commit: 55f797c4a75a4a05bbaff941be3aa29b6802aa16 Author: Tomáš Mózes <hydrapolic <AT> gmail <DOT> com> AuthorDate: Fri Dec 2 06:21:57 2022 +0000 Commit: John Helmert III <ajak <AT> gentoo <DOT> org> CommitDate: Fri Dec 2 17:12:56 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=55f797c4
www-apache/mod_security: drop vulnerable Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/28504 Signed-off-by: John Helmert III <ajak <AT> gentoo.org> www-apache/mod_security/Manifest | 1 - .../mod_security/mod_security-2.9.5-r1.ebuild | 125 --------------------- www-apache/mod_security/mod_security-2.9.5.ebuild | 125 --------------------- 3 files changed, 251 deletions(-) diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest index 174609a84b90..738cc152d132 100644 --- a/www-apache/mod_security/Manifest +++ b/www-apache/mod_security/Manifest @@ -1,2 +1 @@ -DIST modsecurity-2.9.5.tar.gz 4315037 BLAKE2B f6e607f344038c74fbbacbba6bbeb5953a7ab13b54d140924f4fe586a1506720d383285e7ce68dc9386f3532d298d53de55446f336c4b2f3e359bf8636bba0d0 SHA512 eef10afbce7407038b12d3c94213a17ecadf2db9a39f15006809848717f9a0d53d52f050957e13725e972191106c54eafb8915d564e5f0756a8a93c84048a4df DIST modsecurity-2.9.6.tar.gz 4316582 BLAKE2B f344f8630218c401a3b0eb0de9f5f23d9d1f9f65bf5c4cff2d8d0ea3ebd27cf0202ce2199b1c6d923237ee49a3b151cce46a8de3563fa743cf119c8c25270af3 SHA512 54b3316950094b3951fcfdd82bbacd34dfa8f5500b9a772d3296f411711bad0dcad51068b25cb2c196fdc4b2e1095d54701370d25180c0c68cf0913bd7d4ea03 diff --git a/www-apache/mod_security/mod_security-2.9.5-r1.ebuild b/www-apache/mod_security/mod_security-2.9.5-r1.ebuild deleted file mode 100644 index baac45dfeee8..000000000000 --- a/www-apache/mod_security/mod_security-2.9.5-r1.ebuild +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -LUA_COMPAT=( lua5-{1..3} ) - -inherit autotools apache-module lua-single - -MY_PN=modsecurity -MY_P=${MY_PN}-${PV} - -DESCRIPTION="Application firewall and intrusion detection for Apache" -HOMEPAGE="https://github.com/SpiderLabs/ModSecurity"; -SRC_URI="https://github.com/SpiderLabs/ModSecurity/releases/download/v${PV}/${MY_P}.tar.gz"; - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="doc fuzzyhash geoip jit json lua mlogc" - -REQUIRED_USE="lua? ( ${LUA_REQUIRED_USE} )" - -COMMON_DEPEND="dev-libs/apr - dev-libs/apr-util[openssl] - dev-libs/libxml2 - dev-libs/libpcre[jit?] - virtual/libcrypt:= - fuzzyhash? ( app-crypt/ssdeep ) - json? ( dev-libs/yajl ) - lua? ( ${LUA_DEPS} ) - mlogc? ( net-misc/curl ) - www-servers/apache[apache2_modules_unique_id]" -BDEPEND="doc? ( app-doc/doxygen )" -DEPEND="${COMMON_DEPEND}" -RDEPEND="${COMMON_DEPEND} - geoip? ( dev-libs/geoip ) - mlogc? ( dev-lang/perl )" -PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1" - -S="${WORKDIR}/${MY_P}" - -APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" -APACHE2_MOD_CONF="79_${PN}" -APACHE2_MOD_DEFINE="SECURITY" - -# Tests require symbols only defined within the Apache binary. -RESTRICT=test - -PATCHES=( - "${FILESDIR}"/${PN}-2.9.3-autoconf_lua_package_name.patch -) - -need_apache2 - -pkg_setup() { - _init_apache2 - _init_apache2_late - use lua && lua-single_pkg_setup -} - -src_prepare() { - default - eautoreconf -} - -src_configure() { - local myconf=( - --disable-static - --enable-request-early - --with-apxs="${APXS}" - --with-pic - $(use_with fuzzyhash ssdeep) - $(use_with json yajl) - $(use_enable mlogc) - $(use_with lua) - $(use_enable lua lua-cache) - $(use_enable jit pcre-jit) - $(use_enable doc docs) ) - - econf ${myconf[@]} -} - -src_compile() { - default -} - -src_install() { - apache-module_src_install - - dodoc CHANGES README.md modsecurity.conf-recommended unicode.mapping - - if use doc; then - dodoc -r doc/apache/html - fi - - if use mlogc; then - insinto /etc/ - newins mlogc/mlogc-default.conf mlogc.conf - dobin mlogc/mlogc - dobin mlogc/mlogc-batch-load.pl - newdoc mlogc/INSTALL INSTALL-mlogc - fi - - # Use /var/lib instead of /var/cache. This stuff is "persistent," - # and isn't a cached copy of something that we can recreate. - # Bug 605496. - keepdir /var/lib/modsecurity - fowners apache:apache /var/lib/modsecurity - fperms 0750 /var/lib/modsecurity - for dir in data tmp upload; do - keepdir "/var/lib/modsecurity/${dir}" - fowners apache:apache "/var/lib/modsecurity/${dir}" - fperms 0750 "/var/lib/modsecurity/${dir}" - done -} - -pkg_postinst() { - elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}" - elog "so that you can put your own configuration in (for example)" - elog "90_modsecurity_local.conf." - elog "" - elog "That would be the correct place for site-global security rules." - elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" -} diff --git a/www-apache/mod_security/mod_security-2.9.5.ebuild b/www-apache/mod_security/mod_security-2.9.5.ebuild deleted file mode 100644 index 03b2d414b760..000000000000 --- a/www-apache/mod_security/mod_security-2.9.5.ebuild +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -LUA_COMPAT=( lua5-{1..3} ) - -inherit autotools apache-module lua-single - -MY_PN=modsecurity -MY_P=${MY_PN}-${PV} - -DESCRIPTION="Application firewall and intrusion detection for Apache" -HOMEPAGE="https://github.com/SpiderLabs/ModSecurity"; -SRC_URI="https://github.com/SpiderLabs/ModSecurity/releases/download/v${PV}/${MY_P}.tar.gz"; - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="doc fuzzyhash geoip jit json lua mlogc" - -REQUIRED_USE="lua? ( ${LUA_REQUIRED_USE} )" - -COMMON_DEPEND="dev-libs/apr - dev-libs/apr-util[openssl] - dev-libs/libxml2 - dev-libs/libpcre[jit?] - virtual/libcrypt:= - fuzzyhash? ( app-crypt/ssdeep ) - json? ( dev-libs/yajl ) - lua? ( ${LUA_DEPS} ) - mlogc? ( net-misc/curl ) - www-servers/apache[apache2_modules_unique_id]" -BDEPEND="doc? ( app-doc/doxygen )" -DEPEND="${COMMON_DEPEND}" -RDEPEND="${COMMON_DEPEND} - geoip? ( dev-libs/geoip ) - mlogc? ( dev-lang/perl )" -PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1" - -S="${WORKDIR}/${MY_P}" - -APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" -APACHE2_MOD_CONF="79_${PN}" -APACHE2_MOD_DEFINE="SECURITY" - -# Tests require symbols only defined within the Apache binary. -RESTRICT=test - -PATCHES=( - "${FILESDIR}"/${PN}-2.9.3-autoconf_lua_package_name.patch -) - -need_apache2 - -pkg_setup() { - _init_apache2 - _init_apache2_late - use lua && lua-single_pkg_setup -} - -src_prepare() { - default - eautoreconf -} - -src_configure() { - local myconf=( - --disable-static - --enable-request-early - --with-apxs="${APXS}" - --with-pic - $(use_with fuzzyhash ssdeep) - $(use_with json yajl) - $(use_enable mlogc) - $(use_with lua) - $(use_enable lua lua-cache) - $(use_enable jit pcre-jit) - $(use_enable doc docs) ) - - econf ${myconf[@]} -} - -src_compile() { - default -} - -src_install() { - apache-module_src_install - - dodoc CHANGES README.md modsecurity.conf-recommended - - if use doc; then - dodoc -r doc/apache/html - fi - - if use mlogc; then - insinto /etc/ - newins mlogc/mlogc-default.conf mlogc.conf - dobin mlogc/mlogc - dobin mlogc/mlogc-batch-load.pl - newdoc mlogc/INSTALL INSTALL-mlogc - fi - - # Use /var/lib instead of /var/cache. This stuff is "persistent," - # and isn't a cached copy of something that we can recreate. - # Bug 605496. - keepdir /var/lib/modsecurity - fowners apache:apache /var/lib/modsecurity - fperms 0750 /var/lib/modsecurity - for dir in data tmp upload; do - keepdir "/var/lib/modsecurity/${dir}" - fowners apache:apache "/var/lib/modsecurity/${dir}" - fperms 0750 "/var/lib/modsecurity/${dir}" - done -} - -pkg_postinst() { - elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}" - elog "so that you can put your own configuration in (for example)" - elog "90_modsecurity_local.conf." - elog "" - elog "That would be the correct place for site-global security rules." - elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" -}
