Hello Ives,

Can you send me your error.log ? There is a known issue treating PCRE version 8.02. ModSecurity can alert you for wrong PCRE version when it is OK.

yes, use different compiled/linked version between Apache and ModSecurity may cause segfaults. It is not very common but can happen.



On Mon, Oct 22, 2012 at 2:03 PM, Ives Stoddard <ives.stoddard@gmail.com> wrote:
I've been reading a lot of posts about PCRE mismatches, and the recent patch to fix this, but it seems like there are cases this may or may not be a problem.

At best this is just an annoyance in the log files, but at worst this can cause core dumps of apache.

I have both apache and mod_sec set to use the OS pcre & apr libs (both from RHEL 5.8), but I still get the mismatch errors. The team that builds our internal apache distribution has confirmed they are dynamically linked via ld (which shows matching libs).

In this scenario, what would cause the pcre mismatch error?

In what cases can the mismatch prove fatal vs. which cases is it just a false alarm? How can I test for the fatal cases?

Many thanks,


Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
mod-security-users mailing list
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: