- Update to 2.7.3 due a vulnerability that affect all versions 2.x. [1]
- Update MASTER_SITES. - Convert to optionsNG. - Trim header. More info: https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES Reported by: olli hauer <ohauer@gmx.de> [1] Approved by: portmgr (bdrewery) Security: 2070c79a-8e1e-11e2-b34d-000c2957946c
This commit is contained in:
parent
97b3d5bb0c
commit
d9e4c9a9ce
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=315811
3 changed files with 53 additions and 28 deletions
|
@ -51,6 +51,39 @@ Note: Please add new entries to the beginning of this file.
|
||||||
|
|
||||||
-->
|
-->
|
||||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||||
|
<vuln vid="2070c79a-8e1e-11e2-b34d-000c2957946c">
|
||||||
|
<topic>ModSecurity -- XML External Entity Processing Vulnerability</topic>
|
||||||
|
<affects>
|
||||||
|
<package>
|
||||||
|
<name>mod_security</name>
|
||||||
|
<range><gt>2.*</gt><lt>2.7.3</lt></range>
|
||||||
|
</package>
|
||||||
|
</affects>
|
||||||
|
<description>
|
||||||
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||||
|
<p>Positive Technologies has reported a vulnerability in ModSecurity,
|
||||||
|
which can be exploited by malicious people to disclose potentially
|
||||||
|
sensitive information or cause a DoS (Denial Of Serice).</p>
|
||||||
|
<p>The vulnerability is caused due to an error when parsing external
|
||||||
|
XML entities and can be exploited to e.g. disclose local files or
|
||||||
|
cause excessive memory and CPU consumption.</p>
|
||||||
|
<blockquote cite="https://secunia.com/advisories/52847/">
|
||||||
|
<p>.</p>
|
||||||
|
</blockquote>
|
||||||
|
</body>
|
||||||
|
</description>
|
||||||
|
<references>
|
||||||
|
<cvename>CVE-2013-1915</cvename>
|
||||||
|
<url>https://secunia.com/advisories/52847/</url>
|
||||||
|
<url>https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1915</url>
|
||||||
|
<url>https://bugs.gentoo.org/show_bug.cgi?id=464188</url>
|
||||||
|
</references>
|
||||||
|
<dates>
|
||||||
|
<discovery>2013-04-02</discovery>
|
||||||
|
<entry>2013-04-16</entry>
|
||||||
|
</dates>
|
||||||
|
</vuln>
|
||||||
|
|
||||||
<vuln vid="a2ff483f-a5c6-11e2-9601-000d601460a4">
|
<vuln vid="a2ff483f-a5c6-11e2-9601-000d601460a4">
|
||||||
<topic>sieve-connect -- TLS hostname verification was not occurring</topic>
|
<topic>sieve-connect -- TLS hostname verification was not occurring</topic>
|
||||||
<affects>
|
<affects>
|
||||||
|
|
|
@ -1,15 +1,9 @@
|
||||||
# New ports collection makefile for: mod_security
|
|
||||||
# Date created: 4 June 2003
|
|
||||||
# Whom: Marcelo Araujo <araujo@FreeBSD.org>
|
|
||||||
#
|
|
||||||
# $FreeBSD$
|
# $FreeBSD$
|
||||||
#
|
|
||||||
|
|
||||||
PORTNAME= mod_security
|
PORTNAME= mod_security
|
||||||
PORTVERSION= 2.6.6
|
PORTVERSION= 2.7.3
|
||||||
PORTREVISION= 1
|
|
||||||
CATEGORIES= www security
|
CATEGORIES= www security
|
||||||
MASTER_SITES= SF/mod-security/modsecurity-apache/${PORTVERSION}
|
MASTER_SITES= http://www.modsecurity.org/tarball/${PORTVERSION}/
|
||||||
PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX}
|
PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX}
|
||||||
DISTNAME= ${PORTNAME:S/_//:S/2//}-apache_${PORTVERSION}
|
DISTNAME= ${PORTNAME:S/_//:S/2//}-apache_${PORTVERSION}
|
||||||
|
|
||||||
|
@ -19,7 +13,7 @@ COMMENT= An intrusion detection and prevention engine
|
||||||
LICENSE= AL2
|
LICENSE= AL2
|
||||||
MAKE_JOBS_SAFE= yes
|
MAKE_JOBS_SAFE= yes
|
||||||
|
|
||||||
LIB_DEPENDS+= pcre.3:${PORTSDIR}/devel/pcre \
|
LIB_DEPENDS+= pcre:${PORTSDIR}/devel/pcre \
|
||||||
apr-1:${PORTSDIR}/devel/apr1
|
apr-1:${PORTSDIR}/devel/apr1
|
||||||
|
|
||||||
USE_APACHE= 22+
|
USE_APACHE= 22+
|
||||||
|
@ -39,36 +33,34 @@ PLIST_FILES= etc/modsecurity.conf-example \
|
||||||
${APACHEMODDIR}/mod_security2.so \
|
${APACHEMODDIR}/mod_security2.so \
|
||||||
bin/rules-updater.pl \
|
bin/rules-updater.pl \
|
||||||
lib/mod_security2.so
|
lib/mod_security2.so
|
||||||
OPTIONS= LUA "Embedded Lua language support" off \
|
|
||||||
MLOGC "Build ModSecurity Log Collector" off
|
OPTIONS_DEFINE= LUA MLOGC
|
||||||
|
MLOGC_DESC= Build ModSecurity Log Collector
|
||||||
|
|
||||||
.include <bsd.port.pre.mk>
|
.include <bsd.port.pre.mk>
|
||||||
|
|
||||||
.if defined(WITH_MLOGC)
|
.if ${PORT_OPTIONS:MMLOGC}
|
||||||
PLIST_FILES+= bin/mlogc
|
|
||||||
.endif
|
|
||||||
|
|
||||||
.if defined(WITH_LUA)
|
|
||||||
USE_LUA= 5.1+
|
|
||||||
CONFIGURE_ARGS+= --with-lua=${LOCALBASE}
|
|
||||||
LIB_DEPENDS+= lua-5.1.1:${PORTSDIR}/lang/lua
|
|
||||||
.else
|
|
||||||
CONFIGURE_ARGS+= --without-lua
|
|
||||||
.endif
|
|
||||||
|
|
||||||
.if defined(WITH_MLOGC)
|
|
||||||
LIB_DEPENDS+= curl:${PORTSDIR}/ftp/curl
|
LIB_DEPENDS+= curl:${PORTSDIR}/ftp/curl
|
||||||
CONFIGURE_ARGS+= --with-curl=${LOCALBASE} --disable-errors
|
CONFIGURE_ARGS+= --with-curl=${LOCALBASE} --disable-errors
|
||||||
|
PLIST_FILES+= bin/mlogc bin/mlogc-batch-load.pl
|
||||||
.else
|
.else
|
||||||
CONFIGURE_ARGS+= --disable-mlogc
|
CONFIGURE_ARGS+= --disable-mlogc
|
||||||
.endif
|
.endif
|
||||||
|
|
||||||
|
.if ${PORT_OPTIONS:MLUA}
|
||||||
|
USE_LUA= 5.1+
|
||||||
|
CONFIGURE_ARGS+= --with-lua=${LOCALBASE}
|
||||||
|
LIB_DEPENDS+= lua-5.1.5:${PORTSDIR}/lang/lua
|
||||||
|
.else
|
||||||
|
CONFIGURE_ARGS+= --without-lua
|
||||||
|
.endif
|
||||||
|
|
||||||
REINPLACE_ARGS= -i ""
|
REINPLACE_ARGS= -i ""
|
||||||
AP_EXTRAS+= -DWITH_LIBXML2
|
AP_EXTRAS+= -DWITH_LIBXML2
|
||||||
CONFIGURE_ARGS+= --with-apxs=${APXS} --with-pcre=${LOCALBASE}
|
CONFIGURE_ARGS+= --with-apxs=${APXS} --with-pcre=${LOCALBASE}
|
||||||
|
|
||||||
post-build:
|
post-build:
|
||||||
.if defined(WITH_MLOGC)
|
.if ${PORT_OPTIONS:MMLOGC}
|
||||||
# XXX there is "mlogc-static" target in the Makefile, too
|
# XXX there is "mlogc-static" target in the Makefile, too
|
||||||
cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} mlogc
|
cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} mlogc
|
||||||
.endif
|
.endif
|
||||||
|
@ -79,7 +71,7 @@ post-install:
|
||||||
@${MKDIR} ${DOCSDIR}
|
@${MKDIR} ${DOCSDIR}
|
||||||
@(cd ${WRKSRC} && ${COPYTREE_SHARE} "doc" ${DOCSDIR}/)
|
@(cd ${WRKSRC} && ${COPYTREE_SHARE} "doc" ${DOCSDIR}/)
|
||||||
.endif
|
.endif
|
||||||
.if defined(WITH_MLOGC)
|
.if ${PORT_OPTIONS:MMLOGC}
|
||||||
${INSTALL_PROGRAM} ${WRKSRC}/mlogc/mlogc ${PREFIX}/bin/
|
${INSTALL_PROGRAM} ${WRKSRC}/mlogc/mlogc ${PREFIX}/bin/
|
||||||
.endif
|
.endif
|
||||||
|
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
SHA256 (modsecurity-apache_2.6.6.tar.gz) = a0cb075d5898230d17da5805eb102d1bbba07fe0748dcc32920990c4711b7708
|
SHA256 (modsecurity-apache_2.7.3.tar.gz) = fa5b0a2fabe9cd6c7b35ae09a433a60da183b2cabcf26479ec40fc4a419693e4
|
||||||
SIZE (modsecurity-apache_2.6.6.tar.gz) = 781984
|
SIZE (modsecurity-apache_2.7.3.tar.gz) = 981947
|
||||||
|
|
Loading…
Reference in a new issue