ea-apache24-mod-security2 (2.9.12-2+4.5.cpanel) stable; urgency=low

  * EA4-136: Fix libxml2 library linking issues

 -- Chris Castillo <chris.castillo@webpros.com>  Mon, 03 Nov 2025 00:00:00 -0000

ea-apache24-mod-security2 (2.9.12-1) stable; urgency=low

  * EA-13061: Update ea-apache24-mod_security2 from v2.9.11 to v2.9.12
  * fix: Improper error handling CVE 2025-54571

 -- Dan Muey <daniel.muey@webpros.com>  Wed, 06 Aug 2025 00:00:00 -0000

ea-apache24-mod-security2 (2.9.11-1) stable; urgency=low

  * EA-12994: Update ea-apache24-mod_security2 from v2.9.10 to v2.9.11
  * prevent segmentation fault if the XML node is empty: CVE-2025-52891

 -- Cory McIntire <cory.mcintire@webpros.com>  Tue, 01 Jul 2025 00:00:00 -0000

ea-apache24-mod-security2 (2.9.10-1) stable; urgency=low

  * ZC-12886: Update ea-apache24-mod_security2 from v2.9.9 to v2.9.10
  * DoS vulnerability: CVE-2025-48866

 -- Dan Muey <daniel.muey@webpros.com>  Mon, 02 Jun 2025 00:00:00 -0000

ea-apache24-mod-security2 (2.9.9-1) stable; urgency=low

  * EA-12885: Update ea-apache24-mod_security2 from v2.9.8 to v2.9.9
  * Possible DoS vulnerability: CVE-2025-47947

 -- Dan Muey <daniel.muey@webpros.com>  Thu, 22 May 2025 00:00:00 -0000

ea-apache24-mod-security2 (2.9.8-1) stable; urgency=low

  * EA-12853: Update ea-apache24-mod_security2 from v2.9.7 to v2.9.8
  * Remove 2 patches that were added upstream.
  * 0003-Import-some-memory-leak-fixes-for-Mod-Security-2.9.x.patch
  * 0004-Allow-Lua-5.4.patch
  * Add new patch for re.c to allow it to build on Ubuntu
  * Add new patch for tests on Ubuntu 20

 -- Cory McIntire <cory.mcintire@webpros.com>  Wed, 05 Feb 2025 00:00:00 -0000

ea-apache24-mod-security2 (2.9.7-2) stable; urgency=low

  * ZC-11691: Correct build problems on Ubuntu

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 12 Mar 2024 00:00:00 -0000

ea-apache24-mod-security2 (2.9.7-1) stable; urgency=low

  * EA-11134: Update mod_security2 from v2.9.6 to v2.9.7
  * Security impacting issues
  Fix: FILES_TMP_CONTENT may sometimes lack complete content
  [Issue #2857 - gieltje, @airween, @dune73, @martinhsv]

 -- Cory McIntire <cory@cpanel.net>  Thu, 05 Jan 2023 00:00:00 -0000

ea-apache24-mod-security2 (2.9.6-2) stable; urgency=low

  * EA-11091: Fix linking issues on C6/C7

 -- Travis Holloway <t.holloway@cpanel.net>  Thu, 08 Dec 2022 00:00:00 -0000

ea-apache24-mod-security2 (2.9.6-1) stable; urgency=low

  * EA-11068: Update mod_security2 from v2.9.3 to v2.9.6

 -- Travis Holloway <t.holloway@cpanel.net>  Wed, 23 Nov 2022 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-19) stable; urgency=low

  * ZC-10009: Add lua 5.4 support

 -- Dan Muey <dan@cpanel.net>  Wed, 21 Sep 2022 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-18) stable; urgency=low

  * EA-10239: Increase compiler optimization level to help mitigate performance loss from large rulesets

 -- Tim Mullin <tim@cpanel.net>  Fri, 21 Jan 2022 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-17) stable; urgency=low

  * ZC-9641: Rebuilt to include libcurl4 and libgnutls

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 11 Jan 2022 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-16) stable; urgency=low

  * EA-10203: Add patch to fix memory leaks

 -- Travis Holloway <t.holloway@cpanel.net>  Mon, 03 Jan 2022 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-15) stable; urgency=low

  * EA-10229: Add patch to allow run-regression-tests.pl to function with EA4

 -- Travis Holloway <t.holloway@cpanel.net>  Fri, 12 Nov 2021 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-14) stable; urgency=low

  * ZC-9217: fix the RPM path for modsec_audit

 -- Daniel Muey <dan@cpanel.net>  Wed, 18 Aug 2021 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-13) stable; urgency=low

  * ZC-8704: Build for Ubuntu, and minor changes for CentOS

 -- Julian Brown <julian.brown@webpros.com>  Fri, 09 Jul 2021 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-12) stable; urgency=low

  * EA-9584: Update Conflicts for C6

 -- Travis Holloway <t.holloway@cpanel.net>  Wed, 10 Feb 2021 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-11) stable; urgency=low

  * EA-9427: change the PATH to use /usr/bin/ so perl doesn't conflict

 -- Cory McIntire <cory@cpanel.net>  Tue, 09 Feb 2021 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-10) stable; urgency=low

  * ZC-7925: Install /etc/cpanel/ea4/modsecurity.version

 -- Daniel Muey <dan@cpanel.net>  Thu, 19 Nov 2020 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-9) stable; urgency=low

  * EA-9177: Set SecRequestBodyLimitAction to ProcessPartial in the conf file

 -- Tim Mullin <tim@cpanel.net>  Mon, 26 Oct 2020 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-8) stable; urgency=low

  * EA-9379: Build modsecurity with ea-brotli rather than brotli

 -- Tim Mullin <tim@cpanel.net>  Fri, 23 Oct 2020 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-7) stable; urgency=low

  * ZC-7376: Add explicit package name conflicts for non-yum resolution

 -- Daniel Muey <dan@cpanel.net>  Tue, 01 Sep 2020 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-6) stable; urgency=low

  * ZC-6871: Fix for C8

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 26 May 2020 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-5) stable; urgency=low

  * EA-8928: Updated the required version for ea-libcurl

 -- Tim Mullin <tim@cpanel.net>  Thu, 26 Mar 2020 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-4) stable; urgency=low

  * EA-8753: Compile mod_security2 with yajl-devel for JSON

 -- Tim Mullin <tim@cpanel.net>  Thu, 19 Dec 2019 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-3) stable; urgency=low

  * ZC-5192: Add find-latest-version script for `et update` support

 -- Daniel Muey <dan@cpanel.net>  Mon, 14 Oct 2019 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-2) stable; urgency=low

  * EA-8507: Apply upstream patch to fix curl call segfaults

 -- Cory McIntire <cory@cpanel.net>  Wed, 05 Jun 2019 00:00:00 -0000

ea-apache24-mod-security2 (2.9.3-1) stable; urgency=low

  * EA-8506: Re-update from upstream to 2.9.3

 -- Tim Mullin <tim@cpanel.net>  Thu, 30 May 2019 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-11) stable; urgency=low

  * EA-8292: Add patch Store temporaries in the request pool for regexes compiled per-request.

 -- Cory McIntire <cory@cpanel.net>  Wed, 20 Mar 2019 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-10) stable; urgency=low

  * EA-8080: Fix typos in modsec2.conf comments

 -- Cory McIntire <cory@cpanel.net>  Mon, 17 Dec 2018 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-9) stable; urgency=low

  * EA-7382: Update dependency on ea-libcurl to require the latest version with versioned symbols.

 -- Rishwanth Yeddula <rish@cpanel.net>  Mon, 16 Apr 2018 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-8) stable; urgency=low

  * ZC-3552: Add versioning for ea-libcurl requirements

 -- Cory McIntire <cory@cpanel.net>  Fri, 30 Mar 2018 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-7) stable; urgency=low

  * EA-7263: Do not generate SecHashKey when SecHashEngine isn’t on

 -- Daniel Muey <dan@cpanel.net>  Wed, 28 Feb 2018 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-6) stable; urgency=low

  * EA-7098: fix rpath to allow to build against ea-libxml2 libs

 -- <dan@cpanel.net>  Thu, 11 Jan 2018 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-5) stable; urgency=low

  * EA-7044: Adjust mod_security to use ea-libxml2

 -- <cory@cpanel.net>  Wed, 27 Dec 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-4) stable; urgency=low

  * EA-6863: Applied patch for DoS protection logic fix
  * Cleaned up patchset

 -- Cory McIntire <cory@cpanel.net>  Tue, 12 Dec 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-3) stable; urgency=low

  * EA-6984: Change file perms from apache group to root group

 -- Cory McIntire <cory@cpanel.net>  Thu, 30 Nov 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-2) stable; urgency=low

  * EA-6376: Fix faulty RPATH
  * EA-6376: update timestamps on files to allow patches to succeed.

 -- Cory McIntire <cory@cpanel.net>  Fri, 17 Nov 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.2-1) stable; urgency=low

  * EA-6312: Update ModSec to 2.9.2
  * Removed RuleProcessingFailedExpand patch as it was fixed upstream

 -- Jacob Perkins <jacob.perkins@cpanel.net>  Mon, 24 Jul 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-17) stable; urgency=low

  * EA-5950: Added mlogc package

 -- Jacob Perkins <jacob.perkins@cpanel.net>  Fri, 05 May 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-16) stable; urgency=low

  * ZC-2469: Use ea-libcurl* instead of system curl

 -- Dan Muey <dan@cpanel.net>  Mon, 06 Mar 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-15) stable; urgency=low

  * EA-5805: Patch "Rule processing failed" message to include the id of the rule in question

 -- Dan Muey <dan@cpanel.net>  Wed, 15 Feb 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-14) stable; urgency=low

  * Enabled debuginfo packages

 -- Jacob Perkins <jacob.perkins@cpanel.net>  Tue, 07 Feb 2017 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-13) stable; urgency=low

  * EA-5493: Added vendor field

 -- Jacob Perkins <jacob.perkins@cpanel.net>  Fri, 16 Dec 2016 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-12) stable; urgency=low

  * Enforce apr-util dependency (EA-5720)
  * Ensure dependent libraries are the same arch type (EA-5720)

 -- S. Kurt Newman <kurt.newman@cpanel.net>  Fri, 02 Dec 2016 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-11) stable; urgency=low

  * Fix permissions on modsec_audit directory (EA-5068)

 -- S. Kurt Newman <kurt.newman@cpanel.net>  Wed, 17 Aug 2016 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-10) stable; urgency=low

  * EA-4687: Relocate modsec2.cpanel.conf and modsec2.user.conf

 -- Edwin Buck <e.buck@cpanel.net>  Mon, 27 Jun 2016 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-9) stable; urgency=low

  * EA-4383: Update Release value to OBS-proof versioning

 -- Dan Muey <dan@cpanel.net>  Mon, 20 Jun 2016 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-6) stable; urgency=low

  * Added explicit lua and xml2 Requires statements (EA-4433)
  * Remove mpm_itk and mod_ruid2 conflicts (EA-4433)
  * Added more comments to explain portions of spec file (EA-4433)
  * Arrest control of modsec2.conf so we can ensure proper Apache logging type (EA-4433)
  * Arrest control of conf.modules.d/800-mod_security2.conf (EA-4433)
  * RPM now creates logs/modsec_audit dir for concurrent logging (EA-4433)
  * Added comments to configuration files to help guide administrator (EA-4433)
  * Use module name, not file name in configuration file (EA-4654)

 -- S. Kurt Newman <kurt.newman@cpanel.net>  Mon, 30 May 2016 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-5) stable; urgency=low

  * Undo previous change.

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 03 Nov 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-4) stable; urgency=low

  * Hard code a conflict in place to make EA4 UI able to detect issues with MPM.

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 03 Nov 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-3) stable; urgency=low

  * Restart tailwatchd to re-read monitoring need of modsec_audit.log (CPANEL-1098)

 -- S. Kurt Newman <kurt.newman@cpanel.net>  Thu, 10 Sep 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-2) stable; urgency=low

  * Added references to the moved apr and apu

 -- Trinity Quirk <trinity.quirk@cpanel.net>  Fri, 31 Jul 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-1) stable; urgency=low

  * Added conflicts with mod_ruid2 and mod_mpm_itk

 -- Trinity Quirk <trinity.quirk@cpanel.net>  Mon, 27 Jul 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.9.0-0) stable; urgency=low

  * Updated to 2.9.0

 -- Trinity Quirk <trinity.quirk@cpanel.net>  Fri, 24 Jul 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.8.0-2) stable; urgency=low

  * Changed name from ea-apache2 to ea-apache24

 -- Darren Mobley <darren@cpanel.net>  Thu, 28 May 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.8.0-1) stable; urgency=low

  * Changed name of ea-httpd rpm dependancy to ea-apache2-config
  * Fixed previous changelog entry claiming version was updated to 2.9.0

 -- Darren Mobley <darren@cpanel.net>  Mon, 11 May 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.8.0-0) stable; urgency=low

  * Upgraded to 2.8.0

 -- S. Kurt Newman <kurt.newman@cpanel.net>  Thu, 19 Mar 2015 00:00:00 -0000

ea-apache24-mod-security2 (2.7.3-5) stable; urgency=low

  * Fix Chunked string case sensitive issue (CVE-2013-5705)
  Resolves: rhbz#1082907

 -- Daniel Kopecek <dkopecek@redhat.com>  Thu, 03 Apr 2014 00:00:00 -0000

ea-apache24-mod-security2 (2.7.3-4) stable; urgency=low

  * Mass rebuild 2014-01-24

 -- Daniel Mach <dmach@redhat.com>  Fri, 24 Jan 2014 00:00:00 -0000

ea-apache24-mod-security2 (2.7.3-3) stable; urgency=low

  * Mass rebuild 2013-12-27

 -- Daniel Mach <dmach@redhat.com>  Fri, 27 Dec 2013 00:00:00 -0000

ea-apache24-mod-security2 (2.7.3-2) stable; urgency=low

  * Fix NULL pointer dereference (DoS, crash) (CVE-2013-2765) (RHBZ #967615)
  * Fix a possible memory leak.

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Tue, 28 May 2013 00:00:00 -0000

ea-apache24-mod-security2 (2.7.3-1) stable; urgency=low

  * Update to 2.7.3

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Sat, 30 Mar 2013 00:00:00 -0000

ea-apache24-mod-security2 (2.7.2-1) stable; urgency=low

  * Update to 2.7.2
  * Update source url in the spec.

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Fri, 25 Jan 2013 00:00:00 -0000

ea-apache24-mod-security2 (2.7.1-5) stable; urgency=low

  * Use conditional for loading mod_unique_id (rhbz #879264)
  * Fix syntax errors on httpd 2.4.x by using IncludeOptional (rhbz #879264, comment #2)

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Thu, 22 Nov 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.7.1-4) stable; urgency=low

  * mlogc subpackage is not provided on RHEL7

 -- Peter Vrabec <pvrabec@redhat.com>  Mon, 19 Nov 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.7.1-3) stable; urgency=low

  * Add some missing directives RHBZ #569360
  * Fix multipart/invalid part ruleset bypass issue (CVE-2012-4528)
  (RHBZ #867424, #867773, #867774)

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Thu, 15 Nov 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.7.1-2) stable; urgency=low

  * Fix mod_security.conf

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Thu, 15 Nov 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.7.1-1) stable; urgency=low

  * Update to 2.7.1
  * Remove libxml2 build patch (upstreamed)
  * Update spec since upstream moved to github

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Thu, 15 Nov 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.7.0-2) stable; urgency=low

  * Add a patch to fix failed build against libxml2 >= 2.9.0

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Thu, 18 Oct 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.7.0-1) stable; urgency=low

  * Update to 2.7.0

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Wed, 17 Oct 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.8-1) stable; urgency=low

  * Update to 2.6.8

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Fri, 28 Sep 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.7-2) stable; urgency=low

  * Re-add mlogc sub-package for epel (#856525)

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Wed, 12 Sep 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.7-1) stable; urgency=low

  * Update to 2.6.7

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Sat, 25 Aug 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.7-1) stable; urgency=low

  * Update to 2.6.7

 -- Athmane Madjoudj <athmane@fedoraproject.org>  Sat, 25 Aug 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.6-3) stable; urgency=low

  * Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

 -- Fedora Release Engineering <rel-eng@lists.fedoraproject.org>  Fri, 20 Jul 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.6-2) stable; urgency=low

  * mlogc subpackage is not provided on RHEL

 -- Peter Vrabec <pvrabec@redhat.com>  Fri, 22 Jun 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.6-1) stable; urgency=low

  * upgrade

 -- Peter Vrabec <pvrabec@redhat.com>  Thu, 21 Jun 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.5-3) stable; urgency=low

  * packaging fixes

 -- Joe Orton <jorton@redhat.com>  Mon, 07 May 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.5-2) stable; urgency=low

  * fix license tag

 -- Peter Vrabec <pvrabec@redhat.com>  Fri, 27 Apr 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.6.5-1) stable; urgency=low

  * upgrade & move rules into new package mod_security_crs

 -- Peter Vrabec <pvrabec@redhat.com>  Thu, 05 Apr 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.5.13-3) stable; urgency=low

  * Rebuild against PCRE 8.30
  * Do not install non-existing files

 -- Petr Pisar <ppisar@redhat.com>  Fri, 10 Feb 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.5.13-2) stable; urgency=low

  * Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

 -- Fedora Release Engineering <rel-eng@lists.fedoraproject.org>  Fri, 13 Jan 2012 00:00:00 -0000

ea-apache24-mod-security2 (2.5.13-1) stable; urgency=low

  * Newer upstream version

 -- Michael Fleming <mfleming+rpm@thatfleminggent.com>  Tue, 03 May 2011 00:00:00 -0000

ea-apache24-mod-security2 (2.5.12-3) stable; urgency=low

  * Fix log dirs and files ordering per bz#569360

 -- Michael Fleming <mfleming+rpm@thatfleminggent.com>  Wed, 30 Jun 2010 00:00:00 -0000

ea-apache24-mod-security2 (2.5.12-2) stable; urgency=low

  * Fix SecDatadir and minimal config per bz #569360

 -- Michael Fleming <mfleming+rpm@thatfleminggent.com>  Thu, 29 Apr 2010 00:00:00 -0000

ea-apache24-mod-security2 (2.5.12-1) stable; urgency=low

  * Update to latest upstream release
  * SECURITY: Fix potential rules bypass and denial of service (bz#563576)

 -- Michael Fleming <mfleming+rpm@thatfleminggent.com>  Sat, 13 Feb 2010 00:00:00 -0000

ea-apache24-mod-security2 (2.5.10-2) stable; urgency=low

  * Fix rules and Apache configuration (bz#533124)

 -- Michael Fleming <mfleming+rpm@thatfleminggent.com>  Fri, 06 Nov 2009 00:00:00 -0000

ea-apache24-mod-security2 (2.5.10-1) stable; urgency=low

  * Upgrade to 2.5.10 (with Core Rules v2)

 -- Michael Fleming <mfleming+rpm@thatfleminggent.com>  Thu, 08 Oct 2009 00:00:00 -0000

ea-apache24-mod-security2 (2.5.9-2) stable; urgency=low

  * Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

 -- Fedora Release Engineering <rel-eng@lists.fedoraproject.org>  Sat, 25 Jul 2009 00:00:00 -0000

ea-apache24-mod-security2 (2.5.9-1) stable; urgency=low

  * Update to upstream release 2.5.9
  * Fixes potential DoS' in multipart request and PDF XSS handling

 -- Michael Fleming <mfleming+rpm@thatfleminggent.com>  Thu, 12 Mar 2009 00:00:00 -0000

ea-apache24-mod-security2 (2.5.7-2) stable; urgency=low

  * Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

 -- Fedora Release Engineering <rel-eng@lists.fedoraproject.org>  Wed, 25 Feb 2009 00:00:00 -0000

ea-apache24-mod-security2 (2.5.7-1) stable; urgency=low

  * Update to upstream 2.5.7
  * Reinstate mlogc

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Mon, 29 Dec 2008 00:00:00 -0000

ea-apache24-mod-security2 (2.5.6-1) stable; urgency=low

  * Update to upstream 2.5.6
  * Remove references to mlogc, it no longer ships in the main tarball.
  * Link correctly vs. libxml2 and lua (bz# 445839)
  * Remove bogus LoadFile directives as they're no longer needed.

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sat, 02 Aug 2008 00:00:00 -0000

ea-apache24-mod-security2 (2.1.7-1) stable; urgency=low

  * Update to upstream 2.1.7

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sun, 13 Apr 2008 00:00:00 -0000

ea-apache24-mod-security2 (2.1.6-1) stable; urgency=low

  * Update to upstream 2.1.6 (Extra features including SecUploadFileMode)

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sat, 23 Feb 2008 00:00:00 -0000

ea-apache24-mod-security2 (2.1.5-3) stable; urgency=low

  * Autorebuild for GCC 4.3

 -- Fedora Release Engineering <rel-eng@fedoraproject.org>  Tue, 19 Feb 2008 00:00:00 -0000

ea-apache24-mod-security2 (2.1.5-2) stable; urgency=low

  * Update to 2.1.5 (bz#425986)
  * "blocking" -> "optional_rules" per tarball ;-)

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sun, 27 Jan 2008 00:00:00 -0000

ea-apache24-mod-security2 (2.1.1-3) stable; urgency=low

  * rebuild for fixed 32-bit APR (#254241)

 -- Joe Orton <jorton@redhat.com>  Mon, 03 Sep 2007 00:00:00 -0000

ea-apache24-mod-security2 (2.1.1-2) stable; urgency=low

  * Rebuild for selinux ppc32 issue.

 -- Fedora Release Engineering <rel-eng at fedoraproject dot org>  Wed, 29 Aug 2007 00:00:00 -0000

ea-apache24-mod-security2 (2.1.1-1) stable; urgency=low

  * New upstream release
  * Drop ASCIIZ rule (fixed upstream)
  * Re-enable protocol violation/anomalies rules now that REQUEST_FILENAME
  is fixed upstream.

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Tue, 19 Jun 2007 00:00:00 -0000

ea-apache24-mod-security2 (2.1.0-3) stable; urgency=low

  * Automagically configure correct library path for libxml2 library.
  * Add LoadModule for mod_unique_id as the logging wants this at runtime

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sun, 01 Apr 2007 00:00:00 -0000

ea-apache24-mod-security2 (2.1.0-2) stable; urgency=low

  * Fix DSO permissions (bz#233733)

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Mon, 26 Mar 2007 00:00:00 -0000

ea-apache24-mod-security2 (2.1.0-1) stable; urgency=low

  * New major release - 2.1.0
  * Fix CVE-2007-1359 with a local rule courtesy of Ivan Ristic
  * Addition of core ruleset
  * (Build)Requires libxml2 and pcre added.

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Tue, 13 Mar 2007 00:00:00 -0000

ea-apache24-mod-security2 (1.9.4-2) stable; urgency=low

  * Rebuild
  * Fix minor longstanding braino in included sample configuration (bz #203972)

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sun, 03 Sep 2006 00:00:00 -0000

ea-apache24-mod-security2 (1.9.4-1) stable; urgency=low

  * New upstream release

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Mon, 15 May 2006 00:00:00 -0000

ea-apache24-mod-security2 (1.9.3-1) stable; urgency=low

  * New upstream release
  * Trivial spec tweaks

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Tue, 11 Apr 2006 00:00:00 -0000

ea-apache24-mod-security2 (1.9.2-3) stable; urgency=low

  * Bump for FC5

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Wed, 01 Mar 2006 00:00:00 -0000

ea-apache24-mod-security2 (1.9.2-2) stable; urgency=low

  * Bump for newer gcc/glibc

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Fri, 10 Feb 2006 00:00:00 -0000

ea-apache24-mod-security2 (1.9.2-1) stable; urgency=low

  * New upstream release

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Wed, 18 Jan 2006 00:00:00 -0000

ea-apache24-mod-security2 (1.9.1-2) stable; urgency=low

  * Bump for new httpd

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Fri, 16 Dec 2005 00:00:00 -0000

ea-apache24-mod-security2 (1.9.1-1) stable; urgency=low

  * New release 1.9.1

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Thu, 01 Dec 2005 00:00:00 -0000

ea-apache24-mod-security2 (1.9-1) stable; urgency=low

  * New stable upstream release 1.9

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Wed, 09 Nov 2005 00:00:00 -0000

ea-apache24-mod-security2 (1.8.7-4) stable; urgency=low

  * Add Requires: httpd-mmn to get the appropriate "module magic" version
  (thanks Ville Skytta)
  * Disabled an overly-agressive rule or two..

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sat, 09 Jul 2005 00:00:00 -0000

ea-apache24-mod-security2 (1.8.7-3) stable; urgency=low

  * Correct Buildroot
  * Some sensible and safe rules for common apps in mod_security.conf

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Sat, 09 Jul 2005 00:00:00 -0000

ea-apache24-mod-security2 (1.8.7-2) stable; urgency=low

  * Don't strip the module (so we can get a useful debuginfo package)

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Thu, 19 May 2005 00:00:00 -0000

ea-apache24-mod-security2 (1.8.7-1) stable; urgency=low

  * Initial spin for Extras

 -- Michael Fleming <mfleming+rpm@enlartenment.com>  Thu, 19 May 2005 00:00:00 -0000

