rpm/apache2-mod_security2
SHA256
1
0
Fork 0
forked from pool/apache2-mod_security2
Code Pull Requests Activity
4263c40609
apache2-mod_security2/apache2-mod_security2.spec

147 lines
5.6 KiB
RPMSpec
Raw Blame History

#
# spec file for package apache2-mod_security2 (Version 2.5.9)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: apache2-mod_security2
Version: 2.5.9
Release: 1
#
License: GPL v2 only; GPLv2 with some FLOSS linking exceptions
Group: Productivity/Networking/Web/Servers
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: apache2-devel apache2-prefork c++_compiler curl-devel libxml2-devel pcre-devel
%define apache apache2
%define modname mod_security2
%define tarballname modsecurity-apache_%{version}
#
%define apxs %{_sbindir}/apxs2
%define apache_libexecdir %(%{apxs} -q LIBEXECDIR)
%define apache_sysconfdir %(%{apxs} -q SYSCONFDIR)
%define apache_mmn %(MMN=$(%{apxs} -q LIBEXECDIR)/MMN; test -x $MMN && $MMN)
Requires: apache2 %{apache_mmn}
#
Url: http://www.modsecurity.org/
Source: http://www.modsecurity.org/download/%{tarballname}.tar.gz
Source1: mod_security2.conf
#
Summary: ModSecurity Open Source Web Application Firewall
%description
ModSecurity(TM) is an open source intrusion detection and prevention
engine for web applications (or a web application firewall). Operating
as an Apache Web server module or standalone, the purpose of
ModSecurity is to increase web application security, protecting web
applications from known and unknown attacks.
%prep
%setup -n %{tarballname}
%build
pushd %{apache}
./configure
make
make -C mlogc-src/
popd
%install
pushd %{apache}
install -D -m 0755 .libs/mod_security2.so %{buildroot}%{apache_libexecdir}/%{modname}.so
install -D -m 0755 mlogc-src/mlogc %{buildroot}%{_sbindir}/mlogc
install -D -m 0755 mlogc-src/mlogc-batch-load.pl %{buildroot}%{_sbindir}/mlogc-batch-load.pl
install -D -m 0640 mlogc-src/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf
cp mlogc-src/INSTALL mlogc-src/INSTALL.mlogc
popd
install -D -m 0644 %{SOURCE1} %{buildroot}%{apache_sysconfdir}/conf.d/%{modname}.conf
%clean
%{__rm} -rf %{buildroot};
%files
%defattr(-, root, root, 0755)
%{apache_libexecdir}/%{modname}.so
%config(noreplace) %{apache_sysconfdir}/conf.d/%{modname}.conf
%doc doc/html-multipage/ doc/*.pdf
%doc README.TXT CHANGES LICENSE MODSECURITY_LICENSING_EXCEPTION modsecurity.conf-minimal
%doc apache2/mlogc-src/INSTALL.mlogc apache2/mlogc-src/mlogc-default.conf
%doc tools/ rules/ apache2/api/
%{_sbindir}/mlogc
%{_sbindir}/mlogc-batch-load.pl
%config(noreplace) %{_sysconfdir}/mlogc.conf
%changelog
* Thu May 14 2009 mrueckert@suse.de
- update to version 2.5.9
- Fixed parsing multipart content with a missing part header name
which would crash Apache. Discovered by "Internet Security
Auditors" (isecauditors.com).
- Added ability to specify the config script directly using
--with-apr and --with-apu.
- Added macro expansion for append/prepend action.
- Fixed race condition in concurrent updates of persistent
counters. Updates are now atomic.
- Cleaned up build, adding an option for verbose configure output
and making the mlogc build more portable.
- additional changes from 2.5.8
- Fixed PDF XSS issue where a non-GET request for a PDF file
would crash the Apache httpd process. Discovered by Steve
Grubb at Red Hat.
- Removed an invalid "Internal error: Issuing "%%s" for
unspecified error." message that was logged when denying with
nolog/noauditlog set and causing the request to be audited.
- additional changes from 2.5.7
- Fixed XML DTD/Schema validation which will now fail after
request body processing errors, even if the XML parser returns
a document tree.
- Added ctl:forceRequestBodyVariable=on|off which, when enabled,
will force the REQUEST_BODY variable to be set when a request
body processor is not set. Previously the REQUEST_BODY target
was only populated by the URLENCODED request body processor.
- Integrated mlogc source.
- Fixed logging the hostname in the error_log which was logging
the request hostname instead of the Apache resolved hostname.
- Allow for disabling request body limit checks in phase:1.
- Added transformations for processing parity for legacy
protocols ported to HTTP(S): t:parityEven7bit, t:parityOdd7bit,
t:parityZero7bit
- Added t:cssDecode transformation to decode CSS escapes.
- Now log XML parsing/validation warnings and errors to be in the
debug log at levels 3 and 4, respectivly.
- build and package mlogc
- remove --with-apxs from the configure args as it breaks the build
configure now finds our apxs2
* Fri Jan 23 2009 skh@suse.de
- fix broken config [bnc#457200]
* Mon Sep 15 2008 skh@suse.de
- update to version 2.5.6
- initial submit to FACTORY
* Mon May 12 2008 jg@internetx.de
-update to 2.1.7
* Sun Feb 03 2008 jg@internetx.de
-update to 2.1.6
* Wed Aug 08 2007 mrueckert@suse.de
- update to 2.1.2
* Mon Apr 16 2007 mrueckert@suse.de
- update to 2.1.1
- switched to perl based patching instead of cmdline params for make
* Fri Sep 22 2006 poeml@suse.de
- fix build (./install was vanished)
View Git Blame Copy Permalink