--- /dev/null
+libapache-mod-security (2.5.11-1~cn1) stable; urgency=low
+
+ * Backported to Debian lenny.
+
+ -- Dragan Dosen <ddosen@ffzg.hr> Wed, 10 Feb 2010 15:38:17 +0100
+
+libapache-mod-security (2.5.11-1) unstable; urgency=low
+
+ * New upstream release
+ * Changed section to httpd (from web)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Thu, 12 Nov 2009 11:50:33 +0100
+
+libapache-mod-security (2.5.10-1) unstable; urgency=low
+
+ * New upstream version.
+ * debian/control: remove mod-security-common dependency on
+ libapache-mod-security. (Closes: #529064)
+ * liblua correctly detected on build now. (Closes: #524913)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Thu, 01 Oct 2009 12:57:44 +0200
+
+libapache-mod-security (2.5.9-1) unstable; urgency=high
+
+ * New upstream release. (Closes: #512472)
+ Urgency high due to it fixing multiple remote DoS.
+ Bugtraq ID: 34096
+ * Moved to debhelper compatibility level 7:
+ - echo 7 > debian/compat
+ - Added ${misc:Depends} to debian/control
+ - Bumped debhelper version dependency in debian/control
+ * Fixed long description formatting. (Closes: #516540)
+ * Prepared build of mlogc, not releasing this time due to
+ urgency of release and missing man page.
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Mon, 23 Mar 2009 09:56:42 +0100
+
+libapache-mod-security (2.5.6-1) unstable; urgency=low
+
+ * The 'Back to the archive!' Release (Closes: #487431)
+ * Drop '2' from package name, now libapache-mod-security
+ * New upstream release
+ - Includes a new licensing exception that allows binary
+ distribution with licenses not compatible with GPLv2,
+ such as Apache's. See MODSECURITY_LICENSING_EXCEPTION
+ * Removed debian/bug and debian/rules entry to install bug
+ handling when out of the archive.
+ * Bumped Standards-Version to 3.8.0.0
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Fri, 08 Aug 2008 13:31:56 +0200
+
+libapache-mod-security2 (2.5.5-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Tue, 10 Jun 2008 17:21:48 +0200
+
+libapache-mod-security2 (2.5.0-1) unstable; urgency=low
+
+ * New upstream release
+ * Added liblua5.1-0-dev to Build-Depends
+ * Added apache2-prefork-dev as Build-Depends alternative
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Sun, 09 Mar 2008 19:41:47 +0100
+
+libapache-mod-security2 (2.1.5-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Thu, 31 Jan 2008 16:27:29 +0100
+
+libapache-mod-security2 (2.1.2-1) unstable; urgency=low
+
+ * New upstream version
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Mon, 06 Aug 2007 21:55:28 +0200
+
+libapache-mod-security2 (2.1.0-1) unstable; urgency=low
+
+ * New upstream version
+ * Added Core Rules to examples directory
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Sun, 4 Mar 2007 15:17:08 +0100
+
+libapache-mod-security2 (2.0.4-1) unstable; urgency=low
+
+ * New upstream version
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Sat, 18 Nov 2006 11:00:21 +0100
+
+libapache-mod-security2 (2.0.3-1) unstable; urgency=low
+
+ * Initial release (Only available for Apache 2.x)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Mon, 06 Nov 2006 17:55:54 +0100
+
+libapache-mod-security (1.9.4-2) unstable; urgency=low
+
+ * Moved to apache2.2-common
+ * Fixed Depends between libapache2-mod-security, libapache-mod-security and
+ mod-security-common, so they can be binNMUed
+ * Bumped Standards-Version to 3.7.2.2
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Mon, 30 Oct 2006 16:52:16 +0100
+
+libapache-mod-security (1.9.4-1) unstable; urgency=low
+
+ * New upstream release.
+ * Added bug control files to avoid spamming Debian's BTS.
+ Thanks Daniel Baumann for the patch.
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Thu, 1 Jun 2006 09:29:40 +0200
+
+libapache-mod-security (1.9.2.0-1) unstable; urgency=low
+
+ * New upstream release.
+ Note: Added extra .0 to version number to ease upgrading from -rc3
+ packages.
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Fri, 27 Jan 2006 14:32:04 +0100
+
+libapache-mod-security (1.9.2-rc3-1) unstable; urgency=low
+
+ * New upstream release.
+ * Moved away from Debian's archive due to license problems.
+ (You may find updates @ http://inittab.org/debian)
+ * Removed tests, as upstream did. Removed README.debian as it
+ only mentioned tests.
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Sat, 14 Jan 2006 21:44:50 +0100
+
+libapache-mod-security (1.8.7-1) unstable; urgency=medium
+
+ * New upstream release. (Closes: #285365)
+ * Fixes several security issues, thus the urgency.
+ * Set proper permissions on test suite scripts (Closes: #304195)
+ * Corrected minor typo in README.Debian (Closes: #304196)
+ * debian/control: Reworded packages descriptions to be more useful.
+ (Closes: #304445)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Sun, 10 Apr 2005 12:28:03 +0200
+
+libapache-mod-security (1.8.4-2) unstable; urgency=medium
+
+ * New maintainer (Closes: #303613)
+ * Thanks Adam Conrad for helping with the apache2
+ LFS transition. (Closes: #267353)
+ * Patched apache2/mod_security.c to include regex.h and build
+ correctly. (Closes: #297983). Thanks Andreas Jochens.
+ This was RC, thus the urgency.
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Fri, 8 Apr 2005 08:48:11 +0200
+
+libapache-mod-security (1.8.4-1.1) unstable; urgency=high
+
+ * NMU: Back out the ill-fated apache2 LFS transition. (closes: #267353)
+ * Bump the apache2-threaded-dev build-dep to (>= 2.0.50-10)
+
+ -- Adam Conrad <adconrad@0c3.net> Sun, 22 Aug 2004 22:49:06 -0700
+
+libapache-mod-security (1.8.4-1) unstable; urgency=medium
+
+ * Upload/fixes on maintainer's behalf (hence non-NMU version)
+ * New upstream version (Closes: #256414)
+ * Rebuilt with latest apache2-dev (Closes: #266187)
+ * Change apache2-dev build-dep to apache2-threaded-dev, as the
+ former is a virtual package, and can't have a versioned dep.
+
+ -- Adam Conrad <adconrad@0c3.net> Tue, 17 Aug 2004 05:42:20 -0600
+
+libapache-mod-security (1.7.1-1) unstable; urgency=low
+
+ * New upstream version
+ * Fix example http.conf path references in README.Debian (Closes: #216464)
+ * Fix upstream url in copyright file
+ * Also install new util directory with snort2modsec scripts
+ * Added doc-base support for pdf documentation
+ * Updated to use modules-config for apache 1.x instead of deprecated apacheconfig
+ * Added http.example from CVS as upstream forgot to update it in tarball and
+ there was some failing new tests
+
+ -- Bruno Rodrigues <bruno.rodrigues@litux.org> Wed, 22 Oct 2003 14:29:09 +0100
+
+libapache-mod-security (1.6-1) unstable; urgency=low
+
+ * New upstream version (1.5 and 1.5.1 missed due to old information in
+ old site; new site at http://www.modsecurity.org)
+ * Fix typo in description (Closes: #195860)
+ * Bumped Standards-Version to 3.6.1
+ * Since 1.5, mod_security supports apache 2.x, so there's a corresponding
+ new libapache2-mod-security and a -common package
+
+ -- Bruno Rodrigues <bruno.rodrigues@litux.org> Mon, 29 Sep 2003 14:48:32 +0100
+
+libapache-mod-security (1.4.2-1) unstable; urgency=low
+
+ * New upstream version
+ * New package (Closes: #178722)
+ * Fixed a bug in postrm
+
+ -- Bruno Rodrigues <bruno.rodrigues@litux.org> Wed, 19 Mar 2003 02:51:55 +0000
+
+libapache-mod-security (1.4-0) unstable; urgency=low
+
+ * Initial release
+
+ -- Bruno Rodrigues <bruno.rodrigues@litux.org> Tue, 28 Jan 2003 04:22:39 +0000
--- /dev/null
+apache2/mlogc-src/mlogc-batch-load.pl
+apache2/t/run-unit-tests.pl
+apache2/t/run-regression-tests.pl
+apache2/t/gen_rx-pm.pl
+apache2/t/csv_rx-pm.pl
+apache2/t/regression/server_root/conf/httpd.conf
+tools/rules-updater.pl
+apache2/build/apxs-wrapper
+apache2/t/run-tests.pl
+apache2/mlogc-src/Makefile
+apache2/config.log
+apache2/config.status
+apache2/mod_security2_config.h
+apache2/Makefile
--- /dev/null
+Source: libapache-mod-security
+Section: httpd
+Priority: optional
+Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>
+Build-Depends: debhelper (>> 7.0.0), apache2-threaded-dev|apache2-prefork-dev, libxml2-dev (>= 2.0.50-10), liblua5.1-0-dev, libcurl4-gnutls-dev
+Standards-Version: 3.8.0.0
+
+Package: libapache-mod-security
+Architecture: any
+Replaces: libapache2-mod-security2
+Provides: libapache2-mod-security2
+Depends: mod-security-common (= ${source:Version}), apache2.2-common, libxml2, ${shlibs:Depends}, ${misc:Depends}
+Description: Tighten web applications security for Apache
+ Mod_security is an Apache module whose purpose is to tighten the Web
+ application security. Effectively, it is an intrusion detection and prevention
+ system for the web server.
+ .
+ At the moment its main features are:
+ * Audit log; store full request details in a separate file, including POST
+ payloads.
+ * Request filtering; incoming requests can be analysed and offensive requests
+ can be rejected (or simply logged, if that is what you want). This feature
+ can be used to prevent many types of attacks (e.g. XSS attacks, SQL
+ injection, ...) and even allow you to run insecure applications on your
+ servers (if you have no other choice, of course).
+ .
+ In addition to this package the mod-security-common package, which includes
+ documentation and configuration examples, will be installed.
+
+Package: mod-security-common
+Architecture: all
+Replaces: mod-security2-common
+Provides: mod-security2-common
+Depends: ${misc:Depends}
+Description: Tighten web applications security - common files
+ Mod_security is an Apache module whose purpose is to tighten the Web
+ application security. Effectively, it is an intrusion detection and prevention
+ system for the web server.
+ .
+ This package includes documentation, configuration examples and some scripts
+ to test the functionality of the module.
+
+# Package: mod-security-mlogc
+# Architecture: any
+# Depends: libapache-mod-security (>= ${source:Version}), ${shlibs:Depends}, ${misc:Depends}
+# Description: ModSecurity audit log collector
+# Mlogc is used to connect a ModSecurity sensor to the central
+# audit log repository.
+
--- /dev/null
+This package was debianized by
+Alberto Gonzalez Iniesta <agi@inittab.org> on Mon, 6 Nov 2006
+
+It was downloaded from http://www.modsecurity.org
+
+Copyright (C) 2004-2006 Breach Security, Inc. (http://www.breach.com)
+
+Copyright:
+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 dated June, 1991.
+
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this package; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+ MA 02110-1301, USA.
+
+On Debian GNU/Linux systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL-2'.
+
+
+MODSECURITY LICENSING EXCEPTION
+===============================
+
+Version 1.0, 29 July 2008
+
+As a special exception ("Exception") to the terms and conditions of version 2
+of the GPL, Breach Security, Inc. hereby grants you the rights described
+below, provided you agree to the terms and conditions in this Exception,
+including its obligations and restrictions on use.
+
+
+Exception Intent
+================
+
+We want specified Free/Libre and Open Source Software ("FLOSS") programs to be
+able to use ModSecurity (the "Program") despite the fact that not all FLOSS
+licenses are compatible with version 2 of the GNU General Public License (the
+"GPLv2").
+
+
+Legal Terms and Conditions
+==========================
+
+You are free to distribute a Derivative Work that is formed entirely from the
+Program and one or more works (each, a "FLOSS Work") licensed under one or
+more of the licenses listed below in section 1, as long as all of the
+following conditions are met:
+
+ 1. You obey the GPLv2 in all respects for the Program and the Derivative
+ Work, except for identifiable sections of the Derivative Work which are
+
+ 1. not derived from the Program, and
+
+ 2. are not designed to interact with the Program, and
+
+ 3. which can reasonably be considered independent and separate works in
+ themselves.
+
+ 2. All such identifiable sections of the Derivative Work are
+
+ 1. distributed subject to one of the FLOSS licenses listed below, and
+
+ 2. the object code or executable form of those sections are accompanied
+ by the complete corresponding machine-readable source code for those
+ sections on the same medium and under the same FLOSS license as the
+ corresponding object code or executable forms of those sections.
+
+ 3. Any works which are aggregated with the Program or with a Derivative Work
+ on a volume of a storage or distribution medium in accordance with the
+ GPLv2, can reasonably be considered independent and separate works in
+ themselves which are not derivatives of either the Program, a Derivative
+ Work or a FLOSS Work, and are not designed to interact with the Program.
+
+If the above conditions are not met, then the Program may only be copied,
+modified, distributed or used under the terms and conditions of the GPLv2
+or another valid licensing option from Breach Security, Inc.
+
+
+FLOSS License List
+==================
+
+License name Version(s)/Copyright Date
+-----------------------------------------------------------------------
+Academic Free License 2.0
+Apache Software License 1.0/1.1/2.0
+Apple Public Source License 2.0
+Artistic license From Perl 5.8.0
+BSD license "July 22 1999"
+Common Development and Distribution License (CDDL) 1.0
+Common Public License 1.0
+Eclipse Public License 1.0
+GNU Library or "Lesser" General Public License (LGPL) 2.0/2.1/3.0
+Jabber Open Source License 1.0
+MIT License (As listed in file MIT-License.txt) -
+Mozilla Public License (MPL) 1.0/1.1
+Open Software License 2.0
+OpenSSL license (with original SSLeay license) "2003" ("1998")
+PHP License 3.0
+Python license (CNRI Python License) -
+Python Software Foundation License 2.1.1
+Sleepycat License "1999"
+University of Illinois/NCSA Open Source License -
+W3C License "2001"
+X11 License "2001"
+Zlib/libpng License -
+Zope Public License 2.0
+
+Due to the many variants of some of the above licenses, we require that for
+any version of the listed FLOSS licenses to qualify under this exception, it
+must follow the 2003 version of the Free Software Foundation's Free Software
+Definition (http://www.gnu.org/philosophy/free-sw.html) or version 1.9 of the
+Open Source Definition by the Open Source Initiative
+(http://www.opensource.org/docs/definition.php).
+
+
+Definitions
+===========
+
+1. Terms used, but not defined, herein shall have the meaning provided in the
+ version 2 of the GPL.
+
+2. Derivative Work means a derivative work under copyright law.
+
+
+Applicability
+=============
+
+This Exception applies to all Programs that contain a notice placed by Breach
+Security, Inc. saying that the Program may be distributed under the terms of
+this Exception. If you create or distribute a work which is a Derivative Work
+of both the Program and any other work licensed under the GPL, then this FLOSS
+Exception is not available for that work; thus, you must remove the FLOSS
+Exception notice from that work and comply with the GPL in all respects,
+including by retaining all GPL notices.
+
+You may choose to redistribute a copy of the Program exclusively under the
+terms of the GPLv2 by removing the Exception notice from that copy of the
+Program, provided that the copy has never been modified by you or any third
+party.
+
+
+Appendix A. Qualified Libraries and Packages
+============================================
+
+The following is a non-exhaustive list of libraries and packages which are
+covered by the Exception when they are licensed under one or more of the
+licenses listed above. Please note that this appendix is merely provided as
+an additional service to specific FLOSS projects who wish to simplify
+licensing information for their users. Compliance with one of the licenses
+noted under the "FLOSS license list" section remains a prerequisite.
+
+Package name Qualifying License and Version
+-----------------------------------------------------------------
+Apache HTTP Server Apache Software License 2.0
+Apache Portable Runtime (APR) Apache Software License 2.0
+
--- /dev/null
+usr/lib/apache2/modules
--- /dev/null
+apache2/.libs/mod_security2.so usr/lib/apache2/modules
+debian/mod-security.load etc/apache2/mods-available
--- /dev/null
+usr/share/doc/mod-security-common usr/share/doc/libapache-mod-security
--- /dev/null
+#!/bin/sh -e
+# copied from libapache2-mod-php4
+
+reload_apache()
+{
+ if apache2ctl configtest 2>/dev/null; then
+ invoke-rc.d apache2 force-reload || true
+ else
+ echo "Your apache2 configuration is broken, so we're not restarting it for you."
+ fi
+}
+
+if [ -n "$2" ]; then
+# we're upgrading. test if we're enabled, and if so, restart to reload the module.
+ if [ -e /etc/apache2/mods-enabled/mod-security.load ]; then
+ reload_apache
+ fi
+ exit 0
+fi
+
+if [ -e /etc/apache2/apache2.conf ]; then
+# Enable the module, but hide a2enmod's misleading message about apachectl
+# and force-reload the thing ourselves.
+ a2enmod mod-security >/dev/null || true
+ a2enmod unique_id >/dev/null || true
+ reload_apache
+fi
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+# copied from libapache2-mod-php4
+
+if [ "$1" != "remove" -a "$1" != "purge" ]; then
+ exit 0
+fi
+
+if [ -e /etc/apache2/apache2.conf ]; then
+ a2dismod mod-security || true
+fi
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+Document: modsecurity-reference
+Title: Mod Security Reference Manual v2
+Author: Ivan Ristic
+Abstract: This document describes how to configure mod-security
+ in Apache, and how to create and optimize security rules.
+Section: System/Security
+
+Format: PDF
+Files: /usr/share/doc/mod-security-common/doc/modsecurity2-apache-reference.pdf.gz
--- /dev/null
+README.TXT
+doc/
--- /dev/null
+modsecurity.conf-minimal
+rules
+tools/rules-updater.pl
+tools/rules-updater-example.conf
--- /dev/null
+dh_installdirs
+dh_install
+dh_link
+dh_strip
+dh_compress
+dh_fixperms
+dh_installdeb
+dh_shlibdeps
+dh_gencontrol
+dh_md5sums
+dh_builddeb
--- /dev/null
+apache2/mlogc-src/mlogc usr/bin
+apache2/mlogc-src/README.mlogc usr/share/doc/mod-security-common
--- /dev/null
+usr/share/doc/mod-security-common usr/share/doc/mod-security-mlogc
--- /dev/null
+shlibs:Depends=libapr1 (>= 1.2.7), libc6 (>= 2.3), libc6 (>= 2.3.6-6~), libcurl3-gnutls (>= 7.16.2-1), libpcre3 (>= 7.7)
+misc:Depends=
--- /dev/null
+LoadFile /usr/lib/libxml2.so.2
+LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so
--- /dev/null
+#!/usr/bin/make -f
+# Sample debian/rules that uses debhelper.
+# GNU copyright 1997 to 1999 by Joey Hess.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+configure: configure-stamp
+configure-stamp:
+ dh_testdir
+ cd apache2 && ./configure --prefix=/usr --with-apxs=/usr/bin/apxs2 --with-apr=/usr/bin/apr-config --with-lua=/usr/include/lua5.1
+ touch configure-stamp
+
+build: configure-stamp build-stamp
+build-stamp:
+ dh_testdir
+ cd apache2 && $(MAKE)
+ #TODO#cd apache2/mlogc-src && $(MAKE)
+ # since we cannot rename with dh_install, create a copy of the file with the desired name
+ #TODO#cp apache2/mlogc-src/INSTALL apache2/mlogc-src/README.mlogc
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp configure-stamp
+ cd apache2 && [ ! -f Makefile ] || $(MAKE) clean
+ #TODO#cd apache2/mlogc-src && [ ! -f Makefile ] || $(MAKE) clean
+ #TODO#rm -f apache2/mlogc-src/README.mlogc
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_installdirs
+ dh_install
+
+# Build architecture-independent files here.
+binary-indep: build install
+ dh_testdir -i
+ dh_testroot -i
+# dh_installdebconf -i
+ dh_installdocs -i
+ dh_installexamples -i
+
+ dh_installchangelogs CHANGES -i
+ dh_link -i
+# dh_strip -i
+ # don't compress examples
+ dh_compress -i -Xexample
+ dh_fixperms -i
+# dh_makeshlibs -i
+ dh_installdeb -i
+# dh_perl -i
+# dh_shlibdeps -i
+ dh_gencontrol -i
+ dh_md5sums -i
+ dh_builddeb -i
+
+# Build architecture-dependent files here.
+binary-arch: build install
+ dh_testdir -a
+ dh_testroot -a
+# dh_installdebconf -a
+# dh_installdocs -a
+# dh_installexamples -a
+# dh_installmenu -a
+# dh_installlogrotate -a
+# dh_installemacsen -a
+# dh_installpam -a
+# dh_installmime -a
+# dh_installinit -a
+# dh_installcron -a
+# dh_installman -a
+# dh_installinfo -a
+# dh_undocumented -a
+# dh_installchangelogs -a
+ dh_link -a
+ dh_strip -a
+ dh_compress -a
+ dh_fixperms -a
+# dh_makeshlibs -a
+ dh_installdeb -a
+# dh_perl -a
+ dh_shlibdeps -a
+ dh_gencontrol -a
+ dh_md5sums -a
+ dh_builddeb -a
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install configure
projects / libapache-mod-security.git / commitdiff