Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 718358 - www-apache/mod_security-3.0.4 version bump
Summary: www-apache/mod_security-3.0.4 version bump
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-19 15:43 UTC by Jonas Stein
Modified: 2020-10-01 13:44 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jonas Stein gentoo-dev 2020-04-19 15:43:23 UTC
please bump
https://github.com/SpiderLabs/ModSecurity/releases/

Reproducible: Always
Comment 1 Tobias Sager 2020-05-17 10:16:14 UTC
This is not simple to bump as the architecture was completely changed with the rewrite/release of modsecurity 3.x.

Package is now split in:
* libmodsecurity (https://github.com/SpiderLabs/ModSecurity), web server agnostic and better performing
* ModSecurity-Apache connector to interface between Apache and libmodsecurity (https://github.com/SpiderLabs/ModSecurity-apache)

Latest version of 2.x is v2.9.3 which is available in the Gentoo tree. There are a few upstream changes pending for v2.x: https://github.com/SpiderLabs/ModSecurity/blob/v2/master/CHANGES
Comment 2 Tomáš Mózes 2020-10-01 13:44:11 UTC
According to https://coreruleset.org/installation/ version 2.9.x is still recommended for Apache.