Quantcast
Channel: Athmane Madjoudj blog
Viewing all articles
Browse latest Browse all 20

New mod_security and mod_security_crs packages

$
0
0
I just pushed security/bugfix updates for mod_security 2.7.1-3 and mod_security_crs 2.2.6-3 packages, if you are using them please test and provide karma in bodhi.

Note: there's no packages for EPEL5 because of the old libxml2 in RHEL5/CentOS5.

Update: I've pushed an update with backported fixes (from 2.7) in EPEL5, please test. https://admin.fedoraproject.org/updates/mod_security-2.6.8-2.el5

Details:


  • Update to 2.7.1
  • Update Core rules set to 2.2.6
  • Fix build against libxml2 >= 2.9 (upstreamed)
  • Add some missing directives RHBZ #569360
  • Fix multipart/invalid part ruleset bypass issue (CVE-2012-4528) (RHBZ #867424, #867773, #867774)



Viewing all articles
Browse latest Browse all 20

Trending Articles