Your message dated Sat, 28 Jan 2017 11:47:09 +0000
with message-id <[email protected]>
and subject line Bug#838009: fixed in modsecurity-crs 2.2.9-1+deb8u1
has caused the Debian Bug report #838009,
regarding modsecurity-crs: Apache2 dont start after activate modsecurity rule
modsecurity_crs_16_session_hijacking.conf
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
838009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838009
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: modsecurity-crs
Version: 2.2.9-1
Severity: important
Dear Maintainer,
apache2 dont start after activate modsecurity rule
modsecurity_crs_16_session_hijacking.conf
:~> sudo apache2ctl configtest
AH00526: Syntax error on line 51 of
/etc/modsecurity/modsecurity_crs_16_session_hijacking.conf:
ModSecurity: Disruptive actions can only be specified by chain starter
rules.
Action 'configtest' failed.
The Apache error log may have more information.
Pls see this commit:
https://github.com/SpiderLabs/owasp-modsecurity-crs/commit/e2fbef4ce89fed0c4dd338002b9a090dd2f6491d
This fix the prblem, pls insert the fix in Debian package.
Regard
Karsten
-- System Information:
Debian Release: 8.5
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages modsecurity-crs depends on:
ii libapache2-mod-security2 2.8.0-3
modsecurity-crs recommends no packages.
Versions of packages modsecurity-crs suggests:
pn geoip-database-contrib <none>
pn lua <none>
ii ruby 1:2.1.5+deb8u2
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: modsecurity-crs
Source-Version: 2.2.9-1+deb8u1
We believe that the bug you reported is fixed in the latest version of
modsecurity-crs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alberto Gonzalez Iniesta <[email protected]> (supplier of updated
modsecurity-crs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 17 Nov 2016 11:18:03 +0100
Source: modsecurity-crs
Binary: modsecurity-crs
Architecture: source all
Version: 2.2.9-1+deb8u1
Distribution: stable
Urgency: medium
Maintainer: Alberto Gonzalez Iniesta <[email protected]>
Changed-By: Alberto Gonzalez Iniesta <[email protected]>
Description:
modsecurity-crs - modsecurity's Core Rule Set
Closes: 838009
Changes:
modsecurity-crs (2.2.9-1+deb8u1) stable; urgency=medium
.
* Fix typo in modsecurity_crs_16_session_hijacking.conf.
(Closes: #838009)
Checksums-Sha1:
292b7d24e8f19b9ba21115d271f2b15551532f93 1827
modsecurity-crs_2.2.9-1+deb8u1.dsc
1ac1e6d809b7ec3600b91105127383111e78db4d 5212
modsecurity-crs_2.2.9-1+deb8u1.debian.tar.xz
63ce7245a6d0c1cf7074182de4c0245a64dc4555 223550
modsecurity-crs_2.2.9-1+deb8u1_all.deb
Checksums-Sha256:
0a6fcc1f5e22bba2544099fa05ade69b67cd7f7154840e2db2935c1e046f39dc 1827
modsecurity-crs_2.2.9-1+deb8u1.dsc
6c977fc0230b19fb51512b1dd657087fe6ba2378050633d33d4013d36314d259 5212
modsecurity-crs_2.2.9-1+deb8u1.debian.tar.xz
c7b05e3090a28f959a32a02d6fa8593f0eb61f1a06793448d19fbdcbd6ce7a11 223550
modsecurity-crs_2.2.9-1+deb8u1_all.deb
Files:
d7f94c18c4d0f62e59e86c9ce43b1d8e 1827 httpd extra
modsecurity-crs_2.2.9-1+deb8u1.dsc
739de8daa61aa1d3508d4af77f2fcf1e 5212 httpd extra
modsecurity-crs_2.2.9-1+deb8u1.debian.tar.xz
9c60a6c0dbb9225174ee9927110087c7 223550 httpd extra
modsecurity-crs_2.2.9-1+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEEU0fL2D4wqetNfUvyAJszdWuaqlUFAlh01GoQHGFnaUBpbml0
dGFiLm9yZwAKCRAAmzN1a5qqVeNrEACkJixaPz0axi1txumM7lZ3kkyuDe9MW4c3
ZXhLhMh3Iv+BrfzB1UKcfbhtwyl7J8BIBJvLmQmwhaJBT30KLsdRXH5gCeLXsMje
3uFiXIcjMROHA68rMwMoPdJ49YrwwdDnz+DEf+f8+Mi4cv+YbzxxgB+eukqlEeS/
4LAcdiDIaNK5Zsirz85IdoBuOdv3bAOOTtpH6bB6miRaTtlp+rHH6Rkcz0MA8ZQ8
dsFijoI9T5CX61JMSj3GjKYy+SbSLpxYFcQqa7Fi7SX7uQUL4ImRgI5t20aR1J9l
GD5Wy0Hnmp9PAI1neo1gZ9wIySeYEb5F9ySMWmbAtsaldGLuiEbRdWw5c54DxOz3
xge8JRzfGsvBTEfNSBVX7LK6czZYqqpcYWJcL+2X9D0qGvlgpDRWHNod4w+K+0a5
51/b9W0mIyVwC9GE+Ve3jGINWgpasCEYAZT+lLdTxHex/l9svn4OaeKET3Rrw0j+
lxZP3hcViIJR523qNxAiNxYBsAMwlyBd+4FO7qORo5ErNX6T4K84/2Gi3JCZh8FP
uD78s/yCwm5JNOa1hr2n/4QBVyqZ4rjSZXxqlbC9QiECx6MQCxSR5tzw90LcwlV6
KOJLMSYVed6r9J51sh9SL73J2x1XjlPw/+kqjFJ+OVZTBvn9veSvZ8N/L98Mu8dN
7cpH8Z4nwg==
=TRwc
-----END PGP SIGNATURE-----
--- End Message ---
