Thread: [Mod-security-developers] ModSecurity 2.7.4 build error
Brought to you by:
victorhora,
zimmerletw
From: Pavel M. <pa...@ne...> - 2013-05-28 08:54:19
|
Hi, I've tried to build latest version of ModSecurity but it failed on: /bin/bash ../libtool --tag=CC --mode=link gcc -I/apache/include - I/apache/include -I/apache/include -I/usr/include/libxml2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=50000 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 - DREQUEST_EARLY -DMSC_TEST -lrt -lcrypt -lpthread -ldl -lexpat -o msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o msc_test-re_variables.o msc_test- msc_logging.o msc_test-msc_xml.o msc_test-msc_multipart.o msc_test- modsecurity.o msc_test-msc_parsers.o msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test- msc_crypt.o msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o msc_test-sqlparse.o /apache/lib/libapr-1.la /apache/lib/libaprutil-1.la -L/usr/lib/i386-linux-gnu -lpcre -L/usr/lib -lxml2 libtool: link: gcc -I/apache/include -I/apache/include -I/apache/include - I/usr/include/libxml2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=50000 - DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 -DREQUEST_EARLY -DMSC_TEST -o msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o msc_test- re_actions.o msc_test-re_tfns.o msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o msc_test-msc_multipart.o msc_test-modsecurity.o msc_test- msc_parsers.o msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o msc_test- msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o msc_test-acmp.o msc_test- msc_lua.o msc_test-msc_release.o msc_test-sqlparse.o -lrt -lcrypt -lpthread - ldl /usr/lib/i386-linux-gnu/libexpat.so /apache/lib/libapr-1.so /apache/lib/libaprutil-1.so -L/usr/lib/i386-linux-gnu -lpcre -L/usr/lib -lxml2 -pthread msc_test-re_variables.o: In function `var_remote_addr_generate': re_variables.c:(.text+0x191f): undefined reference to `ap_find_linked_module' collect2: error: ld returned 1 exit status make[2]: *** [msc_test] Error 1 make[2]: Leaving directory `/tmp/modsecurity-apache_2.7.4/tests' make[1]: *** [check-am] Error 2 make: *** [check-recursive] Error 1 2.7.3 compiled just fine on the same system using the same configure parameters: ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs --with- apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config --enable-pcre- match-limit=50000 --enable-pcre-match-limit-recursion=10000 --disable-mlogc What has changed since last version? I can see one new usage of ap_find_linked_module in modsecurity-apache_2.7.4/apache2/re_variables.c Thanks -- Pavel Mateja |
From: Breno S. <bre...@gm...> - 2013-05-28 12:10:29
|
You are right. need to add : #if !defined(MSC_TEST) ap_find_linked_module #endif On Tue, May 28, 2013 at 5:54 AM, Pavel Mateja <pa...@ne...> wrote: > Hi, > I've tried to build latest version of ModSecurity but it failed on: > > /bin/bash ../libtool --tag=CC --mode=link gcc -I/apache/include - > I/apache/include -I/apache/include -I/usr/include/libxml2 > -DWITH_PCRE_STUDY > -DMODSEC_PCRE_MATCH_LIMIT=50000 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 > - > DREQUEST_EARLY -DMSC_TEST -lrt -lcrypt -lpthread -ldl > -lexpat > -o msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o > msc_test-re_actions.o msc_test-re_tfns.o msc_test-re_variables.o msc_test- > msc_logging.o msc_test-msc_xml.o msc_test-msc_multipart.o msc_test- > modsecurity.o msc_test-msc_parsers.o msc_test-msc_util.o > msc_test-msc_pcre.o > msc_test-msc_unicode.o msc_test-persist_dbm.o msc_test-msc_reqbody.o > msc_test- > msc_crypt.o msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o > msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o > msc_test-sqlparse.o > /apache/lib/libapr-1.la /apache/lib/libaprutil-1.la-L/usr/lib/i386-linux-gnu > -lpcre -L/usr/lib -lxml2 > libtool: link: gcc -I/apache/include -I/apache/include -I/apache/include - > I/usr/include/libxml2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=50000 - > DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 -DREQUEST_EARLY -DMSC_TEST -o > msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o > msc_test- > re_actions.o msc_test-re_tfns.o msc_test-re_variables.o > msc_test-msc_logging.o > msc_test-msc_xml.o msc_test-msc_multipart.o msc_test-modsecurity.o > msc_test- > msc_parsers.o msc_test-msc_util.o msc_test-msc_pcre.o > msc_test-msc_unicode.o > msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o > msc_test- > msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o msc_test-acmp.o msc_test- > msc_lua.o msc_test-msc_release.o msc_test-sqlparse.o -lrt -lcrypt > -lpthread - > ldl /usr/lib/i386-linux-gnu/libexpat.so /apache/lib/libapr-1.so > /apache/lib/libaprutil-1.so -L/usr/lib/i386-linux-gnu -lpcre -L/usr/lib > -lxml2 > -pthread > msc_test-re_variables.o: In function `var_remote_addr_generate': > re_variables.c:(.text+0x191f): undefined reference to > `ap_find_linked_module' > collect2: error: ld returned 1 exit status > make[2]: *** [msc_test] Error 1 > make[2]: Leaving directory `/tmp/modsecurity-apache_2.7.4/tests' > make[1]: *** [check-am] Error 2 > make: *** [check-recursive] Error 1 > > 2.7.3 compiled just fine on the same system using the same configure > parameters: > ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs --with- > apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config > --enable-pcre- > match-limit=50000 --enable-pcre-match-limit-recursion=10000 --disable-mlogc > > What has changed since last version? I can see one new usage of > ap_find_linked_module in modsecurity-apache_2.7.4/apache2/re_variables.c > > Thanks > -- > Pavel Mateja > > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
From: Breno S. <bre...@gm...> - 2013-05-28 12:15:49
|
I fixed it in the tarball. Could you download again and try ? Thanks On Tue, May 28, 2013 at 9:10 AM, Breno Silva <bre...@gm...> wrote: > You are right. > > need to add : > > #if !defined(MSC_TEST) > ap_find_linked_module > #endif > > > > > On Tue, May 28, 2013 at 5:54 AM, Pavel Mateja <pa...@ne...> wrote: > >> Hi, >> I've tried to build latest version of ModSecurity but it failed on: >> >> /bin/bash ../libtool --tag=CC --mode=link gcc -I/apache/include - >> I/apache/include -I/apache/include -I/usr/include/libxml2 >> -DWITH_PCRE_STUDY >> -DMODSEC_PCRE_MATCH_LIMIT=50000 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 >> - >> DREQUEST_EARLY -DMSC_TEST -lrt -lcrypt -lpthread -ldl >> -lexpat >> -o msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o >> msc_test-re_actions.o msc_test-re_tfns.o msc_test-re_variables.o msc_test- >> msc_logging.o msc_test-msc_xml.o msc_test-msc_multipart.o msc_test- >> modsecurity.o msc_test-msc_parsers.o msc_test-msc_util.o >> msc_test-msc_pcre.o >> msc_test-msc_unicode.o msc_test-persist_dbm.o msc_test-msc_reqbody.o >> msc_test- >> msc_crypt.o msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o >> msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o >> msc_test-sqlparse.o >> /apache/lib/libapr-1.la /apache/lib/libaprutil-1.la-L/usr/lib/i386-linux-gnu >> -lpcre -L/usr/lib -lxml2 >> libtool: link: gcc -I/apache/include -I/apache/include -I/apache/include - >> I/usr/include/libxml2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=50000 - >> DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 -DREQUEST_EARLY -DMSC_TEST -o >> msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o >> msc_test- >> re_actions.o msc_test-re_tfns.o msc_test-re_variables.o >> msc_test-msc_logging.o >> msc_test-msc_xml.o msc_test-msc_multipart.o msc_test-modsecurity.o >> msc_test- >> msc_parsers.o msc_test-msc_util.o msc_test-msc_pcre.o >> msc_test-msc_unicode.o >> msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o >> msc_test- >> msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o msc_test-acmp.o msc_test- >> msc_lua.o msc_test-msc_release.o msc_test-sqlparse.o -lrt -lcrypt >> -lpthread - >> ldl /usr/lib/i386-linux-gnu/libexpat.so /apache/lib/libapr-1.so >> /apache/lib/libaprutil-1.so -L/usr/lib/i386-linux-gnu -lpcre -L/usr/lib >> -lxml2 >> -pthread >> msc_test-re_variables.o: In function `var_remote_addr_generate': >> re_variables.c:(.text+0x191f): undefined reference to >> `ap_find_linked_module' >> collect2: error: ld returned 1 exit status >> make[2]: *** [msc_test] Error 1 >> make[2]: Leaving directory `/tmp/modsecurity-apache_2.7.4/tests' >> make[1]: *** [check-am] Error 2 >> make: *** [check-recursive] Error 1 >> >> 2.7.3 compiled just fine on the same system using the same configure >> parameters: >> ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs --with- >> apr=/apache/bin/apr-1-config --with-apu=/apache/bin/apu-1-config >> --enable-pcre- >> match-limit=50000 --enable-pcre-match-limit-recursion=10000 >> --disable-mlogc >> >> What has changed since last version? I can see one new usage of >> ap_find_linked_module in modsecurity-apache_2.7.4/apache2/re_variables.c >> >> Thanks >> -- >> Pavel Mateja >> >> >> ------------------------------------------------------------------------------ >> Try New Relic Now & We'll Send You this Cool Shirt >> New Relic is the only SaaS-based application performance monitoring >> service >> that delivers powerful full stack analytics. Optimize and monitor your >> browser, app, & servers with just a few lines of code. Try New Relic >> and get this awesome Nerd Life shirt! >> http://p.sf.net/sfu/newrelic_d2d_may >> _______________________________________________ >> mod-security-developers mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers >> ModSecurity Services from Trustwave's SpiderLabs: >> https://www.trustwave.com/spiderLabs.php >> > > |
From: Pavel M. <pa...@ne...> - 2013-05-28 12:22:41
|
> I fixed it in the tarball. Could you download again and try ? Hi, I was able to compile the new tarball. FIY: The (?^ test is still broken. -- Pavel Mateja > Thanks > > On Tue, May 28, 2013 at 9:10 AM, Breno Silva <bre...@gm...> wrote: > > You are right. > > > > need to add : > > > > #if !defined(MSC_TEST) > > ap_find_linked_module > > #endif > > > > On Tue, May 28, 2013 at 5:54 AM, Pavel Mateja <pa...@ne...> wrote: > >> Hi, > >> I've tried to build latest version of ModSecurity but it failed on: > >> > >> /bin/bash ../libtool --tag=CC --mode=link gcc -I/apache/include - > >> I/apache/include -I/apache/include -I/usr/include/libxml2 > >> -DWITH_PCRE_STUDY > >> -DMODSEC_PCRE_MATCH_LIMIT=50000 > >> -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 > >> > >> - > >> > >> DREQUEST_EARLY -DMSC_TEST -lrt -lcrypt -lpthread -ldl > >> > >> -lexpat > >> > >> -o msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o > >> msc_test-re_actions.o msc_test-re_tfns.o msc_test-re_variables.o > >> msc_test- msc_logging.o msc_test-msc_xml.o msc_test-msc_multipart.o > >> msc_test- modsecurity.o msc_test-msc_parsers.o msc_test-msc_util.o > >> msc_test-msc_pcre.o > >> msc_test-msc_unicode.o msc_test-persist_dbm.o msc_test-msc_reqbody.o > >> msc_test- > >> msc_crypt.o msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o > >> msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o > >> msc_test-sqlparse.o > >> /apache/lib/libapr-1.la > >> /apache/lib/libaprutil-1.la-L/usr/lib/i386-linux-gnu -lpcre -L/usr/lib > >> -lxml2 > >> libtool: link: gcc -I/apache/include -I/apache/include -I/apache/include > >> - I/usr/include/libxml2 -DWITH_PCRE_STUDY > >> -DMODSEC_PCRE_MATCH_LIMIT=50000 - > >> DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 -DREQUEST_EARLY -DMSC_TEST -o > >> msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o > >> msc_test- > >> re_actions.o msc_test-re_tfns.o msc_test-re_variables.o > >> msc_test-msc_logging.o > >> msc_test-msc_xml.o msc_test-msc_multipart.o msc_test-modsecurity.o > >> msc_test- > >> msc_parsers.o msc_test-msc_util.o msc_test-msc_pcre.o > >> msc_test-msc_unicode.o > >> msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o > >> msc_test- > >> msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o msc_test-acmp.o > >> msc_test- msc_lua.o msc_test-msc_release.o msc_test-sqlparse.o -lrt > >> -lcrypt -lpthread - > >> ldl /usr/lib/i386-linux-gnu/libexpat.so /apache/lib/libapr-1.so > >> /apache/lib/libaprutil-1.so -L/usr/lib/i386-linux-gnu -lpcre -L/usr/lib > >> -lxml2 > >> -pthread > >> msc_test-re_variables.o: In function `var_remote_addr_generate': > >> re_variables.c:(.text+0x191f): undefined reference to > >> `ap_find_linked_module' > >> collect2: error: ld returned 1 exit status > >> make[2]: *** [msc_test] Error 1 > >> make[2]: Leaving directory `/tmp/modsecurity-apache_2.7.4/tests' > >> make[1]: *** [check-am] Error 2 > >> make: *** [check-recursive] Error 1 > >> > >> 2.7.3 compiled just fine on the same system using the same configure > >> parameters: > >> ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs > >> --with- apr=/apache/bin/apr-1-config > >> --with-apu=/apache/bin/apu-1-config --enable-pcre- > >> match-limit=50000 --enable-pcre-match-limit-recursion=10000 > >> --disable-mlogc > >> > >> What has changed since last version? I can see one new usage of > >> ap_find_linked_module in modsecurity-apache_2.7.4/apache2/re_variables.c > >> > >> Thanks > >> -- > >> Pavel Mateja > >> > >> > >> ------------------------------------------------------------------------ > >> ------ Try New Relic Now & We'll Send You this Cool Shirt > >> New Relic is the only SaaS-based application performance monitoring > >> service > >> that delivers powerful full stack analytics. Optimize and monitor your > >> browser, app, & servers with just a few lines of code. Try New Relic > >> and get this awesome Nerd Life shirt! > >> http://p.sf.net/sfu/newrelic_d2d_may > >> _______________________________________________ > >> mod-security-developers mailing list > >> mod...@li... > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers > >> ModSecurity Services from Trustwave's SpiderLabs: > >> https://www.trustwave.com/spiderLabs.php |
From: Breno S. <bre...@gm...> - 2013-05-28 12:26:51
|
RIght. I still didn't understand why this regex issue is happening. When i run make test in my ubuntu box.. everything works fine. So.. not sure it is is a distro based issue. If so.. i will replace this regex in the next version. Thanks Breno On Tue, May 28, 2013 at 9:22 AM, Pavel Mateja <pa...@ne...> wrote: > > I fixed it in the tarball. Could you download again and try ? > > Hi, > I was able to compile the new tarball. > FIY: The (?^ test is still broken. > -- > Pavel Mateja > > > Thanks > > > > On Tue, May 28, 2013 at 9:10 AM, Breno Silva <bre...@gm...> > wrote: > > > You are right. > > > > > > need to add : > > > > > > #if !defined(MSC_TEST) > > > ap_find_linked_module > > > #endif > > > > > > On Tue, May 28, 2013 at 5:54 AM, Pavel Mateja <pa...@ne...> > wrote: > > >> Hi, > > >> I've tried to build latest version of ModSecurity but it failed on: > > >> > > >> /bin/bash ../libtool --tag=CC --mode=link gcc -I/apache/include - > > >> I/apache/include -I/apache/include -I/usr/include/libxml2 > > >> -DWITH_PCRE_STUDY > > >> -DMODSEC_PCRE_MATCH_LIMIT=50000 > > >> -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 > > >> > > >> - > > >> > > >> DREQUEST_EARLY -DMSC_TEST -lrt -lcrypt -lpthread -ldl > > >> > > >> -lexpat > > >> > > >> -o msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o > > >> msc_test-re_actions.o msc_test-re_tfns.o msc_test-re_variables.o > > >> msc_test- msc_logging.o msc_test-msc_xml.o msc_test-msc_multipart.o > > >> msc_test- modsecurity.o msc_test-msc_parsers.o msc_test-msc_util.o > > >> msc_test-msc_pcre.o > > >> msc_test-msc_unicode.o msc_test-persist_dbm.o msc_test-msc_reqbody.o > > >> msc_test- > > >> msc_crypt.o msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o > > >> msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o > > >> msc_test-sqlparse.o > > >> /apache/lib/libapr-1.la > > >> /apache/lib/libaprutil-1.la-L/usr/lib/i386-linux-gnu -lpcre -L/usr/lib > > >> -lxml2 > > >> libtool: link: gcc -I/apache/include -I/apache/include > -I/apache/include > > >> - I/usr/include/libxml2 -DWITH_PCRE_STUDY > > >> -DMODSEC_PCRE_MATCH_LIMIT=50000 - > > >> DMODSEC_PCRE_MATCH_LIMIT_RECURSION=10000 -DREQUEST_EARLY -DMSC_TEST -o > > >> msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o > > >> msc_test- > > >> re_actions.o msc_test-re_tfns.o msc_test-re_variables.o > > >> msc_test-msc_logging.o > > >> msc_test-msc_xml.o msc_test-msc_multipart.o msc_test-modsecurity.o > > >> msc_test- > > >> msc_parsers.o msc_test-msc_util.o msc_test-msc_pcre.o > > >> msc_test-msc_unicode.o > > >> msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o > > >> msc_test- > > >> msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o msc_test-acmp.o > > >> msc_test- msc_lua.o msc_test-msc_release.o msc_test-sqlparse.o -lrt > > >> -lcrypt -lpthread - > > >> ldl /usr/lib/i386-linux-gnu/libexpat.so /apache/lib/libapr-1.so > > >> /apache/lib/libaprutil-1.so -L/usr/lib/i386-linux-gnu -lpcre > -L/usr/lib > > >> -lxml2 > > >> -pthread > > >> msc_test-re_variables.o: In function `var_remote_addr_generate': > > >> re_variables.c:(.text+0x191f): undefined reference to > > >> `ap_find_linked_module' > > >> collect2: error: ld returned 1 exit status > > >> make[2]: *** [msc_test] Error 1 > > >> make[2]: Leaving directory `/tmp/modsecurity-apache_2.7.4/tests' > > >> make[1]: *** [check-am] Error 2 > > >> make: *** [check-recursive] Error 1 > > >> > > >> 2.7.3 compiled just fine on the same system using the same configure > > >> parameters: > > >> ./configure --prefix=/apache/modules/ --with-apxs=/apache/bin/apxs > > >> --with- apr=/apache/bin/apr-1-config > > >> --with-apu=/apache/bin/apu-1-config --enable-pcre- > > >> match-limit=50000 --enable-pcre-match-limit-recursion=10000 > > >> --disable-mlogc > > >> > > >> What has changed since last version? I can see one new usage of > > >> ap_find_linked_module in > modsecurity-apache_2.7.4/apache2/re_variables.c > > >> > > >> Thanks > > >> -- > > >> Pavel Mateja > > >> > > >> > > >> > ------------------------------------------------------------------------ > > >> ------ Try New Relic Now & We'll Send You this Cool Shirt > > >> New Relic is the only SaaS-based application performance monitoring > > >> service > > >> that delivers powerful full stack analytics. Optimize and monitor your > > >> browser, app, & servers with just a few lines of code. Try New Relic > > >> and get this awesome Nerd Life shirt! > > >> http://p.sf.net/sfu/newrelic_d2d_may > > >> _______________________________________________ > > >> mod-security-developers mailing list > > >> mod...@li... > > >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers > > >> ModSecurity Services from Trustwave's SpiderLabs: > > >> https://www.trustwave.com/spiderLabs.php > > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
From: Diego E. P. <fla...@fl...> - 2013-05-28 18:52:50
|
On 28/05/2013 13:15, Breno Silva wrote: > I fixed it in the tarball. Could you download again and try ? Seriously, never do that again. If you need to fix the tarball, name it 2.7.4a or something, but if I did bump this before in Gentoo in the morning, I would have been pissed that the tarball changed on me. Tarballs should be immutable. -- Diego Elio Pettenò — Flameeyes fla...@fl... — http://blog.flameeyes.eu/ |
From: Ryan B. <RBa...@tr...> - 2013-05-29 11:13:35
|
On 5/28/13 2:28 PM, "Diego Elio Pettenò" <fla...@fl...> wrote: >On 28/05/2013 13:15, Breno Silva wrote: >> I fixed it in the tarball. Could you download again and try ? > >Seriously, never do that again. > >If you need to fix the tarball, name it 2.7.4a or something, but if I >did bump this before in Gentoo in the morning, I would have been pissed >that the tarball changed on me. > >Tarballs should be immutable. I understand your point here. We won't do this again. We can rename the actual tarball to differentiate without changing the actual ModSecurity version. Thanks Diego. -Ryan ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |
From: Breno S. <bre...@gm...> - 2013-05-28 18:57:03
|
I did it because it is a very small and not so important fix for 99% of the users. If it was bigger i would hold it for 2.7.5. It will not affect your system if you don't want to update On Tue, May 28, 2013 at 3:28 PM, Diego Elio Pettenò <fla...@fl...>wrote: > On 28/05/2013 13:15, Breno Silva wrote: > > I fixed it in the tarball. Could you download again and try ? > > Seriously, never do that again. > > If you need to fix the tarball, name it 2.7.4a or something, but if I > did bump this before in Gentoo in the morning, I would have been pissed > that the tarball changed on me. > > Tarballs should be immutable. > > -- > Diego Elio Pettenò — Flameeyes > fla...@fl... — http://blog.flameeyes.eu/ > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
From: Michael S. <mi...@go...> - 2013-05-28 20:48:28
|
Works fine for me. I'm much happier with speed as long as there's some traffic on the list, as in this case. We can certainly track this on our end. Michael Shinn PGP Key: 0xF953E84E Key fingerprint = 4A1D 6AAC EED8 EC84 19BF 5EB8 91D6 A715 F953 E84E IMPORTANT NOTICE: This transmission is intended to be delivered only to the named addressee and may contain information that is confidential, proprietary or subject to legal protection or privilege. If it is received by anyone other than the named addressee, the recipient should immediately notify the sender at (703) 266-6006 and obtain instructions as to the disposal of the transmitted material. In no event should such material be read or retained by anyone other than the named recipient, except by express written authority of the sender or the named addressee. On May 28, 2013, at 14:56, Breno Silva <bre...@gm...> wrote: > I did it because it is a very small and not so important fix for 99% of the users. > If it was bigger i would hold it for 2.7.5. > > It will not affect your system if you don't want to update > > > On Tue, May 28, 2013 at 3:28 PM, Diego Elio Pettenò <fla...@fl...> wrote: >> On 28/05/2013 13:15, Breno Silva wrote: >> > I fixed it in the tarball. Could you download again and try ? >> >> Seriously, never do that again. >> >> If you need to fix the tarball, name it 2.7.4a or something, but if I >> did bump this before in Gentoo in the morning, I would have been pissed >> that the tarball changed on me. >> >> Tarballs should be immutable. >> >> -- >> Diego Elio Pettenò — Flameeyes >> fla...@fl... — http://blog.flameeyes.eu/ >> >> ------------------------------------------------------------------------------ >> Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET >> Get 100% visibility into your production application - at no cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1 >> _______________________________________________ >> mod-security-developers mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers >> ModSecurity Services from Trustwave's SpiderLabs: >> https://www.trustwave.com/spiderLabs.php > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php |
From: Diego E. P. <fla...@fl...> - 2013-05-28 22:20:51
|
On 28/05/2013 19:56, Breno Silva wrote: > I did it because it is a very small and not so important fix for 99% of > the users. > If it was bigger i would hold it for 2.7.5. > > It will not affect your system if you don't want to update This kind of change-tarball-in-flight behaviour is a pain in the ass for all distributions and tars the trust with upstream. Seriously, I was expecting better from ModSecurity. -- Diego Elio Pettenò — Flameeyes fla...@fl... — http://blog.flameeyes.eu/ |
From: Breno S. <bre...@gm...> - 2013-05-28 22:37:10
|
Basically all distros i tried to install modsec uses very old versions. They spent a very long time to update the stable distros pkgs. So again... i don't see any problem, also packagers will not build modsec with MSC_TEST flag, It does not make any sense. And again.. it was done because i'm sure we will not have impact for any user. Breno On Tue, May 28, 2013 at 7:20 PM, Diego Elio Pettenò <fla...@fl...>wrote: > On 28/05/2013 19:56, Breno Silva wrote: > > I did it because it is a very small and not so important fix for 99% of > > the users. > > If it was bigger i would hold it for 2.7.5. > > > > It will not affect your system if you don't want to update > > This kind of change-tarball-in-flight behaviour is a pain in the ass for > all distributions and tars the trust with upstream. > > Seriously, I was expecting better from ModSecurity. > > -- > Diego Elio Pettenò — Flameeyes > fla...@fl... — http://blog.flameeyes.eu/ > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
From: Diego E. P. <fla...@fl...> - 2013-05-29 10:51:28
|
It's just crappy development to change a tarball after the release. I'm very sorry you can't see it. It makes me doubt whether I want to keep packaging ModSecurity, honestly. |