|
From: Walter H. <mo...@sp...> - 2014-11-18 21:29:14
|
Thanks for the work! 2.9.0-RC1 built without problems on FreeBSD 10.x (well, some clang warnings if anybody’s interested) and it passes ‘make test’ and our internal regression test, however I have problems running run-regression-tests.pl (which was also the case in last version). If there are FreeBSD users on the lists, I would invite you to try the preliminary 2.9.0.r1 version of the FreeBSD port. It would be especially interesting if you are running ARM/sparc. If you are starting from a clean install that has no Apache or ports tree, do this first: # pkg install apache24 git # portsnap fetch extract # echo 'DEFAULT_VERSIONS=apache=2.4' >> /etc/make.conf # echo 'apache24_enable=YES' >> /etc/rc.conf # apachectl start Get the 2.9.0.r1 version of the port and install it: # git clone -b 2.9.0 https://github.com/lifeforms/mod_security.git # cd mod_security # make install When done, this should display configuration hints and the location of a README file with more info. Follow the instructions on your terminal, or just do this: # echo 'LoadModule security2_module libexec/apache24/mod_security2.so' >> /usr/local/etc/apache24/httpd.conf # echo 'Include etc/modsecurity/*.conf' >> /usr/local/etc/apache24/httpd.conf # apachectl restart # tail /var/log/httpd-error.log You should see ModSecurity startup messages there. The above also works for Apache 2.2; just replace all '4' characters in this message with '2’. Comments on the README are appreciated. I plan to add a port option that will automatically install a recent branch of the CRS, but that will likely be for a different update. Cheers, WH > On 18 Nov 2014, at 14:34, Felipe Costa <FC...@tr...> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > I am proud to announce our first release candidate for version 2.9.0. > The 2.9.0-RC1 contains fixes and new features. > > The documentation is available in our wikipage: > https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual > > The source and binaries (and the respective hashes) are available at: > https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.0-rc1 > > SHA256(modsecurity-2.9.0-RC1.tar.gz)= 1a061e09bc7e3218a80bc2004b7e87c8f3a382323b09633e060c16bea5e23098 > SHA256(ModSecurityIIS_2.9.0-RC1-32b.msi)= 68cd286612ca7026442ec3c409f33a2eaca428d9bb7a297d23a19043f5c31360 > SHA256(ModSecurityIIS_2.9.0-RC1-64b.msi)= 948ffeda98684c569c22da95d600aca7998f20a85c9345a56086e1a85c1d8ab7 > > We would like to thank you all that helped out making this release: comments, > bug reports, and pull requests. > > The most important changes are listed bellow: > > New features > ============ > > * `pmFromFile' and `ipMatchFromFile' operators are now accepting HTTPS served > files as parameter. > * `SecRemoteRules' directive - allows you to specify a HTTPS served file that > may contain rules in the SecRule format to be loaded into your ModSecurity > instance. > * `SecRemoteRulesFailAction' directive - allows you to control whenever the > user wants to Abort or just Warn when there is a problem while downloading > rules specified with the directive: `SecRemoteRules'. > * `fuzzyHash' operator - allows to match contents using fuzzy hashes. > * `FILES_TMP_CONTENT' collection - make available the content of uploaded > files. > * InsecureNoCheckCert - option to validate or not a chain of SSL certificates > on mlogc connections. > > > Bug fixes > ========= > > * ModSecurityIIS: ModSecurity event ID was changed from 0 to 0x1. > [Issue #676 - Kris Kater and ModSecurity team] > * Fixed signature on "status call": ModSecurity is now using the original > server signature. > [Issues #702 - Linas and ModSecurity team] > * YAJL version is printed while ModSecurity initialization. > [Issue #703 - Steffen (Apache Lounge) and Mauro Faccenda] > * Fixed subnet representation using slash notation on the @ipMatch operator. > [Issue #706 - Walter Hop and ModSecurity team] > * Limited the length of a status call. > [Issue #714 - 'cpanelkurt' and ModSecurity team] > * Added the missing -P option to nginx regression tests. > [Issue #720 - Paul Yang] > * Fixed automake scripts to do not use features which will be deprecated in the > upcoming releases of automake. > [Issue #760 - ModSecurity team] > * apr-utils's LDFALGS is now considered while building ModSecurity. > [Issue #782 - Daniel J. Luke] > * IIS installer is not considering IIS 6 as compatible anymore. > [Issue #790 - ModSecurity team] > * Fixed yajl build script: now looking for the correct header file. > [Issue #804 - 'rpfilomeno' and ModSecurity team] > * mlgoc is now forced to use TLS 1.x. > [Issue #806 - Josh Amishav-Zlatin and ModSecurity team] > > > Br., > Felipe "Zimmerle" Costa > Security Researcher, SpiderLabs > > Trustwave | SMART SECURITY ON DEMAND > www.trustwave.com <http://www.trustwave.com/> > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: GPGTools - https://gpgtools.org > > iEYEARECAAYFAlRrRO0ACgkQ5t+wjOixEneDsQCfdQO7tsVdlBJB4bKQkRFzvpP+ > m8EAn2ToUijuHIKpOm9yWdcwsuZ5yBW+ > =80Ng > -----END PGP SIGNATURE----- > > ________________________________ > > This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk > _______________________________________________ > mod-security-packagers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-packagers -- Walter Hop | PGP key: https://lifeforms.nl/pgp |
