From 33d10cb255bff53531c3094fa8262b9a34446fec Mon Sep 17 00:00:00 2001 From: Michael Fleming Date: Jun 19 2007 09:59:15 +0000 Subject: New upstream release --- diff --git a/.cvsignore b/.cvsignore index 039e1fb..46ea874 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,3 +1,3 @@ -modsecurity-apache_2.1.0.tar.gz +modsecurity-apache_2.1.1.tar.gz mod_security.conf modsecurity_localrules.conf diff --git a/mod_security.conf b/mod_security.conf index 394f1d3..6b4ee20 100644 --- a/mod_security.conf +++ b/mod_security.conf @@ -12,11 +12,9 @@ LoadModule unique_id_module modules/mod_unique_id.so Include modsecurity.d/modsecurity_crs_10_config.conf # Protocol violation and anomalies. - # These are disabled as there's a bug in REQUEST_FILENAME handling - # causing the "+" character to be incorrectly handled. - # Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf - # Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf + Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf + Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf # HTTP policy rules @@ -35,7 +33,6 @@ LoadModule unique_id_module modules/mod_unique_id.so # Include modsecurity.d/modsecurity_crs_55_marketing.conf # Put your local rules in here. - # The existing example is for the CVE-2007-1359 vulnerability Include modsecurity.d/modsecurity_localrules.conf diff --git a/mod_security.spec b/mod_security.spec index c59e723..2901ce9 100644 --- a/mod_security.spec +++ b/mod_security.spec @@ -1,7 +1,7 @@ Summary: Security module for the Apache HTTP Server Name: mod_security -Version: 2.1.0 -Release: 3%{?dist} +Version: 2.1.1 +Release: 1%{?dist} License: GPL URL: http://www.modsecurity.org/ Group: System Environment/Daemons @@ -41,17 +41,21 @@ rm -rf %{buildroot} %defattr (-,root,root) %doc CHANGES LICENSE README.* modsecurity* doc %{_libdir}/httpd/modules/mod_security2.so -%config %{_sysconfdir}/httpd/conf.d/mod_security.conf +%config(noreplace) %{_sysconfdir}/httpd/conf.d/mod_security.conf %dir %{_sysconfdir}/httpd/modsecurity.d %dir %{_sysconfdir}/httpd/modsecurity.d/blocking -%config %{_sysconfdir}/httpd/modsecurity.d/*.conf -%config %{_sysconfdir}/httpd/modsecurity.d/blocking/*.conf +%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/*.conf +%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/blocking/*.conf %changelog -* Mon Apr 2 2007 Michael Fleming 2.1.0-3 -- Sync with devel -- Fix CVE-2007-1359 (bz #231728) +* Tue Jun 19 2007 Michael Fleming 2.1.1-1 +- New upstream release +- Drop ASCIIZ rule (fixed upstream) +- Re-enable protocol violation/anomalies rules now that REQUEST_FILENAME + is fixed upstream. + +* Sun Apr 1 2007 Michael Fleming 2.1.0-3 - Automagically configure correct library path for libxml2 library. - Add LoadModule for mod_unique_id as the logging wants this at runtime diff --git a/sources b/sources index 01d477a..a3457c2 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -2e919766f2878c4ee46334816004dd15 modsecurity-apache_2.1.0.tar.gz -ca0529cce7b56675e5f319c75cbb7398 mod_security.conf -cbd1dbca89666a85fe9d703de26444c6 modsecurity_localrules.conf +ab74ed5f320ffc4ed9f56487bf17c670 modsecurity-apache_2.1.1.tar.gz +f84917a3f4893b8bf9400755a1a9f883 mod_security.conf +80dc93f186cab170828d0ac621baac30 modsecurity_localrules.conf