From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Sep 17 09:40:02 2007 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8873516A469 for ; Mon, 17 Sep 2007 09:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6110913C468 for ; Mon, 17 Sep 2007 09:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id l8H9e2Gj044794 for ; Mon, 17 Sep 2007 09:40:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.1/8.14.1/Submit) id l8H9e2v1044793; Mon, 17 Sep 2007 09:40:02 GMT (envelope-from gnats) Resent-Date: Mon, 17 Sep 2007 09:40:02 GMT Resent-Message-Id: <200709170940.l8H9e2v1044793@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Robin Gruyters Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 78E4716A420 for ; Mon, 17 Sep 2007 09:38:53 +0000 (UTC) (envelope-from robin@yirdis.nl) Received: from mail.yirdis.nl (gw.yirdis.nl [82.148.219.21]) by mx1.freebsd.org (Postfix) with ESMTP id F2D6713C45A for ; Mon, 17 Sep 2007 09:38:52 +0000 (UTC) (envelope-from robin@yirdis.nl) Received: from server.yirdis.net (localhost [127.0.0.1]) by mail.yirdis.nl (8.13.8/8.13.8) with ESMTP id l8H9clAx039002 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 17 Sep 2007 11:38:47 +0200 (CEST) (envelope-from robin@server.yirdis.net) Received: (from robin@localhost) by server.yirdis.net (8.13.8/8.13.8/Submit) id l8H9clT4039001; Mon, 17 Sep 2007 11:38:47 +0200 (CEST) (envelope-from robin) Message-Id: <200709170938.l8H9clT4039001@server.yirdis.net> Date: Mon, 17 Sep 2007 11:38:47 +0200 (CEST) From: Robin Gruyters To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: dom@happygiraffe.net Subject: ports/116414: [PATCH] www/mod_security2: update to 2.1.3 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2007 09:40:02 -0000 >Number: 116414 >Category: ports >Synopsis: [PATCH] www/mod_security2: update to 2.1.3 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Mon Sep 17 09:40:01 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Robin Gruyters >Release: FreeBSD 6.2-RELEASE-p5 i386 >Organization: YIRDIS B.V. >Environment: System: FreeBSD server.yirdis.net 6.2-RELEASE-p5 FreeBSD 6.2-RELEASE-p5 #4: Thu May 31 10:58:52 CEST 2007 >Description: - Update to 2.1.3 Changelog mod_security: * Updated multipart parsing code adding variables to allow checking for various parsing issues (request body abnormalities). * Allow mod_rpaf and mod_extract_forwarded2 to work before ModSecurity. * Quiet some compiler warnings. * Do not block internal ErrorDocument requests after blocking request. * Added ability to compile without an external API (use -DNO_MODSEC_API). * Cleaned up and clarified some documentation. * Update included core rules to latest version (1.4.3). * Enhanced ability to alert/audit failed requests. * Do not trigger "pause" action for internal requests. * Fixed issue with requests that use internal requests. These had the potential to be intercepted incorrectly when other Apache httpd modules that used internal requests were used with mod_security. * Added Solaris and Cygwin to the list of platforms not supporting the hidden visibility attribute. * Fixed decoding full-width unicode in t:urlDecodeUni. * Lessen some overhead of debugging messages and calculations. * Do not try to intercept a request after a failed rule. This fixes the issue associated with an "Internal Error: Asked to intercept request but was_intercepted is zero" error message. * Added SecAuditLog2 directive to allow redundent concurrent audit log index files. This will allow sending audit data to two consoles, etc. * Small performance improvement in memory management for rule execution. Port maintainer (dom@happygiraffe.net) is cc'd. Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- mod_security2-2.1.3.patch begins here --- Index: Makefile =================================================================== RCS file: /data3/Build/CVS/ports/www/mod_security2/Makefile,v retrieving revision 1.8 diff -u -r1.8 Makefile --- Makefile 1 Sep 2007 21:58:02 -0000 1.8 +++ Makefile 17 Sep 2007 09:36:15 -0000 @@ -6,7 +6,7 @@ # PORTNAME= mod_security2 -PORTVERSION= 2.1.1 +PORTVERSION= 2.1.3 CATEGORIES= www security MASTER_SITES= http://www.modsecurity.org/download/ DISTNAME= ${PORTNAME:S/_//:S/2//}-apache_${PORTVERSION} Index: distinfo =================================================================== RCS file: /data3/Build/CVS/ports/www/mod_security2/distinfo,v retrieving revision 1.4 diff -u -r1.4 distinfo --- distinfo 14 Jun 2007 15:46:33 -0000 1.4 +++ distinfo 17 Sep 2007 09:36:38 -0000 @@ -1,3 +1,3 @@ -MD5 (modsecurity-apache_2.1.1.tar.gz) = ab74ed5f320ffc4ed9f56487bf17c670 -SHA256 (modsecurity-apache_2.1.1.tar.gz) = fadeb3b4ce5672c99c094611792b827d45fcd6b38c4c4fa81c4cfdc63c63b71a -SIZE (modsecurity-apache_2.1.1.tar.gz) = 650607 +MD5 (modsecurity-apache_2.1.3.tar.gz) = b98a65ce4fd5deb343e295bac9490331 +SHA256 (modsecurity-apache_2.1.3.tar.gz) = 875c35778a1e2d56859ec754272f80d05bc892db40341996e3a8c54e74076036 +SIZE (modsecurity-apache_2.1.3.tar.gz) = 674923 --- mod_security2-2.1.3.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: