apache2-mod_security2-2.5.9-9.1 RPM for x86_64

From OpenSuSE 11.4 for x86_64

ModSecurity(TM) is an open source intrusion detection and prevention
engine for web applications (or a web application firewall). Operating
as an Apache Web server module or standalone, the purpose of
ModSecurity is to increase web application security, protecting web
applications from known and unknown attacks.

Provides

• apache2-mod_security2
• mod_security2.so()(64bit)
• apache2-mod_security2(x86-64)

Requires

• apache2 = 2.2.17
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(CompressedFileNames) <= 3.0.4-1
• /usr/bin/perl
• libapr-1.so.0()(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libcurl.so.4()(64bit)
• libpcre.so.0()(64bit) <=
• libpthread.so.0()(64bit) =
• libxml2.so.2()(64bit) >=
• rpmlib(PayloadIsLzma)

License

GPL v2 only; GPLv2 with some FLOSS linking exceptions

Changelog

* Thu May 14 2009 mrueckert@suse.de
  - update to version 2.5.9
    - Fixed parsing multipart content with a missing part header name
      which would crash Apache.  Discovered by "Internet Security
      Auditors" (isecauditors.com).
    - Added ability to specify the config script directly using
    - -with-apr and --with-apu.
    - Added macro expansion for append/prepend action.
    - Fixed race condition in concurrent updates of persistent
      counters.  Updates are now atomic.
    - Cleaned up build, adding an option for verbose configure output
      and making the mlogc build more portable.
  - additional changes from 2.5.8
    - Fixed PDF XSS issue where a non-GET request for a PDF file
      would crash the Apache httpd process.  Discovered by Steve
      Grubb at Red Hat.
    - Removed an invalid "Internal error: Issuing "%s" for
      unspecified error." message that was logged when denying with
      nolog/noauditlog set and causing the request to be audited.
  - additional changes from 2.5.7
    - Fixed XML DTD/Schema validation which will now fail after
      request body processing errors, even if the XML parser returns
      a document tree.
    - Added ctl:forceRequestBodyVariable=on|off which, when enabled,
      will force the REQUEST_BODY variable to be set when a request
      body processor is not set.  Previously the REQUEST_BODY target
      was only populated by the URLENCODED request body processor.
    - Integrated mlogc source.
    - Fixed logging the hostname in the error_log which was logging
      the request hostname instead of the Apache resolved hostname.
    - Allow for disabling request body limit checks in phase:1.
    - Added transformations for processing parity for legacy
      protocols ported to HTTP(S): t:parityEven7bit, t:parityOdd7bit,
      t:parityZero7bit
    - Added t:cssDecode transformation to decode CSS escapes.
    - Now log XML parsing/validation warnings and errors to be in the
      debug log at levels 3 and 4, respectivly.
  - build and package mlogc
  - remove --with-apxs from the configure args as it breaks the build
    configure now finds our apxs2
* Fri Jan 23 2009 skh@suse.de
  - fix broken config [bnc#457200]
* Mon Sep 15 2008 skh@suse.de
  - update to version 2.5.6
  - initial submit to FACTORY
* Mon May 12 2008 jg@internetx.de
  -update to 2.1.7
* Sun Feb 03 2008 jg@internetx.de
  -update to 2.1.6
* Wed Aug 08 2007 mrueckert@suse.de
  - update to 2.1.2
* Mon Apr 16 2007 mrueckert@suse.de
  - update to 2.1.1
  - switched to perl based patching instead of cmdline params for make
* Fri Sep 22 2006 poeml@suse.de
  - fix build (./install was vanished)

Files

/etc/apache2/conf.d/mod_security2.conf
/etc/mlogc.conf
/usr/lib64/apache2/mod_security2.so
/usr/sbin/mlogc
/usr/sbin/mlogc-batch-load.pl
/usr/share/doc/packages/apache2-mod_security2
/usr/share/doc/packages/apache2-mod_security2/CHANGES
/usr/share/doc/packages/apache2-mod_security2/INSTALL.mlogc
/usr/share/doc/packages/apache2-mod_security2/LICENSE
/usr/share/doc/packages/apache2-mod_security2/MODSECURITY_LICENSING_EXCEPTION
/usr/share/doc/packages/apache2-mod_security2/README.TXT
/usr/share/doc/packages/apache2-mod_security2/api
/usr/share/doc/packages/apache2-mod_security2/api/README
/usr/share/doc/packages/apache2-mod_security2/api/mod_op_strstr.c
/usr/share/doc/packages/apache2-mod_security2/api/mod_tfn_reverse.c
/usr/share/doc/packages/apache2-mod_security2/api/mod_var_remote_addr_port.c
/usr/share/doc/packages/apache2-mod_security2/html-multipage
/usr/share/doc/packages/apache2-mod_security2/html-multipage/actions.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/apache_request_cycle-modsecurity.jpg
/usr/share/doc/packages/apache2-mod_security2/html-multipage/ar01s02.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/ar01s10.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/ar01s11.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/ar01s12.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/breach-logo-small.gif
/usr/share/doc/packages/apache2-mod_security2/html-multipage/configuration-directives.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/index.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/installation.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/introduction.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/modsecurity-reference.css
/usr/share/doc/packages/apache2-mod_security2/html-multipage/modsecurity.gif
/usr/share/doc/packages/apache2-mod_security2/html-multipage/operators.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/processing-phases.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/transformation-functions.html
/usr/share/doc/packages/apache2-mod_security2/html-multipage/variables.html
/usr/share/doc/packages/apache2-mod_security2/mlogc-default.conf
/usr/share/doc/packages/apache2-mod_security2/modsecurity.conf-minimal
/usr/share/doc/packages/apache2-mod_security2/modsecurity2-apache-reference.pdf
/usr/share/doc/packages/apache2-mod_security2/modsecurity2-data-formats.pdf
/usr/share/doc/packages/apache2-mod_security2/rules
/usr/share/doc/packages/apache2-mod_security2/rules/CHANGELOG
/usr/share/doc/packages/apache2-mod_security2/rules/LICENSE
/usr/share/doc/packages/apache2-mod_security2/rules/README
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_10_config.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_20_protocol_violations.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_21_protocol_anomalies.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_23_request_limits.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_30_http_policy.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_35_bad_robots.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_40_generic_attacks.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_45_trojans.conf
/usr/share/doc/packages/apache2-mod_security2/rules/modsecurity_crs_50_outbound.conf
/usr/share/doc/packages/apache2-mod_security2/rules/optional_rules
/usr/share/doc/packages/apache2-mod_security2/rules/optional_rules/modsecurity_crs_20_protocol_violations.conf
/usr/share/doc/packages/apache2-mod_security2/rules/optional_rules/modsecurity_crs_21_protocol_anomalies.conf
/usr/share/doc/packages/apache2-mod_security2/rules/optional_rules/modsecurity_crs_40_generic_attacks.conf
/usr/share/doc/packages/apache2-mod_security2/rules/optional_rules/modsecurity_crs_42_comment_spam.conf
/usr/share/doc/packages/apache2-mod_security2/rules/optional_rules/modsecurity_crs_42_tight_security.conf
/usr/share/doc/packages/apache2-mod_security2/rules/optional_rules/modsecurity_crs_55_marketing.conf
/usr/share/doc/packages/apache2-mod_security2/tools
/usr/share/doc/packages/apache2-mod_security2/tools/README
/usr/share/doc/packages/apache2-mod_security2/tools/rules-updater-example.conf
/usr/share/doc/packages/apache2-mod_security2/tools/rules-updater.pl
/usr/share/doc/packages/apache2-mod_security2/tools/rules-updater.pl.in

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Jun 10 10:35:16 2013