Hello community,
here is the log from the commit of package apache2-mod_security2 for
openSUSE:Factory checked in at 2015-03-03 11:14:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache2-mod_security2 (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_security2.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache2-mod_security2"
Changes:
--------
---
/work/SRC/openSUSE:Factory/apache2-mod_security2/apache2-mod_security2.changes
2015-02-16 22:11:55.000000000 +0100
+++
/work/SRC/openSUSE:Factory/.apache2-mod_security2.new/apache2-mod_security2.changes
2015-03-03 11:14:47.000000000 +0100
@@ -1,0 +2,15 @@
+Tue Feb 24 04:23:11 UTC 2015 - [email protected]
+
+- spec, build: Respect optflags
+- spec: buildrequire pkgconfig
+- modsecurity-fixes.patch: mod_security fails at:
+ * building with optflags enabled due to undefined behaviour
+ and implicit declarations.
+ * It abuses it apr_allocator api, creating one allocator
+ per request and then destroying it, flooding the system
+ with mmap() , munmap requests, this is particularly nasty
+ with threaded mpms. it should instead use the allocator
+ from the request pool.
+
+
+-------------------------------------------------------------------
New:
----
modsecurity-fixes.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apache2-mod_security2.spec ++++++
--- /var/tmp/diff_new_pack.l8I8VM/_old 2015-03-03 11:14:48.000000000 +0100
+++ /var/tmp/diff_new_pack.l8I8VM/_new 2015-03-03 11:14:48.000000000 +0100
@@ -41,6 +41,7 @@
Source6: README-SUSE-mod_security2.txt
Source7: empty.conf
Patch0: apache2-mod_security2-no_rpath.diff
+Patch1: modsecurity-fixes.patch
BuildRequires: apache-rpm-macros
BuildRequires: apache2-devel
BuildRequires: apache2-prefork
@@ -52,6 +53,7 @@
BuildRequires: libxml2-devel
BuildRequires: lua-devel
BuildRequires: pcre-devel
+BuildRequires: pkgconfig
Requires: %{apache_mmn}
Requires: apache2
#
@@ -75,8 +77,7 @@
bzip2 -dc %{SOURCE3} > %{_sourcedir}/%{refman} && touch -r %{SOURCE3}
%{_sourcedir}/%{refman}
bzip2 -dc %{SOURCE4} > %{_sourcedir}/%{faq} && touch -r %{SOURCE4}
%{_sourcedir}/%{faq}
%patch0
-#%patch1
-#%patch2
+%patch1 -p1
%build
# aclocal only works with never distributions,
@@ -87,7 +88,7 @@
autoreconf -fi
%endif
automake
-./configure --with-apxs=%{apache_apxs} --enable-request-early
--enable-htaccess-config
+%configure --with-apxs=%{apache_apxs} --enable-request-early
--enable-htaccess-config
CFLAGS="%{optflags}" make %{?_smp_mflags}
%install
++++++ modsecurity-fixes.patch ++++++
--- modsecurity-2.9.0.orig/apache2/mod_security2.c
+++ modsecurity-2.9.0/apache2/mod_security2.c
@@ -457,17 +457,13 @@ static void store_tx_context(modsec_rec
* Creates a new transaction context.
*/
static modsec_rec *create_tx_context(request_rec *r) {
- apr_allocator_t *allocator = NULL;
modsec_rec *msr = NULL;
msr = (modsec_rec *)apr_pcalloc(r->pool, sizeof(modsec_rec));
if (msr == NULL) return NULL;
- apr_allocator_create(&allocator);
- apr_allocator_max_free_set(allocator, 1024);
- apr_pool_create_ex(&msr->mp, r->pool, NULL, allocator);
+ apr_pool_create(&msr->mp, r->pool);
if (msr->mp == NULL) return NULL;
- apr_allocator_owner_set(allocator, msr->mp);
msr->modsecurity = modsecurity;
msr->r = r;
--- modsecurity-2.9.0.orig/apache2/msc_reqbody.c
+++ modsecurity-2.9.0/apache2/msc_reqbody.c
@@ -88,7 +88,7 @@ apr_status_t modsecurity_request_body_st
* to allocate structures from (not data, which is allocated
* via malloc).
*/
- apr_pool_create(&msr->msc_reqbody_mp, NULL);
+ apr_pool_create(&msr->msc_reqbody_mp, msr->mp);
/* Initialise request body processors, if any. */
--- modsecurity-2.9.0.orig/apache2/msc_status_engine.c
+++ modsecurity-2.9.0/apache2/msc_status_engine.c
@@ -37,6 +37,7 @@
#if (defined(__linux__) || defined(__gnu_linux__))
#include <linux/if.h>
#include <linux/sockios.h>
+#include <sys/ioctl.h>
#endif
#ifdef HAVE_SYS_UTSNAME_H
#include <sys/utsname.h>
--- modsecurity-2.9.0.orig/apache2/msc_remote_rules.c
+++ modsecurity-2.9.0/apache2/msc_remote_rules.c
@@ -792,6 +792,7 @@ next:
"compilation.";
return -1;
#endif
+ return -1;
}
--- modsecurity-2.9.0.orig/apache2/msc_util.c
+++ modsecurity-2.9.0/apache2/msc_util.c
@@ -18,6 +18,7 @@
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <arpa/inet.h>
#include "msc_release.h"
#include "msc_util.h"
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
