pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/ap-modsecurity2 Update to 2.5.9
details: https://anonhg.NetBSD.org/pkgsrc/rev/67e477c2d8d1
branches: trunk
changeset: 555946:67e477c2d8d1
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Sat Mar 14 13:45:38 2009 +0000
description:
Update to 2.5.9
* Fixed PDF XSS issue where a non-GET request for a PDF file would crash the
Apache httpd process. Discovered by Steve Grubb at Red Hat.
* Removed an invalid "Internal error: Issuing "%s" for unspecified error."
message that was logged when denying with nolog/noauditlog set and
causing the request to be audited.
* Fixed parsing multipart content with a missing part header name which
would crash Apache. Discovered by "Internet Security Auditors"
(isecauditors.com).
* Added ability to specify the config script directly using --with-apr
and --with-apu.
* Updated copyright year to 2009.
* Added macro expansion for append/prepend action.
* Fixed race condition in concurrent updates of persistent counters. Updates
are now atomic.
* Cleaned up build, adding an option for verbose configure output and making
the mlogc build more portable.
diffstat:
security/ap-modsecurity2/Makefile | 13 ++++++++-----
security/ap-modsecurity2/PLIST | 6 ++++--
security/ap-modsecurity2/distinfo | 9 +++++----
security/ap-modsecurity2/patches/patch-aa | 22 ++++++++++++++++++++++
4 files changed, 39 insertions(+), 11 deletions(-)
diffs (97 lines):
diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/Makefile
--- a/security/ap-modsecurity2/Makefile Sat Mar 14 12:10:21 2009 +0000
+++ b/security/ap-modsecurity2/Makefile Sat Mar 14 13:45:38 2009 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2009/02/23 22:01:11 adrianp Exp $
+# $NetBSD: Makefile,v 1.13 2009/03/14 13:45:38 adrianp Exp $
-DISTNAME= modsecurity-apache_2.5.7
+DISTNAME= modsecurity-apache_2.5.9
PKGNAME= ${APACHE_PKG_PREFIX}-${DISTNAME:S/apache_//}
-PKGREVISION= 1
CATEGORIES= www security
MASTER_SITES= http://www.modsecurity.org/download/
@@ -23,10 +22,14 @@
CONFIGURE_ARGS+= --with-apxs=${PREFIX}/sbin/apxs
CONFIGURE_ARGS+= --with-pcre=${PREFIX}
-CONFIGURE_ARGS+= --with-apr=${PREFIX}
-CONFIGURE_ARGS+= --with-apu=${PREFIX}
CONFIGURE_ARGS+= --with-libxml=${PREFIX}
+SUBST_CLASSES+= config
+SUBST_STAGE.config= post-patch
+SUBST_FILES.config= configure
+SUBST_SED.config= -e "s|@@PREFIX@@|${PREFIX}|g"
+SUBST_MESSAGE.config= Fixing configuration files.
+
EGDIR= ${PREFIX}/share/examples/ap-modsecurity
CONF_FILES= ${EGDIR}/modsecurity.conf-minimal \
${PKG_SYSCONFDIR}/httpd/modsecurity.conf
diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/PLIST
--- a/security/ap-modsecurity2/PLIST Sat Mar 14 12:10:21 2009 +0000
+++ b/security/ap-modsecurity2/PLIST Sat Mar 14 13:45:38 2009 +0000
@@ -1,11 +1,10 @@
-@comment $NetBSD: PLIST,v 1.4 2008/10/12 12:50:17 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.5 2009/03/14 13:45:38 adrianp Exp $
lib/httpd/mod_security2.so
share/doc/ap-modsecurity/apache_request_cycle-modsecurity.jpg
share/doc/ap-modsecurity/breach-logo-small.gif
share/doc/ap-modsecurity/html-multipage/actions.html
share/doc/ap-modsecurity/html-multipage/ar01s11.html
share/doc/ap-modsecurity/html-multipage/ar01s12.html
-share/doc/ap-modsecurity/html-multipage/ar01s13.html
share/doc/ap-modsecurity/html-multipage/configuration-directives.html
share/doc/ap-modsecurity/html-multipage/installation.html
share/doc/ap-modsecurity/html-multipage/introduction.html
@@ -26,6 +25,9 @@
share/doc/ap-modsecurity/modsecurity2-apache-reference.html
share/doc/ap-modsecurity/modsecurity2-apache-reference.pdf
share/doc/ap-modsecurity/modsecurity2-apache-reference.xml
+share/doc/ap-modsecurity/modsecurity2-data-formats.html
+share/doc/ap-modsecurity/modsecurity2-data-formats.pdf
+share/doc/ap-modsecurity/modsecurity2-data-formats.xml
share/doc/ap-modsecurity/modsecurity.gif
share/doc/ap-modsecurity/modsecurity-reference.css
share/examples/ap-modsecurity/modsecurity.conf-minimal
diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/distinfo
--- a/security/ap-modsecurity2/distinfo Sat Mar 14 12:10:21 2009 +0000
+++ b/security/ap-modsecurity2/distinfo Sat Mar 14 13:45:38 2009 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.5 2008/10/12 12:50:17 adrianp Exp $
+$NetBSD: distinfo,v 1.6 2009/03/14 13:45:38 adrianp Exp $
-SHA1 (modsecurity-apache_2.5.7.tar.gz) = 29a4f8f376dbc1ab3b05c943a1a3c1e4a9e8196a
-RMD160 (modsecurity-apache_2.5.7.tar.gz) = 063f68123bc8b70a4abc457c3794d751ab1ebede
-Size (modsecurity-apache_2.5.7.tar.gz) = 1117167 bytes
+SHA1 (modsecurity-apache_2.5.9.tar.gz) = 875919332a918956371fe8e2f7e46d88081857cf
+RMD160 (modsecurity-apache_2.5.9.tar.gz) = adab10e5eab50f0d114e3ccb47c343e744119c8f
+Size (modsecurity-apache_2.5.9.tar.gz) = 1252295 bytes
+SHA1 (patch-aa) = 19642ee3f22bd502208ee868cf24fb050bd2c56d
diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/ap-modsecurity2/patches/patch-aa Sat Mar 14 13:45:38 2009 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-aa,v 1.6 2009/03/14 13:45:38 adrianp Exp $
+
+--- configure.orig 2009-03-12 06:15:45.000000000 +0000
++++ configure
+@@ -5479,7 +5479,7 @@ fi
+
+ if test -z "${with_apr}"; then
+ if test -z "${apr_path}"; then
+- test_paths="/usr/local/apr /usr/local /usr"
++ test_paths="@@PREFIX@@ /usr/local/apr /usr/local /usr"
+ else
+ test_paths="${apr_path}"
+ fi
+@@ -5562,7 +5562,7 @@ fi
+
+ if test -z "${with_apu}"; then
+ if test -z "${apu_path}"; then
+- test_paths="/usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr"
++ test_paths="@@PREFIX@@ /usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr"
+ else
+ test_paths="${apu_path}"
+ fi
Home |
Main Index |
Thread Index |
Old Index