Changes - j0ke.net Open Build Service

Changes of Revision 26

[-] [+]	Changed	mod_security-ix.changes
@@ -1,4 +1,9 @@ ------------------------------------------------------------------- +Wed Oct 3 08:11:29 UTC 2012 - cs@linux-administrator.com + +- Update to release 2.6.8 + +------------------------------------------------------------------- Sun Jul 29 16:02:36 UTC 2012 - cs@linux-administrator.com - Update to release 2.6.7
[-] [+]	Changed	mod_security-ix.spec ^
@@ -1,6 +1,6 @@ Summary: Security module for the Apache HTTP Server Name: mod_security -Version: 2.6.7 +Version: 2.6.8 Release: 25 License: GPLv2 URL: http://www.modsecurity.org/
[-] [+]	Changed	modsecurity-apache_2.6.8.tar.bz2/CHANGES ^
@@ -1,7 +1,12 @@ -23 Jul 2012 - 2.6.7 +25 Sep 2012 - 2.6.8 ------------------- - * Fixed PCRE mismtach version warning message (Thanks Victor Julien). + * Fixed ctl:ruleRemoveTargetByID order issue (MODSEC-333). Thanks to Armadillo Dasypodidae. + + * Fixed variable HIGHEST_SEVERITY incorrectly gets reset in a chain rule (MODSEC-315). Thanks to Valery Reznic. + +23 Jul 2012 - 2.6.7 +------------------- * Fixed explicit target replacement using SecUpdateTargetById was broken.
[-] [+]	Changed	modsecurity-apache_2.6.8.tar.bz2/apache2/mod_security2.c ^
@@ -84,7 +84,7 @@ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "ModSecurity: Loaded APR do not match with compiled!"); } - pcre_vrs = apr_psprintf(mp,"%d.%02d", PCRE_MAJOR, PCRE_MINOR); + pcre_vrs = apr_psprintf(mp,"%d.%d ", PCRE_MAJOR, PCRE_MINOR); ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: PCRE compiled version=\"%s\"; "
[-] [+]	Changed	modsecurity-apache_2.6.8.tar.bz2/apache2/msc_release.h ^
@@ -38,7 +38,7 @@ #define MODSEC_VERSION_MAJOR "2" #define MODSEC_VERSION_MINOR "6" -#define MODSEC_VERSION_MAINT "7" +#define MODSEC_VERSION_MAINT "8" #define MODSEC_VERSION_TYPE "" #define MODSEC_VERSION_RELEASE ""
[-] [+]	Changed	modsecurity-apache_2.6.8.tar.bz2/apache2/re.c ^
@@ -52,7 +52,7 @@ char myvalue = NULL, myname = NULL; const apr_array_header_t tarr = NULL; const apr_table_entry_t telts = NULL; - int i, match; + int i, match = 0; if(msr == NULL) return 0; @@ -107,6 +107,7 @@ name = apr_strtok(variable,":",&value); } else { name = variable; + value = NULL; } if((strlen(myname) == strlen(name)) && @@ -148,7 +149,7 @@ } - if(match) + if(match == 1) return 1; return 0; @@ -2384,8 +2385,8 @@ } /* Keep track of the highest severity matched so far */ - if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity)) - { + if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity) + && !rule->actionset->is_chained) { msr->highest_severity = acting_actionset->severity; }