Fedora EPEL 7 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Wed, 28 Jun 2023 00:19:40 +0000 (UTC)

The following builds have been pushed to Fedora EPEL 7 updates-testing

    libmodsecurity-3.0.9-2.el7

Details about builds:

================================================================================
 libmodsecurity-3.0.9-2.el7 (FEDORA-EPEL-2023-c5ad3565aa)
 A library that loads/interprets rules written in the ModSecurity SecRules
--------------------------------------------------------------------------------
Update Information:

Update to 3.0.9 after rebasing rawhide
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 27 2023 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 3.0.9-2
- Use geoip instead of libmaxminddb for EPEL 7 and 8 builds
* Sat Apr 15 2023 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 3.0.9-1
- 2828.patch: drop, included in 3.0.9
- Remove deps required for autoreconf
- Minor cosmetic change for configure
- ModSecurity_cookie_parsing_fix_303.patch: remove as not required since 3.0.4
- 0001-Fix-build-on-non-x86-arch.patch: remove as not required since 3.0.4
- modsecurity.pc: drop as is being shipped since 3.0.3
* Mon Mar 27 2023 Mikel Olasagasti Uranga <mikel@xxxxxxxxxxxxxxx> - 3.0.8-3
- Use PCRE2 rhbz#2128321
- Use libmaxminddb instead of old GeoIP
- Migrate to SPDX identifier for License
- Change homepage
- Remove .la file for EPEL
* Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Oct 15 2022 Othman Madjoudj <athmane@xxxxxxxxxxxxxxxxx> - 3.0.8-1
- Update to maintenance release 3.0.8
* Thu Jul 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Mar 30 2021 Jonathan Wakely <jwakely@xxxxxxxxxx> - 3.0.4-4
- Rebuilt for removed libstdc++ symbol (#1937698)
* Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1879590 - CVE-2020-15598 libmodsecurity: specially crafted payload could result in a DoS [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1879590
  [ 2 ] Bug #1957934 - CVE-2019-25043 libmodsecurity: crafted key-value pair can lead to DoS [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1957934
  [ 3 ] Bug #2021302 - CVE-2021-35368 libmodsecurity: request body bypass via a trailing pathname [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2021302
  [ 4 ] Bug #2031843 - CVE-2021-42717 libmodsecurity: crafted JSON objects with nesting could result in the web server being unable to service legitimate requests [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2031843
--------------------------------------------------------------------------------

_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue