• Update to 2.7.1
  • Update Core rules set to 2.2.6
  • Fix build against libxml2 >= 2.9 (upstreamed)
  • Add some missing directives RHBZ #569360
  • Fix multipart/invalid part ruleset bypass issue (CVE-2012-4528) (RHBZ #867424, #867773, #867774)

This update has been submitted for testing by athmane.

9 years ago

This update is currently being pushed to the Fedora EPEL 6 testing updates repository.

9 years ago

This update has been pushed to testing

9 years ago
User Icon philipp commented & provided feedback 9 years ago
karma

Using it here. Had to add an 'id' field to my local SecRule entries to get them to work with this update, however. Previously wasn't required.

User Icon jens provided feedback 9 years ago
karma
User Icon jens commented & provided feedback 9 years ago
karma

Using it as well. Works good, but I had to remove a line from scanners.dat, because yum uses a User-Agent with grabber in the name.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

9 years ago

This update has been submitted for stable by athmane.

9 years ago

This update is currently being pushed to the Fedora EPEL 6 stable updates repository.

9 years ago

This update has been pushed to stable

9 years ago

Please login to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
9 years ago
in testing
9 years ago
in stable
9 years ago
BZ#569360 The default configuration in v2.5.12 is missing important settings
0
0
BZ#867424 CVE-2012-4528 mod_security: multipart/invalid part ruleset bypass
0
0
BZ#867773 mod_security: multipart/invalid part ruleset bypass [fedora-all]
0
0
BZ#867774 mod_security: multipart/invalid part ruleset bypass [epel-all]
0
0

Automated Test Results