pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/ap-modsecurity2 Update to 2.5.9



details:   https://anonhg.NetBSD.org/pkgsrc/rev/67e477c2d8d1
branches:  trunk
changeset: 555946:67e477c2d8d1
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Sat Mar 14 13:45:38 2009 +0000

description:
Update to 2.5.9
 * Fixed PDF XSS issue where a non-GET request for a PDF file would crash the
   Apache httpd process.  Discovered by Steve Grubb at Red Hat.

 * Removed an invalid "Internal error: Issuing "%s" for unspecified error."
   message that was logged when denying with nolog/noauditlog set and
   causing the request to be audited.

 * Fixed parsing multipart content with a missing part header name which
   would crash Apache.  Discovered by "Internet Security Auditors"
   (isecauditors.com).

 * Added ability to specify the config script directly using --with-apr
   and --with-apu.

 * Updated copyright year to 2009.

 * Added macro expansion for append/prepend action.

 * Fixed race condition in concurrent updates of persistent counters.  Updates
   are now atomic.

 * Cleaned up build, adding an option for verbose configure output and making
   the mlogc build more portable.

diffstat:

 security/ap-modsecurity2/Makefile         |  13 ++++++++-----
 security/ap-modsecurity2/PLIST            |   6 ++++--
 security/ap-modsecurity2/distinfo         |   9 +++++----
 security/ap-modsecurity2/patches/patch-aa |  22 ++++++++++++++++++++++
 4 files changed, 39 insertions(+), 11 deletions(-)

diffs (97 lines):

diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/Makefile
--- a/security/ap-modsecurity2/Makefile Sat Mar 14 12:10:21 2009 +0000
+++ b/security/ap-modsecurity2/Makefile Sat Mar 14 13:45:38 2009 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2009/02/23 22:01:11 adrianp Exp $
+# $NetBSD: Makefile,v 1.13 2009/03/14 13:45:38 adrianp Exp $
 
-DISTNAME=      modsecurity-apache_2.5.7
+DISTNAME=      modsecurity-apache_2.5.9
 PKGNAME=       ${APACHE_PKG_PREFIX}-${DISTNAME:S/apache_//}
-PKGREVISION=   1
 CATEGORIES=    www security
 MASTER_SITES=  http://www.modsecurity.org/download/
 
@@ -23,10 +22,14 @@
 
 CONFIGURE_ARGS+=       --with-apxs=${PREFIX}/sbin/apxs
 CONFIGURE_ARGS+=       --with-pcre=${PREFIX}
-CONFIGURE_ARGS+=       --with-apr=${PREFIX}
-CONFIGURE_ARGS+=       --with-apu=${PREFIX}
 CONFIGURE_ARGS+=        --with-libxml=${PREFIX}
 
+SUBST_CLASSES+=                config
+SUBST_STAGE.config=    post-patch
+SUBST_FILES.config=    configure
+SUBST_SED.config=       -e "s|@@PREFIX@@|${PREFIX}|g"
+SUBST_MESSAGE.config=   Fixing configuration files.
+
 EGDIR=                 ${PREFIX}/share/examples/ap-modsecurity
 CONF_FILES=            ${EGDIR}/modsecurity.conf-minimal \
                        ${PKG_SYSCONFDIR}/httpd/modsecurity.conf
diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/PLIST
--- a/security/ap-modsecurity2/PLIST    Sat Mar 14 12:10:21 2009 +0000
+++ b/security/ap-modsecurity2/PLIST    Sat Mar 14 13:45:38 2009 +0000
@@ -1,11 +1,10 @@
-@comment $NetBSD: PLIST,v 1.4 2008/10/12 12:50:17 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.5 2009/03/14 13:45:38 adrianp Exp $
 lib/httpd/mod_security2.so
 share/doc/ap-modsecurity/apache_request_cycle-modsecurity.jpg
 share/doc/ap-modsecurity/breach-logo-small.gif
 share/doc/ap-modsecurity/html-multipage/actions.html
 share/doc/ap-modsecurity/html-multipage/ar01s11.html
 share/doc/ap-modsecurity/html-multipage/ar01s12.html
-share/doc/ap-modsecurity/html-multipage/ar01s13.html
 share/doc/ap-modsecurity/html-multipage/configuration-directives.html
 share/doc/ap-modsecurity/html-multipage/installation.html
 share/doc/ap-modsecurity/html-multipage/introduction.html
@@ -26,6 +25,9 @@
 share/doc/ap-modsecurity/modsecurity2-apache-reference.html
 share/doc/ap-modsecurity/modsecurity2-apache-reference.pdf
 share/doc/ap-modsecurity/modsecurity2-apache-reference.xml
+share/doc/ap-modsecurity/modsecurity2-data-formats.html
+share/doc/ap-modsecurity/modsecurity2-data-formats.pdf
+share/doc/ap-modsecurity/modsecurity2-data-formats.xml
 share/doc/ap-modsecurity/modsecurity.gif
 share/doc/ap-modsecurity/modsecurity-reference.css
 share/examples/ap-modsecurity/modsecurity.conf-minimal
diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/distinfo
--- a/security/ap-modsecurity2/distinfo Sat Mar 14 12:10:21 2009 +0000
+++ b/security/ap-modsecurity2/distinfo Sat Mar 14 13:45:38 2009 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.5 2008/10/12 12:50:17 adrianp Exp $
+$NetBSD: distinfo,v 1.6 2009/03/14 13:45:38 adrianp Exp $
 
-SHA1 (modsecurity-apache_2.5.7.tar.gz) = 29a4f8f376dbc1ab3b05c943a1a3c1e4a9e8196a
-RMD160 (modsecurity-apache_2.5.7.tar.gz) = 063f68123bc8b70a4abc457c3794d751ab1ebede
-Size (modsecurity-apache_2.5.7.tar.gz) = 1117167 bytes
+SHA1 (modsecurity-apache_2.5.9.tar.gz) = 875919332a918956371fe8e2f7e46d88081857cf
+RMD160 (modsecurity-apache_2.5.9.tar.gz) = adab10e5eab50f0d114e3ccb47c343e744119c8f
+Size (modsecurity-apache_2.5.9.tar.gz) = 1252295 bytes
+SHA1 (patch-aa) = 19642ee3f22bd502208ee868cf24fb050bd2c56d
diff -r 25c565bea123 -r 67e477c2d8d1 security/ap-modsecurity2/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/ap-modsecurity2/patches/patch-aa Sat Mar 14 13:45:38 2009 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-aa,v 1.6 2009/03/14 13:45:38 adrianp Exp $
+
+--- configure.orig     2009-03-12 06:15:45.000000000 +0000
++++ configure
+@@ -5479,7 +5479,7 @@ fi
+ 
+ if test -z "${with_apr}"; then
+         if test -z "${apr_path}"; then
+-        test_paths="/usr/local/apr /usr/local /usr"
++        test_paths="@@PREFIX@@ /usr/local/apr /usr/local /usr"
+     else
+         test_paths="${apr_path}"
+     fi
+@@ -5562,7 +5562,7 @@ fi
+ 
+ if test -z "${with_apu}"; then
+         if test -z "${apu_path}"; then
+-        test_paths="/usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr"
++        test_paths="@@PREFIX@@ /usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr"
+     else
+         test_paths="${apu_path}"
+     fi



Home | Main Index | Thread Index | Old Index