZero7bit - - Added t:cssDecode transformation to decode CSS escapes. - - Now log XML parsing/validation warnings and errors to be in the - debug log at levels 3 and 4, respectivly. -- build and package mlogc -- remove --with-apxs from the configure args as it breaks the build - configure now finds our apxs2 -* Fri Jan 23 2009 skh@suse.de -- fix broken config [bnc#457200] -* Mon Sep 15 2008 skh@suse.de -- update to version 2.5.6 -- initial submit to FACTORY -* Mon May 12 2008 jg@internetx.de --update to 2.1.7 -* Sun Feb 03 2008 jg@internetx.de --update to 2.1.6 -* Wed Aug 08 2007 mrueckert@suse.de -- update to 2.1.2 -* Mon Apr 16 2007 mrueckert@suse.de -- update to 2.1.1 -- switched to perl based patching instead of cmdline params for make -* Fri Sep 22 2006 poeml@suse.de -- fix build (./install was vanished) diff --git a/modsecurity-apache_2.5.9.tar.gz b/modsecurity-apache_2.5.9.tar.gz deleted file mode 100644 index 7342e45..0000000 --- a/modsecurity-apache_2.5.9.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:02352221ea268f8ae9aae5b84507f51eba2a67c0f7d2efd5cc88e85f1f394056 -size 1252295 diff --git a/modsecurity-apache_2.6.7.tar.gz b/modsecurity-apache_2.6.7.tar.gz new file mode 100644 index 0000000..cd8df78 --- /dev/null +++ b/modsecurity-apache_2.6.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3fa05e2be9e8a6e99747defe0df35ace99ba44683afef5205819db9706c03f29 +size 785852 diff --git a/rules.tar.bz2 b/rules.tar.bz2 new file mode 100644 index 0000000..dcd63ce --- /dev/null +++ b/rules.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5b025dd7e2fc74aebf4bbf671ef238325737cc8a5da9e1eda6c9f739d5d2226b +size 33001