diff options
author | adrianp <adrianp@pkgsrc.org> | 2009-03-14 13:45:38 +0000 |
---|---|---|
committer | adrianp <adrianp@pkgsrc.org> | 2009-03-14 13:45:38 +0000 |
commit | d8952f2109992fab81c4bb20902d4fb6548be7d2 (patch) | |
tree | 1f951e1f35403b876bb2c7a79a60b9d7fcaca534 /security/ap-modsecurity2 | |
parent | ca7a34eb3278a5798c58442ca417dda962b4b377 (diff) | |
download | pkgsrc-d8952f2109992fab81c4bb20902d4fb6548be7d2.tar.gz |
Update to 2.5.9
* Fixed PDF XSS issue where a non-GET request for a PDF file would crash the
Apache httpd process. Discovered by Steve Grubb at Red Hat.
* Removed an invalid "Internal error: Issuing "%s" for unspecified error."
message that was logged when denying with nolog/noauditlog set and
causing the request to be audited.
* Fixed parsing multipart content with a missing part header name which
would crash Apache. Discovered by "Internet Security Auditors"
(isecauditors.com).
* Added ability to specify the config script directly using --with-apr
and --with-apu.
* Updated copyright year to 2009.
* Added macro expansion for append/prepend action.
* Fixed race condition in concurrent updates of persistent counters. Updates
are now atomic.
* Cleaned up build, adding an option for verbose configure output and making
the mlogc build more portable.
Diffstat (limited to 'security/ap-modsecurity2')
-rw-r--r-- | security/ap-modsecurity2/Makefile | 13 | ||||
-rw-r--r-- | security/ap-modsecurity2/PLIST | 6 | ||||
-rw-r--r-- | security/ap-modsecurity2/distinfo | 9 | ||||
-rw-r--r-- | security/ap-modsecurity2/patches/patch-aa | 22 |
4 files changed, 39 insertions, 11 deletions
diff --git a/security/ap-modsecurity2/Makefile b/security/ap-modsecurity2/Makefile index cc4c5ca326e..9de3bf19730 100644 --- a/security/ap-modsecurity2/Makefile +++ b/security/ap-modsecurity2/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.12 2009/02/23 22:01:11 adrianp Exp $ +# $NetBSD: Makefile,v 1.13 2009/03/14 13:45:38 adrianp Exp $ -DISTNAME= modsecurity-apache_2.5.7 +DISTNAME= modsecurity-apache_2.5.9 PKGNAME= ${APACHE_PKG_PREFIX}-${DISTNAME:S/apache_//} -PKGREVISION= 1 CATEGORIES= www security MASTER_SITES= http://www.modsecurity.org/download/ @@ -23,10 +22,14 @@ USE_LANGUAGES+= c++ c CONFIGURE_ARGS+= --with-apxs=${PREFIX}/sbin/apxs CONFIGURE_ARGS+= --with-pcre=${PREFIX} -CONFIGURE_ARGS+= --with-apr=${PREFIX} -CONFIGURE_ARGS+= --with-apu=${PREFIX} CONFIGURE_ARGS+= --with-libxml=${PREFIX} +SUBST_CLASSES+= config +SUBST_STAGE.config= post-patch +SUBST_FILES.config= configure +SUBST_SED.config= -e "s|@@PREFIX@@|${PREFIX}|g" +SUBST_MESSAGE.config= Fixing configuration files. + EGDIR= ${PREFIX}/share/examples/ap-modsecurity CONF_FILES= ${EGDIR}/modsecurity.conf-minimal \ ${PKG_SYSCONFDIR}/httpd/modsecurity.conf diff --git a/security/ap-modsecurity2/PLIST b/security/ap-modsecurity2/PLIST index 1c9918cdab5..82e55ae4e72 100644 --- a/security/ap-modsecurity2/PLIST +++ b/security/ap-modsecurity2/PLIST @@ -1,11 +1,10 @@ -@comment $NetBSD: PLIST,v 1.4 2008/10/12 12:50:17 adrianp Exp $ +@comment $NetBSD: PLIST,v 1.5 2009/03/14 13:45:38 adrianp Exp $ lib/httpd/mod_security2.so share/doc/ap-modsecurity/apache_request_cycle-modsecurity.jpg share/doc/ap-modsecurity/breach-logo-small.gif share/doc/ap-modsecurity/html-multipage/actions.html share/doc/ap-modsecurity/html-multipage/ar01s11.html share/doc/ap-modsecurity/html-multipage/ar01s12.html -share/doc/ap-modsecurity/html-multipage/ar01s13.html share/doc/ap-modsecurity/html-multipage/configuration-directives.html share/doc/ap-modsecurity/html-multipage/installation.html share/doc/ap-modsecurity/html-multipage/introduction.html @@ -26,6 +25,9 @@ share/doc/ap-modsecurity/index.html share/doc/ap-modsecurity/modsecurity2-apache-reference.html share/doc/ap-modsecurity/modsecurity2-apache-reference.pdf share/doc/ap-modsecurity/modsecurity2-apache-reference.xml +share/doc/ap-modsecurity/modsecurity2-data-formats.html +share/doc/ap-modsecurity/modsecurity2-data-formats.pdf +share/doc/ap-modsecurity/modsecurity2-data-formats.xml share/doc/ap-modsecurity/modsecurity.gif share/doc/ap-modsecurity/modsecurity-reference.css share/examples/ap-modsecurity/modsecurity.conf-minimal diff --git a/security/ap-modsecurity2/distinfo b/security/ap-modsecurity2/distinfo index 332ebc332f1..4e41638bba8 100644 --- a/security/ap-modsecurity2/distinfo +++ b/security/ap-modsecurity2/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.5 2008/10/12 12:50:17 adrianp Exp $ +$NetBSD: distinfo,v 1.6 2009/03/14 13:45:38 adrianp Exp $ -SHA1 (modsecurity-apache_2.5.7.tar.gz) = 29a4f8f376dbc1ab3b05c943a1a3c1e4a9e8196a -RMD160 (modsecurity-apache_2.5.7.tar.gz) = 063f68123bc8b70a4abc457c3794d751ab1ebede -Size (modsecurity-apache_2.5.7.tar.gz) = 1117167 bytes +SHA1 (modsecurity-apache_2.5.9.tar.gz) = 875919332a918956371fe8e2f7e46d88081857cf +RMD160 (modsecurity-apache_2.5.9.tar.gz) = adab10e5eab50f0d114e3ccb47c343e744119c8f +Size (modsecurity-apache_2.5.9.tar.gz) = 1252295 bytes +SHA1 (patch-aa) = 19642ee3f22bd502208ee868cf24fb050bd2c56d diff --git a/security/ap-modsecurity2/patches/patch-aa b/security/ap-modsecurity2/patches/patch-aa new file mode 100644 index 00000000000..b5a531d110a --- /dev/null +++ b/security/ap-modsecurity2/patches/patch-aa @@ -0,0 +1,22 @@ +$NetBSD: patch-aa,v 1.6 2009/03/14 13:45:38 adrianp Exp $ + +--- configure.orig 2009-03-12 06:15:45.000000000 +0000 ++++ configure +@@ -5479,7 +5479,7 @@ fi + + if test -z "${with_apr}"; then + if test -z "${apr_path}"; then +- test_paths="/usr/local/apr /usr/local /usr" ++ test_paths="@@PREFIX@@ /usr/local/apr /usr/local /usr" + else + test_paths="${apr_path}" + fi +@@ -5562,7 +5562,7 @@ fi + + if test -z "${with_apu}"; then + if test -z "${apu_path}"; then +- test_paths="/usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr" ++ test_paths="@@PREFIX@@ /usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr" + else + test_paths="${apu_path}" + fi |