Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

modsecurity-3.0.4-1.5 RPM for armv7hl

From OpenSuSE Ports Tumbleweed for armv7hl

Name: modsecurity Distribution: openSUSE Tumbleweed
Version: 3.0.4 Vendor: openSUSE
Release: 1.5 Build date: Fri May 28 08:34:16 2021
Group: Productivity/Networking/Security Build host: obs-arm-6
Size: 25433 Source RPM: modsecurity-3.0.4-1.5.src.rpm
Summary: Web application firewall engine
ModSecurity is a toolkit for real-time web application monitoring, logging, and
access control.






* Wed Jul 22 2020 Dirk Mueller <>
  - add baselibs, fix packaging (install into %_libdir)
  - update to 3.0.4:
    - Fix: audit log data omitted when nolog,auditlog
    - Fix: ModSecurity 3.x inspectFile operator does not pass
    - XML: Remove error messages from stderr
    - Filter comment or blank line for pmFromFile operator
    - Additional adjustment to Cookie header parsing
    - Restore chained rule part H logging to be more like 2.9 behaviour
    - Small fixes in log messages to help debugging the file upload
    - Fix Cookie header parsing issues
    - Fix rules with nolog are logging to part H
    - Fix argument key-value pair parsing cases
    - Fix: audit log part for response body for JSON format to be E
    - Make sure m_rulesMessages is filled after successfull match
    - Fix @pm lookup for possible matches on offset zero.
    - Regex lookup on the key name instead of COLLECTION:key
    - Missing throw in Operator::instantiate
    - Making block action execution dependent of the SecEngine status
    - Making block action execution dependent of the SecEngine status
    - Having body limits to respect the rule engine state
    - Fix SecRuleUpdateTargetById does not match regular expressions
    - Adds missing check for runtime ctl:ruleRemoveByTag
    - Adds a new operator verifySVNR that checks for Austrian social
    security numbers.
    - Fix variables output in debug logs
    - Correct typo validade in log output
    - fix/minor: Error encoding hexa decimal.
    - Limit more log variables to 200 characters.
    - parser: fix parsed file names
    - Allow empty anchored variable
    - Fixed FILES_NAMES collection after the end of multipart parsing
    - Fixed validateByteRange parsing method
    - Removes a memory leak on the JSON parser
    - Enables LMDB on the regression tests.
    - Fix: Extra whitespace in some configuration directives causing error
    - Refactoring on Regex and SMatch classes.
    - Fixed buffer overflow in Utils::Md5::hexdigest()
    - Implemented merge() method for ConfigInt, ConfigDouble, ConfigString
    - Adds initially support to the drop action.
    - Complete merging of particular rule properties
    - Replaces AC_CHECK_FILE with 'test -f'
    - Fix inet addr handling on 64 bit big endian systems
    - Fix tests on FreeBSD
    - Changes ENV test case to read the default MODSECURTIY env var
    - Regression: Sets MODSECURITY env var during the tests execution
    - Fix setenv action to strdup key=variable
    - Allow 0 length JSON requests.
    - Fix "make dist" target to include default configuration
    - Replaced log locking using mutex with fcntl lock
    - Correct the usage of modsecurity::Phases::NUMBER_OF_PHASES
    - Adds support to multiple ranges in ctl:ruleRemoveById
    - Rule variable interpolation broken
    - Make the boundary check less strict as per RFC2046
    - Fix buffer size for utf8toUnicode transformation
    - Fix double macros bug
    - Override the default status code if not suitable to redirect action
    - parser: Fix the support for CRLF configuration files
    - Organizes the server logs
    - m_lineNumber in Rule not mapping with the correct line number in file
    - Using shared_ptr instead of unique_ptr on rules exceptions
    - Changes debuglogs schema to avoid unecessary str allocation
    - Fix the SecUnicodeMapFile and SecUnicodeCodePage
    - Changes the timing to save the rule message
    - Fix crash in msc_rules_add_file() when using disruptive action in chain
    - Fix memory leak in AuditLog::init()
    - Fix RulesProperties::appendRules()
    - Fix RULE lookup in chained rules
    - @ipMatch "Could not add entry" on slash/32 notation in 2.9.0
    - Using values after transformation at MATCHED_VARS
    - Adds support to UpdateActionById.
    - Add correct C function prototypes for msc_init and msc_create_rule_set
    - Allow LuaJIT 2.1 to be used
    - Match m_id JSON log with RuleMessage and v2 format
    - Adds support to setenv action.
    - Adds new transaction constructor that accepts the transaction id
    as parameter.
    - Adds request IDs and URIs to the debug log
    - Treating variables exception on load-time instead of run time.
    - Fix: function m.setvar in Lua scripts and add testcases
    - Fix SecResponseBodyAccess and ctl:requestBodyAccess directives
    - Fix OpenBSD build
    - Fix parser to support GeoLookup with MaxMind
    - parser: Fix simple quote setvar in the end of the line
    - Fix pc file
    - modsec_rules_check: uses the gnu `.la' instead of `.a' file
    - good practices: Initialize variables before use it
    - Fix utf-8 character encoding conversion
    - Adds support for ctl:requestBodyProcessor=URLENCODED
    - Add LUA compatibility for CentOS and try to use LuaJIT first if available
    - Allow LuaJIT to be used
    - Implement support for Lua 5.1
    - Variable names must match fully, not partially. Match should be case
    - Improves the performance while loading the rules
    - Allow empty strings to be evaluated by regex::searchAll
    - Adds basic pkg-config info
    - Fixed LMDB collection errors
    - Fixed false positive MULTIPART_UNMATCHED_BOUNDARY errors
    - Fix ip tree lookup on netmask content
    - Changes the behavior of the default sec actions
    - Refactoring on {global,ip,resources,session,tx,user} collections
    - Fix race condition in UniqueId::uniqueId()
    - Fix memory leak in error message for msc_rules_merge C APIs
    - Return false in SharedFiles::open() when an error happens
    - Use rvalue reference in ModSecurity::serverLog
    - Build System: Fix when multiple lines for curl version.
    - Checks if response body inspection is enabled before process it
    - Code Cleanup.
    - Fix setvar parsing of quoted data
    - Fix LDFLAGS for unit tests.
    - Adds time stamp back to the audit logs
    - Disables skip counter if debug log is disabled
    - Cosmetics: Represents amount of skipped rules without decimal
    - Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser
    - Fix STATUS var parsing and accept STATUS_LINE var for v2 backward comp.
    - Fix memory leak in modsecurity::utils::expandEnv()
    - Initialize m_dtd member in ValidateDTD class as NULL
    - Fix broken @detectxss operator regression test case
    - Fix utils::string::ssplit() to handle delimiter in the end of string
    - Fix variable FILES_TMPNAMES
    - Fix memory leak in Collections
    - Fix lib version information while generating the .so file
    - Adds support for ctl:ruleRemoveByTag
    - Fix SecUploadDir configuration merge
    - Include all prerequisites for "make check" into dist archive
    - Fix: Reverse logic of checking output in @inspectFile
    - Adds support to libMaxMind
    - Adds capture action to detectXSS
    - Temporarily accept invalid MULTIPART_SEMICOLON_MISSING operator
    - Adds capture action to detectSQLi
    - Adds capture action to rbl
    - Adds capture action to verifyCC
    - Adds capture action to verifySSN
    - Adds capture action to verifyCPF
    - Prettier error messages for unsupported configurations (UX)
    - Add missing verify*** transformation statements to parser
    - Fix a set of compilation warnings
    - Check for disruptive action on SecDefaultAction.
    - Fix block-block infinite loop.
    - Correction remove_by_tag and remove_by_msg logic.
    - Fix LMDB compile error
    - Fix msc_who_am_i() to return pointer to a valid C string
    - Added some cosmetics to autoconf related code
    - Fix "make dist" target to include necessary headers for Lua
    - Fix "include /foo/*.conf" for single matched object in directory
    - Add missing Base64 transformation statements to parser
    - Fixed resource load on ip match from file
    - Fixed examples compilation while using disable-shared
    - Fixed compilation issue while xml is disabled
    - Having LDADD and LDFLAGS organized on
    - Checking std::deque size before use it
    - perf improvement: Added the concept of RunTimeString and removed
    all run time parser.
    - perf improvement: Checks debuglog level before format debug msg
    - perf. improvement/rx: Only compute dynamic regex in case of macro
    - Fix uri on the benchmark utility
    - disable Lua on systems with liblua5.1
* Sat Jul 14 2018
  - Remove rhetoric part from descriptions.
* Mon Jul 09 2018
  - Remove libltdl7 from build dependencies
* Mon Jul 02 2018
  - Make use of %license macro
  - Make use of %{version} variable
  - Sort dependencies alphabetically
* Mon Mar 19 2018
  - Initial release



Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Dec 3 23:48:33 2021