Versions
v2.9.8 :: 0 :: gentoo
- Modified
- License
- Apache-2.0
- Keywords
- ~amd64 ~x86
- USE flags
- doc fuzzyhash geoip jit json lua mlogc pcre2
v2.9.7 :: 0 :: gentoo
- Modified
- License
- Apache-2.0
- Keywords
- amd64 x86
- USE flags
- doc fuzzyhash geoip jit json lua mlogc pcre2
USE flags
General
- doc
- Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally
- fuzzyhash
- Support fuzzy hash computations (to detect malware, for example) using the app-crypt/ssdeep package.
- geoip
- Pull in dev-libs/geoip for use by the SecGeoLookupDb directive.
- jit
- Add support for the PCRE Just-in-Time optimisation, as enabled by dev-libs/libpcre with jit USE flag enabled. Might not be available on hardened systems.
- json
- Suppose JSON in the request body parser through dev-libs/yajl.
- lua
- Enable Lua scripting support
- mlogc
- Build and install the ModSecurity Audit Log Collector (mlogc).
- pcre2
- Use dev-libs/libpcre2 as regex implementation
lua_single_target
- lua5-1
- Build for Lua 5.1 only
- lua5-3
- Build for Lua 5.3 only
Dependencies
app-crypt / ssdeep : Computes context triggered piecewise hashes (fuzzy hashes)
dev-lang / lua : A powerful light-weight programming language designed for extending applications
dev-libs / apr : Apache Portable Runtime Library
dev-libs / apr-util : Apache Portable Runtime Utility Library
dev-libs / expat : Stream-oriented XML parser library
dev-libs / libpcre : Perl-compatible regular expression library
dev-libs / libpcre2 : Perl-compatible regular expression library
dev-libs / libxml2 : XML C parser and toolkit
dev-libs / yajl : Small event-driven (SAX-style) JSON parser
net-misc / curl : A Client that groks URLs
sys-apps / util-linux : Various useful Linux utilities
sys-libs / gdbm : Standard GNU database libraries
virtual / libcrypt : Virtual for libcrypt.so
www-servers / apache : The Apache Web Server
Runtime Dependencies
app-crypt / ssdeep : Computes context triggered piecewise hashes (fuzzy hashes)
dev-lang / lua : A powerful light-weight programming language designed for extending applications
dev-lang / perl : Larry Wall's Practical Extraction and Report Language
dev-libs / apr : Apache Portable Runtime Library
dev-libs / apr-util : Apache Portable Runtime Utility Library
dev-libs / expat : Stream-oriented XML parser library
dev-libs / geoip : GeoIP Legacy C API
dev-libs / libpcre : Perl-compatible regular expression library
dev-libs / libpcre2 : Perl-compatible regular expression library
dev-libs / libxml2 : XML C parser and toolkit
dev-libs / yajl : Small event-driven (SAX-style) JSON parser
net-misc / curl : A Client that groks URLs
sys-apps / util-linux : Various useful Linux utilities
sys-libs / gdbm : Standard GNU database libraries
virtual / libcrypt : Virtual for libcrypt.so
www-servers / apache : The Apache Web Server
Depending packages
www-apache / modsecurity-crs : OWASP ModSecurity Core Rule Set
Bugs
- 891777
- <www-apache/mod_security-2.9.7, <dev-libs/modsecurity-3.0.9: multiple vulnerabilities
- 913724
- www-apache/mod_security-2.9.7 - [slibtool] apache2_config.c:(.text+<snip>): undefined reference to ap_server_root_relative
- 927580
- www-apache/mod_security-2.9.7 fails to compile: configure: error: pcre2 library is required
- 932611
- www-apache/mod_security-2.9.7 - [ncurses-6.5] [gcc-15] [llvm] ld.lld: error: .../crti.o is incompatible with elf32-i386
Change logs
- Repository mirror & CI · gentoo
Merge updates from master - Tomáš Mózes · gentoo
www-apache/mod_security: add 2.9.8
Project owner changed from Trustwave to OWASP: https://owasp.org/blog/2024/01/09/ModSecurity Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/39039 Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Michał Górny · gentoo
Move {app-doc → app-text}/doxygen
Per the category metadata, app-doc/ is reserved for documentation *files* and not software. Move it to app-text/ where it seems a better fit. Signed-off-by: Michał Górny <mgorny@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Tomáš Mózes · gentoo
www-apache/mod_security: drop vulnerable
Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Signed-off-by: Joonas Niilola <juippis@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.7 amd64, #900615
Signed-off-by: Sam James <sam@gentoo.org> - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.7 x86, #900615
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Joonas Niilola · gentoo
www-apache/mod_security: update COMMON_DEPEND to just DEPEND in 2.9.7
Signed-off-by: Joonas Niilola <juippis@gentoo.org> - Tomáš Mózes · gentoo
www-apache/mod_security: add 2.9.7
Bug: https://bugs.gentoo.org/891777 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/29267 Signed-off-by: Joonas Niilola <juippis@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Tomáš Mózes · gentoo
www-apache/mod_security: drop vulnerable
Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/28504 Signed-off-by: John Helmert III <ajak@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.6 amd64, #883951
Signed-off-by: Sam James <sam@gentoo.org> - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.6 x86, #883951
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Tomáš Mózes · gentoo
www-apache/mod_security: add 2.9.6
Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/27885 Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Tomáš Mózes · gentoo
www-apache/mod_security: drop old
Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/24272 Signed-off-by: Sam James <sam@gentoo.org> - Tomáš Mózes · gentoo
www-apache/mod_security: keep unicode.mapping
Closes: https://bugs.gentoo.org/642476 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.5 x86, #829741
Signed-off-by: Sam James <sam@gentoo.org> - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.5 amd64, #829741
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Tomáš Mózes · gentoo
www-apache/mod_security: bump to 2.9.5
Closes: https://bugs.gentoo.org/811087 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/23437 Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
www-apache/mod_security: conditionally call lua-single_pkg_setup
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
www-apache/mod_security: remove old
Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.3-r100 x86, #766528
Signed-off-by: Sam James <sam@gentoo.org> - Sam James · gentoo
www-apache/mod_security: Stabilize 2.9.3-r100 amd64, #766528
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
www-apache/mod_security: remove old
Signed-off-by: Marek Szuba <marecki@gentoo.org> - Marek Szuba · gentoo
www-apache/mod_security: migrate to lua-single.eclass
Closes: https://bugs.gentoo.org/752513 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Repository mirror & CI · gentoo
Merge updates from master - Agostino Sarubbo · gentoo
www-apache/mod_security: x86 stable wrt bug #745990
Package-Manager: Portage-2.3.103, Repoman-2.3.23 RepoMan-Options: --include-arches="x86" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Agostino Sarubbo · gentoo
www-apache/mod_security: amd64 stable wrt bug #745990
Package-Manager: Portage-2.3.103, Repoman-2.3.23 RepoMan-Options: --include-arches="amd64" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Alexey Sokolov · gentoo
www-apache/mod_security: update homepage
Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Alexey Sokolov <sokolov@google.com> Signed-off-by: David Seifert <soap@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Tomas Mozes · gentoo
www-apache/mod_security: fix building USE=doc.
Patch-by: Dennis Lichtenthäler Closes: https://bugs.gentoo.org/679522 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/11296 Signed-off-by: Patrice Clement <monsieurp@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Tomas Mozes · gentoo
www-apache/mod_security: bump to 2.9.3
Signed-off-by: Tomas Mozes <hydrapolic@gmail.com> Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Pacho Ramos · gentoo
www-apache/mod_security: Drop old
Signed-off-by: Pacho Ramos <pacho@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 - Repository mirror & CI · gentoo
Merge updates from master - Mikle Kolyada · gentoo
www-apache/mod_security: amd64 stable wrt bug #668050
Signed-off-by: Mikle Kolyada <zlogene@gentoo.org> Package-Manager: Portage-2.3.49, Repoman-2.3.11 - Repository mirror & CI · gentoo
Merge updates from master - Thomas Deutschmann · gentoo
www-apache/mod_security: x86 stable (bug #668050)
Package-Manager: Portage-2.3.50, Repoman-2.3.11 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> - Michael Orlitzky · gentoo
www-apache/mod_security: new revision with updated default configuration.
I've made a few small changes to the configuration file that we install by default. First, I've added two settings, SecTmpDir and SecUploadDir, which serve a similar purpose as the existing SecDataDir. All of those need to be located somewhere safe, and the upstream defaults point to /tmp (which is not safe). It is therefore necessary that we override them, and point them to a location that is created and made private in the ebuild. We now use /var/lib/modsecurity/{data,tmp,upload} and I've made them mode 0750 by default (owned by apache:apache). I've also removed two settings that used to be present. Our default configuration is extremely close to the upstream defaults, and sets almost nothing in 79_mod_security.conf explicitly. The presence of SecHttpBlKey was therefore rather strange, since it was disabled by default and contained nothing Gentoo-specific. I've removed it for consistency (it is documented upstream for people who want it). The other setting that I've removed is SecGeoLookupDb. This one could at least be justified for containing a Gentoo-specific path. However, the path doesn't work out-of-the-box; it requires you to (manually, or via cron) update your GeoIP database at least once before using it. At that point, you know the location of the database, and can point mod_security to it yourself. Taking that into consideration, it again makes more sense to omit the setting for consistency and defer to the upstream documentation and defaults. Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Michael Orlitzky · gentoo
www-apache/mod_security: new version 2.9.1 to fix some bugs.
There are a few important changes in this version. First, there is a new USE flag "mlogc" for the audit log collector. USE=curl was too confusing. Oh, and it actually installs the log collector files now. Next, I've moved the SecDataDir under /var/lib to eliminate a QA warning. That's a better place for it anyway, because it doesn't hold cached data (we have no way to recreate the stuff if it disappears). I've dropped the code that enables/disables the GeoIP stuff in the configuration file. We don't need to sed our users' configurations based on USE flags: they'll set it to what they want, and we should leave it that way. The flag is still there to pull in the geoip libs. The configuration file is named 79_mod_security.conf now, for consistency. There are two completely new flags, USE=json and USE=fuzzyhash to enable new upstream features. Some missing dependencies were added, and the docs are being built with doxygen for now. The following users submitted code and/or suggestions that I've used. Thanks guys! * Chris Frederick * Graham E * Leho Kraav * Mario D. Santana Gentoo-Bug: 518828 Gentoo-Bug: 594720 Gentoo-Bug: 605496 Gentoo-Bug: 615294 Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Robin H. Johnson · gentoo
Drop $Id$ per council decision in bug #611234.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> - Aaron Bauman · gentoo
www-apache/mod_security: cleanup vulnerable versions wrt bug 506454 - Agostino Sarubbo · gentoo
www-apache/mod_security: sparc stable wrt bug #506454
Package-Manager: portage-2.2.28 RepoMan-Options: --include-arches="sparc" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Agostino Sarubbo · gentoo
www-apache/mod_security: ppc stable wrt bug #506454
Package-Manager: portage-2.2.28 RepoMan-Options: --include-arches="ppc" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Agostino Sarubbo · gentoo
www-apache/mod_security: x86 stable wrt bug #506454
Package-Manager: portage-2.2.28 RepoMan-Options: --include-arches="x86" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Agostino Sarubbo · gentoo
www-apache/mod_security: amd64 stable wrt bug #506454
Package-Manager: portage-2.2.28 RepoMan-Options: --include-arches="amd64" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Robin H. Johnson · gentoo
proj/gentoo: Initial commit
This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed