pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/security/ap-modsecurity2

Module Name:    pkgsrc
Committed By:   adrianp
Date:           Sat Mar 14 13:45:39 UTC 2009

Modified Files:
        pkgsrc/security/ap-modsecurity2: Makefile PLIST distinfo
Added Files:
        pkgsrc/security/ap-modsecurity2/patches: patch-aa

Log Message:
Update to 2.5.9
 * Fixed PDF XSS issue where a non-GET request for a PDF file would crash the
   Apache httpd process.  Discovered by Steve Grubb at Red Hat.

 * Removed an invalid "Internal error: Issuing "%s" for unspecified error."
   message that was logged when denying with nolog/noauditlog set and
   causing the request to be audited.

 * Fixed parsing multipart content with a missing part header name which
   would crash Apache.  Discovered by "Internet Security Auditors"

 * Added ability to specify the config script directly using --with-apr
   and --with-apu.

 * Updated copyright year to 2009.

 * Added macro expansion for append/prepend action.

 * Fixed race condition in concurrent updates of persistent counters.  Updates
   are now atomic.

 * Cleaned up build, adding an option for verbose configure output and making
   the mlogc build more portable.

To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/security/ap-modsecurity2/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/ap-modsecurity2/PLIST
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/ap-modsecurity2/distinfo
cvs rdiff -u -r0 -r1.6 pkgsrc/security/ap-modsecurity2/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index