Change log for modsecurity-apache package in Ubuntu
1 → 38 of 38 results | First • Previous • Next • Last |
Published in oracular-release |
Published in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
modsecurity-apache (2.9.7-1build3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 20:08:03 +0000
Available diffs
- diff from 2.9.7-1build2 to 2.9.7-1build3 (337 bytes)
modsecurity-apache (2.9.7-1build2) noble; urgency=high * No change rebuild against libcurl3t64-gnutls. -- Julian Andres Klode <email address hidden> Fri, 22 Mar 2024 18:18:11 +0100
Available diffs
- diff from 2.9.7-1 (in Debian) to 2.9.7-1build2 (673 bytes)
- diff from 2.9.7-1build1 to 2.9.7-1build2 (633 bytes)
Superseded in noble-proposed |
modsecurity-apache (2.9.7-1build1) noble; urgency=medium * No-change rebuild against libaprutil t64. -- Matthias Klose <email address hidden> Fri, 15 Mar 2024 22:27:39 +0100
Available diffs
- diff from 2.9.7-1 (in Debian) to 2.9.7-1build1 (331 bytes)
modsecurity-apache (2.9.3-1ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: denial of service - debian/patches/CVE-2021-42717.patch: added support for configurable limit on depth of JSON parsing. * SECURITY UPDATE: firewall failure - debian/patches/CVE-2022-48279.patch: fixed HTTP multipart parsing and added and new MULTIPART_PART_HEADERS collection. * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2023-24021.patch: fixed incomplete content in FILES_TMP_CONTENT. -- Allen Huang <email address hidden> Wed, 13 Sep 2023 12:12:51 +0100
Available diffs
Deleted in noble-updates (Reason: superseded by release) |
Superseded in noble-release |
Published in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
modsecurity-apache (2.9.7-1) unstable; urgency=medium * New upstream version 2.9.7 * Fixes CVE-2022-48279 * Switched from old PCRE to PCRE2 https://lists.debian.org/debian-devel/2021/11/msg00176.html * Bumped minimum version of libxml2-dev -- Ervin Hegedüs <email address hidden> Mon, 23 Jan 2023 11:39:50 +0100
Available diffs
- diff from 2.9.6-1 to 2.9.7-1 (17.9 KiB)
modsecurity-apache (2.9.6-1) unstable; urgency=medium * New upstream version 2.9.6 * Bump Standards-Version to 4.6.1 -- Ervin Hegedus <email address hidden> Fri, 09 Sep 2022 09:09:04 +0200
Available diffs
- diff from 2.9.5-1 to 2.9.6-1 (9.2 KiB)
Superseded in lunar-release |
Obsolete in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
modsecurity-apache (2.9.5-1) unstable; urgency=medium [ Ervin Hegedüs ] * New upstream version 2.9.5 * Fixes CVE-2021-2021-42727 * Removed d/patches/970833_fix.patch; upstream contains it * Added Ervin Hegedus <email address hidden> to Uploaders in d/control * Changed Homepage field in d/changelog * Added Vcs-Browser to d/changelog * Bump Standards-Versio to 4.6.0 * Bump compat to 13 * Aligned d/watch - old URI is no longer available -- Ervin Hegedus <email address hidden> Tue, 23 Nov 2021 13:25:57 +0100
Available diffs
- diff from 2.9.3-3 to 2.9.5-1 (16.2 KiB)
Superseded in jammy-release |
Obsolete in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
modsecurity-apache (2.9.3-3) unstable; urgency=medium * Add upstream patch to fix Segfault when using SecRemoteRules. (Closes: #970833) -- Alberto Gonzalez Iniesta <email address hidden> Thu, 10 Dec 2020 19:14:15 +0100
Available diffs
- diff from 2.9.3-2 to 2.9.3-3 (1.2 KiB)
Superseded in hirsute-release |
Obsolete in groovy-release |
Deleted in groovy-proposed (Reason: moved to Release) |
modsecurity-apache (2.9.3-2) unstable; urgency=medium * Added `--enable-pcre-jit` option to configure script -- Ervin Hegedus <email address hidden> Sun, 17 May 2020 19:47:56 +0000
Available diffs
- diff from 2.9.3-1 to 2.9.3-2 (585 bytes)
Superseded in groovy-release |
Published in focal-release |
Obsolete in eoan-release |
Obsolete in disco-release |
Deleted in disco-proposed (Reason: moved to release) |
modsecurity-apache (2.9.3-1) unstable; urgency=medium * New upstream release. * Bumped to debhelper compatibility level 11, removed build-dep on dh-autoreconf. * Bumped Standards-Version to 4.2.1 -- Alberto Gonzalez Iniesta <email address hidden> Mon, 10 Dec 2018 20:21:48 +0100
Available diffs
- diff from 2.9.2-2 to 2.9.3-1 (60.6 KiB)
modsecurity-apache (2.9.2-2) unstable; urgency=medium * Change CRS IncludeOptional to wildcard to get the desired behaviour (not failing when CRS not present). Thanks Walter Kleynscheldt for pointing this out. (Closes: #874542) -- Alberto Gonzalez Iniesta <email address hidden> Mon, 17 Sep 2018 09:11:12 +0200
Available diffs
- diff from 2.9.2-1 to 2.9.2-2 (576 bytes)
Superseded in disco-release |
Obsolete in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
modsecurity-apache (2.9.2-1) unstable; urgency=medium * New upstream release. Remove logging patch. * Removed no longer needed libapache2-modsecurity transitional package. -- Alberto Gonzalez Iniesta <email address hidden> Wed, 11 Oct 2017 12:53:50 +0200
Available diffs
- diff from 2.9.1-3 to 2.9.2-1 (447.3 KiB)
Superseded in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
modsecurity-apache (2.9.1-3) unstable; urgency=medium * Apply upstream (#1216) patch to fix errors on logging. -- Alberto Gonzalez Iniesta <email address hidden> Thu, 29 Jun 2017 11:19:57 +0200
Available diffs
- diff from 2.9.1-2 to 2.9.1-3 (945 bytes)
Superseded in artful-release |
Obsolete in zesty-release |
Deleted in zesty-proposed (Reason: moved to release) |
modsecurity-apache (2.9.1-2) unstable; urgency=medium * security2.load: Remove no longer needed load of libxml2.so.2 * improve_defaults.patch: Increase PCRE limits, reorder SecAuditLogParts Thanks Christian Folini for the suggestions! * Add IncludeOptional directive for modsecurity-crs package. -- Alberto Gonzalez Iniesta <email address hidden> Tue, 20 Dec 2016 17:14:15 +0100
Available diffs
- diff from 2.9.1-1 to 2.9.1-2 (1.2 KiB)
modsecurity-apache (2.9.1-1) unstable; urgency=medium * New upstream release. -- Alberto Gonzalez Iniesta <email address hidden> Mon, 19 Sep 2016 19:04:01 +0200
Available diffs
- diff from 2.9.0-1 to 2.9.1-1 (28.5 KiB)
Superseded in zesty-release |
Obsolete in yakkety-release |
Published in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
modsecurity-apache (2.9.0-1) unstable; urgency=medium * New upstream release. (Closes: #790116) * Removed mlogc_TLS1.2.patch, not needed anymore. * Remove old (no longer applied) patches from debian/patches -- Alberto Gonzalez Iniesta <email address hidden> Tue, 07 Jul 2015 12:26:36 +0200
Available diffs
- diff from 2.8.0-4 to 2.9.0-1 (348.4 KiB)
Superseded in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
modsecurity-apache (2.8.0-4) unstable; urgency=medium * Apply upstream patch to make mlogc use TLS 1.2 instead of SSL v3. * Add support for JSON. (Closes: #765605) -- Alberto Gonzalez Iniesta <email address hidden> Tue, 04 Nov 2014 12:54:04 +0100
Available diffs
- diff from 2.8.0-3 to 2.8.0-4 (1.4 KiB)
modsecurity-apache (2.8.0-3) unstable; urgency=medium * Add explicit Build-Dep on libpcre3-dev since libaprutil1-dev no longer does. (Closes: #765122) * Add pkg-config to Build-Dep so that lua support is picked up correctly. -- Alberto Gonzalez Iniesta <email address hidden> Mon, 13 Oct 2014 20:19:23 +0200
Available diffs
- diff from 2.8.0-1 to 2.8.0-3 (1.2 KiB)
Superseded in vivid-release |
Obsolete in utopic-release |
Deleted in utopic-proposed (Reason: moved to release) |
modsecurity-apache (2.8.0-1) unstable; urgency=medium * New upstream version -- Alberto Gonzalez Iniesta <email address hidden> Mon, 21 Apr 2014 18:35:38 +0200
Available diffs
- diff from 2.7.7-2 to 2.8.0-1 (146.7 KiB)
Superseded in utopic-release |
Published in trusty-release |
Deleted in trusty-proposed (Reason: moved to release) |
modsecurity-apache (2.7.7-2) unstable; urgency=medium * Use dh-autoreconf to fix FTBFS on ppc64el. (Closes: #734573) Thanks Logan Rosen for the patch. -- Alberto Gonzalez Iniesta <email address hidden> Wed, 15 Jan 2014 10:18:58 +0100
Available diffs
- diff from 2.7.7-1ubuntu1 (in Ubuntu) to 2.7.7-2 (692 bytes)
modsecurity-apache (2.7.7-1ubuntu1) trusty; urgency=medium * Use dh-autoreconf to get new libtool macros for ppc64el. -- Logan Rosen <email address hidden> Sat, 04 Jan 2014 20:17:37 -0500
Available diffs
- diff from 2.7.7-1 (in Debian) to 2.7.7-1ubuntu1 (962 bytes)
modsecurity-apache (2.7.7-1) unstable; urgency=low * New upstream version * Bumped Standards-Version to 3.9.5 * Renamed binary package so that it follows naming standards -- Alberto Gonzalez Iniesta <email address hidden> Thu, 19 Dec 2013 17:09:28 +0100
Available diffs
- diff from 2.7.5-1 to 2.7.7-1 (406.2 KiB)
modsecurity-apache (2.7.5-1) unstable; urgency=low * New upstream version -- Alberto Gonzalez Iniesta <email address hidden> Fri, 11 Oct 2013 11:24:43 +0200
Available diffs
- diff from 2.7.4-1 to 2.7.5-1 (77.2 KiB)
Superseded in trusty-release |
Obsolete in saucy-release |
Deleted in saucy-proposed (Reason: moved to release) |
modsecurity-apache (2.7.4-1) unstable; urgency=low * New upstream version. * Remove doc-base since doc files were removed upstream. -- Alberto Gonzalez Iniesta <email address hidden> Mon, 01 Jul 2013 17:14:29 +0200
Available diffs
- diff from 2.6.6-6 to 2.7.4-1 (404.4 KiB)
- diff from 2.6.6-9 to 2.7.4-1 (402.5 KiB)
modsecurity-apache (2.6.6-9) unstable; urgency=high * Applied upstream patch to fix NULL pointer dereference. CVE-2013-2765. (Closes: #710217) -- Alberto Gonzalez Iniesta <email address hidden> Tue, 04 Jun 2013 09:34:41 +0200
Available diffs
- diff from 2.6.6-8 to 2.6.6-9 (769 bytes)
modsecurity-apache (2.6.6-8) unstable; urgency=low * Upload to unstable. -- Alberto Gonzalez Iniesta <email address hidden> Tue, 28 May 2013 18:20:39 +0200
Superseded in saucy-release |
Obsolete in raring-release |
Deleted in raring-proposed (Reason: moved to release) |
modsecurity-apache (2.6.6-6) unstable; urgency=high * Applied upstream patch to fix XXE attacks. CVE-2013-1915 Thanks Thomas Goirand for backporting the patch. (Closes: #704625) Adds new SecXmlExternalEntity option which by default (Off) disables the external entity load task executed by libxml2. -- Alberto Gonzalez Iniesta <email address hidden> Sat, 06 Apr 2013 11:09:12 +0200
Available diffs
- diff from 2.6.6-5 to 2.6.6-6 (1.9 KiB)
modsecurity-apache (2.6.6-5) unstable; urgency=high * Applied upstream patch to fix multipart/invalid part ruleset bypass. CVE-2012-4528. (Closes: #691146) -- Alberto Gonzalez Iniesta <email address hidden> Mon, 22 Oct 2012 16:23:19 +0200
Available diffs
- diff from 2.6.6-3 to 2.6.6-5 (2.1 KiB)
modsecurity-apache (2.6.3-1ubuntu0.2) precise-proposed; urgency=low * debian/mod-security.load: revert previous change, since an alternate solution has been agreed in the bug. * debian/mod-security.load: drop LoadFile directive entirely, and rely on the loader to resolve all required dependencies. This avoids the hardcoded path which fails on multiarch-enabled systems (LP: #988819).
Available diffs
- diff from 2.6.3-1ubuntu0.1 to 2.6.3-1ubuntu0.2 (597 bytes)
modsecurity-apache (2.6.6-3) unstable; urgency=low * Relicense debian/* files to ASLv2 to avoid conflicts with upstream license. -- Alberto Gonzalez Iniesta <email address hidden> Thu, 12 Jul 2012 13:05:20 +0200
Available diffs
- diff from 2.6.6-2 to 2.6.6-3 (998 bytes)
modsecurity-apache (2.6.6-2) unstable; urgency=low * Updated debian/copyright with right license. -- Alberto Gonzalez Iniesta <email address hidden> Mon, 02 Jul 2012 17:23:08 +0200
Available diffs
- diff from 2.6.6-1 to 2.6.6-2 (3.2 KiB)
modsecurity-apache (2.6.6-1) unstable; urgency=low * New upstream release. * Remove patches/fix_non_linux.patch. Applied upstream. * debian/rules: cleanup. * Add hardening flags to build process. -- Alberto Gonzalez Iniesta <email address hidden> Fri, 15 Jun 2012 12:34:20 +0200
Available diffs
- diff from 2.6.5-2 to 2.6.6-1 (31.4 KiB)
Superseded in precise-proposed |
modsecurity-apache (2.6.3-1ubuntu0.1) precise-proposed; urgency=low * debian/mod-security.load: remove libxml2.so.2 path, since with multiarch it is always incorrect on i386 and amd64. Use no path and a corresponding apache2 change to use the standard dlopen search path in this case to allow the library to be found (LP: #988819). -- Robie Basak <email address hidden> Fri, 08 Jun 2012 15:40:04 +0100
Available diffs
modsecurity-apache (2.6.5-2) unstable; urgency=low * mod-security.load: removed /usr/lib/ from libxml2's LoadFile path. (Closes: #670247) * README.Debian: Fix name of example configuration file. (Closes: #668938, #659858) * debian/control: Remove mention to modsecurity-common. (Closes: #662862) -- Alberto Gonzalez Iniesta <email address hidden> Thu, 03 May 2012 17:36:01 +0200
Available diffs
- diff from 2.6.5-1 to 2.6.5-2 (1.1 KiB)
modsecurity-apache (2.6.5-1) unstable; urgency=low * New upstream release -- Alberto Gonzalez Iniesta <email address hidden> Tue, 20 Mar 2012 20:05:09 +0100
Available diffs
- diff from 2.6.3-1 to 2.6.5-1 (34.1 KiB)
modsecurity-apache (2.6.3-1) unstable; urgency=low * New upstream release * Include mlogc (still missing manpage). (Closes: #645875) * postinst: changed force-reload to restart to avoid apache from segfaulting when upgrading modsecurity module (Closes: #574376) -- Alberto Gonzalez Iniesta <email address hidden> Wed, 28 Dec 2011 16:51:11 +0100
Available diffs
- diff from 2.6.0-1 (in Ubuntu) to 2.6.3-1 (491.4 KiB)
modsecurity-apache (2.6.0-1) unstable; urgency=low * New upstream release (Closes: #627858, #607763) * Bumped Standards-Version to 3.9.2 -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 16 Jun 2011 22:57:36 +0000
Available diffs
- diff from 2.5.13-1 to 2.6.0-1 (2.0 MiB)
modsecurity-apache (2.5.13-1) unstable; urgency=low * The "Rename the whole thing" release Move to libapache2- for the binary package to match the rest of Apache 2.x modules. Rename the source package to its current name, modsecurity-apache, since the former source name came from very old versions (1.x). Also allowing the future modsecurity-crs to have a more related source name. (Closes: #516540) * Merge documentation in libapache2-modsecurity temporarily. mod-security-common is going away. modsecurity-crs will soon come. * New upstream release * debian/control: - Added Homepage field - Bumped Standards-Version to 3.9.1 * Added watch file
1 → 38 of 38 results | First • Previous • Next • Last |