rpm/apache2-mod_security2
SHA256
1
0
Fork 0
forked from pool/apache2-mod_security2
Code Pull Requests Activity
efb9e595f9
apache2-mod_security2/.gitattributes
Roman Drahtmueller fdf6dd2bf3 Accepting request 206042 from home:draht:branches:Apache:Modules 
- complete overhaul of this package, with update to 2.7.5.
- ruleset update to 2.2.8-0-g0f07cbb.
- new configuration framework private to mod_security2:
  /etc/apache2/conf.d/mod_security2.conf loads
  /usr/share/apache2-mod_security2/rules/modsecurity_crs_10_setup.conf,
  then /etc/apache2/mod_security2.d/*.conf , as set up based on
  advice in /etc/apache2/conf.d/mod_security2.conf
  Your configuration starting point is
  /etc/apache2/conf.d/mod_security2.conf
- !!! Please note that mod_unique_id is needed for mod_security2 to run!
- modsecurity-apache_2.7.5-build_fix_pcre.diff changes erroneaous
  linker parameter, preventing rpath in shared object.
- fixes contained for the following bugs:
  * CVE-2009-5031, CVE-2012-2751 [bnc#768293] request parameter handling
  * [bnc#768293] multi-part bypass, minor threat
  * CVE-2013-1915 [bnc#813190] XML external entity vulnerability
  * CVE-2012-4528 [bnc#789393] rule bypass
  * CVE-2013-2765 [bnc#822664] null pointer dereference crash
- new from 2.5.9 to 2.7.5, only major changes:
  * GPLv2 replaced by Apache License v2
  * rules are not part of the source tarball any longer, but
    maintaned upstream externally, and included in this package.
  * documentation was externalized to a wiki. Package contains
    the FAQ and the reference manual in html form.
  * renamed the term "Encryption" in directives that actually refer
    to hashes. See CHANGES file for more details.
  * new directive SecXmlExternalEntity, default off
  * byte conversion issues on s390x when logging fixed.
  * many small issues fixed that were discovered by a Coverity scanner
  * updated reference manual

OBS-URL: https://build.opensuse.org/request/show/206042
OBS-URL: https://build.opensuse.org/package/show/Apache:Modules/apache2-mod_security2?expand=0&rev=42
2013-11-06 23:16:14 +00:00

26 lines
1.0 KiB
Plaintext
Raw Blame History

## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text
## Specific LFS patterns
modsecurity_diagram_apache_request_cycle.jpg filter=lfs diff=lfs merge=lfs -text
View Git Blame Copy Permalink