ea-modsec2-rules-owasp-crs (3.3.8-1+3.1.cpanel) stable; urgency=low

  * EA-13308: Update ea-modsec2-rules-owasp-crs from v3.3.7 to v3.3.8
  * CVE-2026-21876: Rule 922110 only validates the LAST multipart part’s charset, allowing malicious charsets in earlier parts to bypass detection

 -- Cory McIntire <cory.mcintire@webpros.com>  Tue, 06 Jan 2026 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.7-3) stable; urgency=low

  * ZC-12873: Correct issue with WHM Modsecurity UI

 -- Julian Brown <julian.brown@webpros.com>  Thu, 29 May 2025 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.7-2) stable; urgency=low

  * ZC-12481: Update meta data, and automate process

 -- Julian Brown <julian.brown@webpros.com>  Fri, 16 May 2025 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.7-1) stable; urgency=low

  * EA-12511: Update ea-modsec2-rules-owasp-crs from v3.3.5 to v3.3.7

 -- Cory McIntire <cory@cpanel.net>  Tue, 29 Oct 2024 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.5-1) stable; urgency=low

  * EA-11564: Update ea-modsec2-rules-owasp-crs from v3.3.4 to v3.3.5

 -- Cory McIntire <cory@cpanel.net>  Mon, 24 Jul 2023 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.4-1) stable; urgency=low

  * EA-10944: Update ea-modsec2-rules-owasp-crs from v3.3.2 to v3.3.4

 -- Cory McIntire <cory@cpanel.net>  Wed, 21 Sep 2022 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.2-4) stable; urgency=low

  * EA-10394: Update version in meta_OWASP3.yaml

 -- Travis Holloway <t.holloway@cpanel.net>  Wed, 16 Mar 2022 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.2-3) stable; urgency=low

  * EA-10240: Update verbiage to be OS neutral

 -- Travis Holloway <t.holloway@cpanel.net>  Wed, 03 Nov 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.2-2) stable; urgency=low

  * ZC-9412: Add `is_pkg` for 102 and beyond

 -- Dan Muey <dan@cpanel.net>  Wed, 20 Oct 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.2-1) stable; urgency=low

  * EA-9921: Update ea-modsec2-rules-owasp-crs from v3.3.0 to v3.3.2

 -- Cory McIntire <cory@cpanel.net>  Wed, 30 Jun 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-9) stable; urgency=low

  * EA-9913: Update DRUPAL ruleset for CVE-2021-35368

 -- Cory McIntire <cory@cpanel.net>  Tue, 29 Jun 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-8) stable; urgency=low

  *EA-9785: Revert non-working https fix from EA-9773

 -- Cory McIntire <cory@cpanel.net>  Tue, 18 May 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-7) stable; urgency=low

  * EA-9773: Update unsupported https to http in meta_OWASP3.yaml file

 -- Cory McIntire <cory@cpanel.net>  Thu, 13 May 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-6) stable; urgency=low

  * ZC-8756: Update for upstream ULC changes

 -- Daniel Muey <dan@cpanel.net>  Tue, 13 Apr 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-5) stable; urgency=low

  * ZC-8471: conflict w/ modsec 3 not ea-nginx

 -- Daniel Muey <dan@cpanel.net>  Mon, 22 Feb 2021 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-4) stable; urgency=low

  * ZC-7710: If already disabled, re-disable to get the yum.conf to match reality

 -- Daniel Muey <dan@cpanel.net>  Tue, 06 Oct 2020 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-3) stable; urgency=low

  * ZC-7337: Changes to support ULC enabling/disabling updates for an RPM based vendor

 -- Daniel Muey <dan@cpanel.net>  Tue, 29 Sep 2020 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-2) stable; urgency=low

  * ZC-7376: Bump release_prefix to work around OBS event

 -- Daniel Muey <dan@cpanel.net>  Wed, 02 Sep 2020 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.3.0-1) stable; urgency=low

  * EA-9202: Update ea-modsec2-rules-owasp-crs from v3.0.2 to v3.3.0

 -- Daniel Muey <dan@cpanel.net>  Tue, 28 Jul 2020 00:00:00 -0000

ea-modsec2-rules-owasp-crs (3.0.2-1) stable; urgency=low

  * ZC-5711: initial release to match version in internal system

 -- Dan Muey <dan@cpanel.net>  Tue, 28 Jul 2020 00:00:00 -0000

