[gentoo-commits] gentoo-x86 commit in www-apache/modsecurity-crs: ChangeLog modsecurity-crs-2.0.10.ebuild

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] gentoo-x86 commit in www-apache/modsecurity-crs: ChangeLog modsecurity-crs-2.0.10.ebuild
@ 2010-12-01 21:38 Diego Petteno (flameeyes)
  0 siblings, 0 replies; 2+ messages in thread
From: Diego Petteno (flameeyes) @ 2010-12-01 21:38 UTC (permalink / raw
  To: gentoo-commits

flameeyes    10/12/01 21:38:03

  Modified:             ChangeLog
  Added:                modsecurity-crs-2.0.10.ebuild
  Log:
  Version bump, the phpids is optional upstream now.
  
  (Portage version: 2.2.0_alpha6/cvs/Linux x86_64)

Revision  Changes    Path
1.4                  www-apache/modsecurity-crs/ChangeLog

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/ChangeLog?rev=1.4&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/ChangeLog?rev=1.4&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/ChangeLog?r1=1.3&r2=1.4

Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ChangeLog	24 Oct 2010 17:41:16 -0000	1.3
+++ ChangeLog	1 Dec 2010 21:38:02 -0000	1.4
@@ -1,6 +1,12 @@
 # ChangeLog for www-apache/modsecurity-crs
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.3 2010/10/24 17:41:16 armin76 Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.4 2010/12/01 21:38:02 flameeyes Exp $
+
+*modsecurity-crs-2.0.10 (01 Dec 2010)
+
+  01 Dec 2010; Diego E. Pettenò <flameeyes@gentoo.org>
+  +modsecurity-crs-2.0.10.ebuild:
+  Version bump, the phpids is optional upstream now.
 
   24 Oct 2010; Raúl Porcel <armin76@gentoo.org>
   modsecurity-crs-2.0.8.ebuild:



1.1                  www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild?rev=1.1&content-type=text/plain

Index: modsecurity-crs-2.0.10.ebuild
===================================================================
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild,v 1.1 2010/12/01 21:38:02 flameeyes Exp $

EAPI=2

DESCRIPTION="Core Rule Set for ModSecurity"
HOMEPAGE="http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project"
SRC_URI="mirror://sourceforge/mod-security/${PN}_${PV}.tar.gz"

LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~sparc ~x86"
IUSE="vanilla"

RDEPEND=">=www-apache/mod_security-2.5.12-r1"
DEPEND=""

S="${WORKDIR}/${PN}_${PV}"

RULESDIR=/etc/apache2/modules.d/mod_security

src_install() {
	insinto "${RULESDIR}" || die
	doins base_rules/* || die

	# these are considered examples, but we install them anyway, and let
	# etc-update deal with them.
	for file in *.conf.example; do
		newins "${file}" "${file%.example}" || die "failed to install ${file}"
	done

	insinto "${RULESDIR}"/optional_rules
	doins optional_rules/* || die

	# These are not conditionals because they actually need to be
	# moved for the rules to work — bug #329131
	mv "${D}${RULESDIR}"/modsecurity_42_comment_spam.data \
		"${D}${RULESDIR}"/optional_rules || die

	if ! use vanilla; then
		mv "${D}${RULESDIR}"/modsecurity_*50_outbound* \
			"${D}${RULESDIR}"/optional_rules || die
	fi

	dodoc CHANGELOG README || die
}

pkg_postinst() {
	if ! use vanilla; then
		elog "Please note that the Core Rule Set is quite draconic; to make it more usable,"
		elog "the Gentoo distribution disables a few rule set files, that are relevant for"
		elog "PHP-only websites or that would make it kill a website that discussed of source code."
		elog
		elog "Furthermore we disable the 'HTTP Parameter Pollution' tests that disallow"
		elog "multiple parameters with the same name, because that's common practice both"
		elog "for Rails-based web-applications and Bugzilla."
	else
		elog "You decided to enable the original Core Rule Set from ModSecurity."
		elog "Be warned that the original Core Rule Set is draconic and most likely will"
		elog "render your web application unusable if you don't disable at leat some of"
		elog "the rules."
	fi
	elog
	elog "If you want to enable further rules, check the following directory:"
	elog "	${APACHE_MODULES_CONFDIR}/mod_security/optional_rules"
}






^ permalink raw reply	[flat|nested] 2+ messages in thread

* [gentoo-commits] gentoo-x86 commit in www-apache/modsecurity-crs: ChangeLog modsecurity-crs-2.0.10.ebuild
@ 2010-12-03  1:34 Diego Petteno (flameeyes)
  0 siblings, 0 replies; 2+ messages in thread
From: Diego Petteno (flameeyes) @ 2010-12-03  1:34 UTC (permalink / raw
  To: gentoo-commits

flameeyes    10/12/03 01:34:34

  Modified:             ChangeLog modsecurity-crs-2.0.10.ebuild
  Log:
  Add log about the recent changes in 2.0.9+ about blocking/scoring.
  
  (Portage version: 2.2.0_alpha6/cvs/Linux x86_64)

Revision  Changes    Path
1.5                  www-apache/modsecurity-crs/ChangeLog

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/ChangeLog?rev=1.5&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/ChangeLog?rev=1.5&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/ChangeLog?r1=1.4&r2=1.5

Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ChangeLog	1 Dec 2010 21:38:02 -0000	1.4
+++ ChangeLog	3 Dec 2010 01:34:34 -0000	1.5
@@ -1,6 +1,10 @@
 # ChangeLog for www-apache/modsecurity-crs
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.4 2010/12/01 21:38:02 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.5 2010/12/03 01:34:34 flameeyes Exp $
+
+  03 Dec 2010; Diego E. Pettenò <flameeyes@gentoo.org>
+  modsecurity-crs-2.0.10.ebuild:
+  Add log about the recent changes in 2.0.9+ about blocking/scoring.
 
 *modsecurity-crs-2.0.10 (01 Dec 2010)
 



1.2                  www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild?r1=1.1&r2=1.2

Index: modsecurity-crs-2.0.10.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- modsecurity-crs-2.0.10.ebuild	1 Dec 2010 21:38:02 -0000	1.1
+++ modsecurity-crs-2.0.10.ebuild	3 Dec 2010 01:34:34 -0000	1.2
@@ -1,6 +1,6 @@
 # Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild,v 1.1 2010/12/01 21:38:02 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.0.10.ebuild,v 1.2 2010/12/03 01:34:34 flameeyes Exp $
 
 EAPI=2
 
@@ -64,4 +64,12 @@
 	elog
 	elog "If you want to enable further rules, check the following directory:"
 	elog "	${APACHE_MODULES_CONFDIR}/mod_security/optional_rules"
+	elog ""
+	elog "Starting from version 2.0.9, the default for the Core Rule Set is again to block"
+	elog "when rules hit. If you wish to go back to the 2.0.8 method of anomaly scoring, you"
+	elog "should change modsecurity_crs_10_config.conf so that you have these settings enabled:"
+	elog ""
+	elog "    SecDefaultAction \"phase:1,pass\""
+	elog "    SecAction \"phase:1,t:none,nolog,pass,setvar:tx.anomaly_score_blocking=on\""
+	elog ""
 }






^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2010-12-03  1:34 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-12-03  1:34 [gentoo-commits] gentoo-x86 commit in www-apache/modsecurity-crs: ChangeLog modsecurity-crs-2.0.10.ebuild Diego Petteno (flameeyes)
  -- strict thread matches above, loose matches on Subject: below --
2010-12-01 21:38 Diego Petteno (flameeyes)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox