From ecca07542ff99dfe12fbfb9d26ff3c2ad7ffd03a Mon Sep 17 00:00:00 2001 From: Pascal Christen Date: Wed, 19 Oct 2022 07:43:56 +0200 Subject: [PATCH] www/mod_security: Update to 2.9.6 ChangeLog: https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.6 New features and security impacting issues Adjust parser activation rules in modsecurity.conf-recommended Multipart parsing fixes and new MULTIPART_PART_HEADERS collection Bug fixes * Limit rsub null termination to where necessary * IIS: Update dependencies for next planned release * XML parser cleanup: NULL duplicate pointer * Properly cleanup XML parser contexts upon completion * Fix memory leak in streams * Fix: negative usec on log line when data type long is 32b * mlogc log-line parsing fails due to enhanced timestamp * Allow no-key, single-value JSON body * Set SecStatusEngine Off in modsecurity.conf-recommended * Fix memory leak that occurs on JSON parsing error * Multipart names/filenames may include single quote if double-quote enclosed * Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended PR: 266318 Reported by: pascal.christen@hostpoint.ch Reviewed by: tuc03516@gmail.com Approved by: joneum@ (maintainer, timeout > 1 month) --- www/mod_security/Makefile | 3 +-- www/mod_security/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/www/mod_security/Makefile b/www/mod_security/Makefile index a8a9ac5c643b..5962ed0905a0 100644 --- a/www/mod_security/Makefile +++ b/www/mod_security/Makefile @@ -1,7 +1,6 @@ PORTNAME= mod_security DISTVERSIONPREFIX= v -PORTVERSION= 2.9.5 -PORTREVISION= 2 +PORTVERSION= 2.9.6 CATEGORIES= www security MASTER_SITES= https://github.com/SpiderLabs/ModSecurity/releases/download/v${PORTVERSION}/ PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX} diff --git a/www/mod_security/distinfo b/www/mod_security/distinfo index f8dc72555b64..950e40698d76 100644 --- a/www/mod_security/distinfo +++ b/www/mod_security/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1646409048 -SHA256 (modsecurity-2.9.5.tar.gz) = e2bfc8cd8b8de1e21f054d310543373ea5d89adbd96784e832be0da3e4dc149e -SIZE (modsecurity-2.9.5.tar.gz) = 4315037 +TIMESTAMP = 1662714949 +SHA256 (modsecurity-2.9.6.tar.gz) = 626a831aca92cdff73ea68a85b7f5c105d9a15365fa270fbed3139a81eaf3344 +SIZE (modsecurity-2.9.6.tar.gz) = 4316582