The following builds have been pushed to Fedora EPEL 7 updates-testing
libmodsecurity-3.0.9-2.el7
Details about builds:
================================================================================
libmodsecurity-3.0.9-2.el7 (FEDORA-EPEL-2023-c5ad3565aa)
A library that loads/interprets rules written in the ModSecurity SecRules
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.9 after rebasing rawhide
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 27 2023 Mikel Olasagasti Uranga <[email protected]> - 3.0.9-2
- Use geoip instead of libmaxminddb for EPEL 7 and 8 builds
* Sat Apr 15 2023 Mikel Olasagasti Uranga <[email protected]> - 3.0.9-1
- 2828.patch: drop, included in 3.0.9
- Remove deps required for autoreconf
- Minor cosmetic change for configure
- ModSecurity_cookie_parsing_fix_303.patch: remove as not required since 3.0.4
- 0001-Fix-build-on-non-x86-arch.patch: remove as not required since 3.0.4
- modsecurity.pc: drop as is being shipped since 3.0.3
* Mon Mar 27 2023 Mikel Olasagasti Uranga <[email protected]> - 3.0.8-3
- Use PCRE2 rhbz#2128321
- Use libmaxminddb instead of old GeoIP
- Migrate to SPDX identifier for License
- Change homepage
- Remove .la file for EPEL
* Thu Jan 19 2023 Fedora Release Engineering <[email protected]> -
3.0.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Oct 15 2022 Othman Madjoudj <[email protected]> - 3.0.8-1
- Update to maintenance release 3.0.8
* Thu Jul 21 2022 Fedora Release Engineering <[email protected]> -
3.0.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <[email protected]> -
3.0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <[email protected]> -
3.0.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Mar 30 2021 Jonathan Wakely <[email protected]> - 3.0.4-4
- Rebuilt for removed libstdc++ symbol (#1937698)
* Tue Jan 26 2021 Fedora Release Engineering <[email protected]> -
3.0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <[email protected]> -
3.0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1879590 - CVE-2020-15598 libmodsecurity: specially crafted payload
could result in a DoS [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1879590
[ 2 ] Bug #1957934 - CVE-2019-25043 libmodsecurity: crafted key-value pair
can lead to DoS [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1957934
[ 3 ] Bug #2021302 - CVE-2021-35368 libmodsecurity: request body bypass via a
trailing pathname [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2021302
[ 4 ] Bug #2031843 - CVE-2021-42717 libmodsecurity: crafted JSON objects with
nesting could result in the web server being unable to service legitimate
requests [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2031843
--------------------------------------------------------------------------------
_______________________________________________
epel-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
