From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id BCE9F158020 for ; Fri, 2 Dec 2022 17:20:00 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CE3032BC037; Fri, 2 Dec 2022 17:19:59 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id AF12B2BC037 for ; Fri, 2 Dec 2022 17:19:59 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id ACD42341109 for ; Fri, 2 Dec 2022 17:19:58 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id D3A32703 for ; Fri, 2 Dec 2022 17:19:56 +0000 (UTC) From: "John Helmert III" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "John Helmert III" Message-ID: <1670001176.55f797c4a75a4a05bbaff941be3aa29b6802aa16.ajak@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: www-apache/mod_security/ X-VCS-Repository: repo/gentoo X-VCS-Files: www-apache/mod_security/Manifest www-apache/mod_security/mod_security-2.9.5-r1.ebuild www-apache/mod_security/mod_security-2.9.5.ebuild X-VCS-Directories: www-apache/mod_security/ X-VCS-Committer: ajak X-VCS-Committer-Name: John Helmert III X-VCS-Revision: 55f797c4a75a4a05bbaff941be3aa29b6802aa16 X-VCS-Branch: master Date: Fri, 2 Dec 2022 17:19:56 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 3ebec2b9-cb0a-47bf-8029-917a715bd955 X-Archives-Hash: 027f6c073ab7217720afe2d67d5c0925 commit: 55f797c4a75a4a05bbaff941be3aa29b6802aa16 Author: Tomáš Mózes gmail com> AuthorDate: Fri Dec 2 06:21:57 2022 +0000 Commit: John Helmert III gentoo org> CommitDate: Fri Dec 2 17:12:56 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=55f797c4 www-apache/mod_security: drop vulnerable Signed-off-by: Tomáš Mózes gmail.com> Closes: https://github.com/gentoo/gentoo/pull/28504 Signed-off-by: John Helmert III gentoo.org> www-apache/mod_security/Manifest | 1 - .../mod_security/mod_security-2.9.5-r1.ebuild | 125 --------------------- www-apache/mod_security/mod_security-2.9.5.ebuild | 125 --------------------- 3 files changed, 251 deletions(-) diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest index 174609a84b90..738cc152d132 100644 --- a/www-apache/mod_security/Manifest +++ b/www-apache/mod_security/Manifest @@ -1,2 +1 @@ -DIST modsecurity-2.9.5.tar.gz 4315037 BLAKE2B f6e607f344038c74fbbacbba6bbeb5953a7ab13b54d140924f4fe586a1506720d383285e7ce68dc9386f3532d298d53de55446f336c4b2f3e359bf8636bba0d0 SHA512 eef10afbce7407038b12d3c94213a17ecadf2db9a39f15006809848717f9a0d53d52f050957e13725e972191106c54eafb8915d564e5f0756a8a93c84048a4df DIST modsecurity-2.9.6.tar.gz 4316582 BLAKE2B f344f8630218c401a3b0eb0de9f5f23d9d1f9f65bf5c4cff2d8d0ea3ebd27cf0202ce2199b1c6d923237ee49a3b151cce46a8de3563fa743cf119c8c25270af3 SHA512 54b3316950094b3951fcfdd82bbacd34dfa8f5500b9a772d3296f411711bad0dcad51068b25cb2c196fdc4b2e1095d54701370d25180c0c68cf0913bd7d4ea03 diff --git a/www-apache/mod_security/mod_security-2.9.5-r1.ebuild b/www-apache/mod_security/mod_security-2.9.5-r1.ebuild deleted file mode 100644 index baac45dfeee8..000000000000 --- a/www-apache/mod_security/mod_security-2.9.5-r1.ebuild +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -LUA_COMPAT=( lua5-{1..3} ) - -inherit autotools apache-module lua-single - -MY_PN=modsecurity -MY_P=${MY_PN}-${PV} - -DESCRIPTION="Application firewall and intrusion detection for Apache" -HOMEPAGE="https://github.com/SpiderLabs/ModSecurity" -SRC_URI="https://github.com/SpiderLabs/ModSecurity/releases/download/v${PV}/${MY_P}.tar.gz" - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="doc fuzzyhash geoip jit json lua mlogc" - -REQUIRED_USE="lua? ( ${LUA_REQUIRED_USE} )" - -COMMON_DEPEND="dev-libs/apr - dev-libs/apr-util[openssl] - dev-libs/libxml2 - dev-libs/libpcre[jit?] - virtual/libcrypt:= - fuzzyhash? ( app-crypt/ssdeep ) - json? ( dev-libs/yajl ) - lua? ( ${LUA_DEPS} ) - mlogc? ( net-misc/curl ) - www-servers/apache[apache2_modules_unique_id]" -BDEPEND="doc? ( app-doc/doxygen )" -DEPEND="${COMMON_DEPEND}" -RDEPEND="${COMMON_DEPEND} - geoip? ( dev-libs/geoip ) - mlogc? ( dev-lang/perl )" -PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1" - -S="${WORKDIR}/${MY_P}" - -APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" -APACHE2_MOD_CONF="79_${PN}" -APACHE2_MOD_DEFINE="SECURITY" - -# Tests require symbols only defined within the Apache binary. -RESTRICT=test - -PATCHES=( - "${FILESDIR}"/${PN}-2.9.3-autoconf_lua_package_name.patch -) - -need_apache2 - -pkg_setup() { - _init_apache2 - _init_apache2_late - use lua && lua-single_pkg_setup -} - -src_prepare() { - default - eautoreconf -} - -src_configure() { - local myconf=( - --disable-static - --enable-request-early - --with-apxs="${APXS}" - --with-pic - $(use_with fuzzyhash ssdeep) - $(use_with json yajl) - $(use_enable mlogc) - $(use_with lua) - $(use_enable lua lua-cache) - $(use_enable jit pcre-jit) - $(use_enable doc docs) ) - - econf ${myconf[@]} -} - -src_compile() { - default -} - -src_install() { - apache-module_src_install - - dodoc CHANGES README.md modsecurity.conf-recommended unicode.mapping - - if use doc; then - dodoc -r doc/apache/html - fi - - if use mlogc; then - insinto /etc/ - newins mlogc/mlogc-default.conf mlogc.conf - dobin mlogc/mlogc - dobin mlogc/mlogc-batch-load.pl - newdoc mlogc/INSTALL INSTALL-mlogc - fi - - # Use /var/lib instead of /var/cache. This stuff is "persistent," - # and isn't a cached copy of something that we can recreate. - # Bug 605496. - keepdir /var/lib/modsecurity - fowners apache:apache /var/lib/modsecurity - fperms 0750 /var/lib/modsecurity - for dir in data tmp upload; do - keepdir "/var/lib/modsecurity/${dir}" - fowners apache:apache "/var/lib/modsecurity/${dir}" - fperms 0750 "/var/lib/modsecurity/${dir}" - done -} - -pkg_postinst() { - elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}" - elog "so that you can put your own configuration in (for example)" - elog "90_modsecurity_local.conf." - elog "" - elog "That would be the correct place for site-global security rules." - elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" -} diff --git a/www-apache/mod_security/mod_security-2.9.5.ebuild b/www-apache/mod_security/mod_security-2.9.5.ebuild deleted file mode 100644 index 03b2d414b760..000000000000 --- a/www-apache/mod_security/mod_security-2.9.5.ebuild +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -LUA_COMPAT=( lua5-{1..3} ) - -inherit autotools apache-module lua-single - -MY_PN=modsecurity -MY_P=${MY_PN}-${PV} - -DESCRIPTION="Application firewall and intrusion detection for Apache" -HOMEPAGE="https://github.com/SpiderLabs/ModSecurity" -SRC_URI="https://github.com/SpiderLabs/ModSecurity/releases/download/v${PV}/${MY_P}.tar.gz" - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="doc fuzzyhash geoip jit json lua mlogc" - -REQUIRED_USE="lua? ( ${LUA_REQUIRED_USE} )" - -COMMON_DEPEND="dev-libs/apr - dev-libs/apr-util[openssl] - dev-libs/libxml2 - dev-libs/libpcre[jit?] - virtual/libcrypt:= - fuzzyhash? ( app-crypt/ssdeep ) - json? ( dev-libs/yajl ) - lua? ( ${LUA_DEPS} ) - mlogc? ( net-misc/curl ) - www-servers/apache[apache2_modules_unique_id]" -BDEPEND="doc? ( app-doc/doxygen )" -DEPEND="${COMMON_DEPEND}" -RDEPEND="${COMMON_DEPEND} - geoip? ( dev-libs/geoip ) - mlogc? ( dev-lang/perl )" -PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1" - -S="${WORKDIR}/${MY_P}" - -APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" -APACHE2_MOD_CONF="79_${PN}" -APACHE2_MOD_DEFINE="SECURITY" - -# Tests require symbols only defined within the Apache binary. -RESTRICT=test - -PATCHES=( - "${FILESDIR}"/${PN}-2.9.3-autoconf_lua_package_name.patch -) - -need_apache2 - -pkg_setup() { - _init_apache2 - _init_apache2_late - use lua && lua-single_pkg_setup -} - -src_prepare() { - default - eautoreconf -} - -src_configure() { - local myconf=( - --disable-static - --enable-request-early - --with-apxs="${APXS}" - --with-pic - $(use_with fuzzyhash ssdeep) - $(use_with json yajl) - $(use_enable mlogc) - $(use_with lua) - $(use_enable lua lua-cache) - $(use_enable jit pcre-jit) - $(use_enable doc docs) ) - - econf ${myconf[@]} -} - -src_compile() { - default -} - -src_install() { - apache-module_src_install - - dodoc CHANGES README.md modsecurity.conf-recommended - - if use doc; then - dodoc -r doc/apache/html - fi - - if use mlogc; then - insinto /etc/ - newins mlogc/mlogc-default.conf mlogc.conf - dobin mlogc/mlogc - dobin mlogc/mlogc-batch-load.pl - newdoc mlogc/INSTALL INSTALL-mlogc - fi - - # Use /var/lib instead of /var/cache. This stuff is "persistent," - # and isn't a cached copy of something that we can recreate. - # Bug 605496. - keepdir /var/lib/modsecurity - fowners apache:apache /var/lib/modsecurity - fperms 0750 /var/lib/modsecurity - for dir in data tmp upload; do - keepdir "/var/lib/modsecurity/${dir}" - fowners apache:apache "/var/lib/modsecurity/${dir}" - fperms 0750 "/var/lib/modsecurity/${dir}" - done -} - -pkg_postinst() { - elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}" - elog "so that you can put your own configuration in (for example)" - elog "90_modsecurity_local.conf." - elog "" - elog "That would be the correct place for site-global security rules." - elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" -}