From secunia security advisory at $URL:
A vulnerability has been reported in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to an error when parsing quotes within multipart requests and can be exploited to bypass certain filtering rules.
The vulnerability is reported in versions prior to 2.6.6.
Update to version 2.6.6.
Is 2.6.6 ready to be stabilized?
Yes it is.
Arches, please test and mark stable:
Target KEYWORDS : "amd64 ppc sparc x86"
x86 stable, thanks!
@security: please vote.
ModSecurity before 2.6.6, when used with PHP, does not properly handle
single quotes not at the beginning of a request parameter value in the
Content-Disposition field of a request with a multipart/form-data
Content-Type header, which allows remote attackers to bypass filtering rules
and perform other attacks such as cross-site scripting (XSS) attacks. NOTE:
this vulnerability exists because of an incomplete fix for CVE-2009-5031.
ModSecurity before 2.5.11 treats request parameter values containing single
quotes as files, which allows remote attackers to bypass filtering rules and
perform other attacks such as cross-site scripting (XSS) attacks via a
single quote in a request parameter in the Content-Disposition field of a
request with a multipart/form-data Content-Type header.
GLSA vote: no.
Thanks, folks. GLSA Vote: no too. Closing noglsa.