diff options
| -rw-r--r-- | network/modsecurity-apache/README | 2 | ||||
| -rw-r--r-- | network/modsecurity-apache/doinst.sh | 4 | ||||
| -rw-r--r-- | network/modsecurity-apache/modsecurity-apache.SlackBuild | 13 | ||||
| -rw-r--r-- | network/modsecurity-apache/modsecurity-apache.info | 14 |
4 files changed, 18 insertions, 15 deletions
diff --git a/network/modsecurity-apache/README b/network/modsecurity-apache/README index 057ac7be67..731e7b4da8 100644 --- a/network/modsecurity-apache/README +++ b/network/modsecurity-apache/README @@ -21,7 +21,7 @@ This SlackBuild will also verify the PGP signature of the package if the following conditions are met: - You have GnuPG installed -- You have the appropriate public PGP key (0xE6DFB08CE8B11277) +- You have the appropriate public PGP key (0xE4BCD2EA82E67A45) in your trustedkeys.gpg keyring - You have downloaded the sig file from https://www.modsecurity.org/tarball/${VERSION}/modsecurity-${VERSION}.tar.gz.asc diff --git a/network/modsecurity-apache/doinst.sh b/network/modsecurity-apache/doinst.sh index 225e435466..d2d7d175c1 100644 --- a/network/modsecurity-apache/doinst.sh +++ b/network/modsecurity-apache/doinst.sh @@ -12,5 +12,7 @@ config() { } config etc/httpd/extra/modsecurity-recommended.conf.new -config etc/httpd/crs/modsecurity_crs_10_setup.conf.new +config etc/httpd/crs/crs-setup.conf.new +config etc/httpd/crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.new +config etc/httpd/crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.new diff --git a/network/modsecurity-apache/modsecurity-apache.SlackBuild b/network/modsecurity-apache/modsecurity-apache.SlackBuild index 79b670df32..6901cf8379 100644 --- a/network/modsecurity-apache/modsecurity-apache.SlackBuild +++ b/network/modsecurity-apache/modsecurity-apache.SlackBuild @@ -6,11 +6,11 @@ PRGNAM=modsecurity-apache SRCNAM=modsecurity -VERSION=${VERSION:-2.9.1} +VERSION=${VERSION:-2.9.3} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} -CRS_VERSION="2.2.9" +CRS_VERSION="3.1.0" if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -46,7 +46,7 @@ then set +e # This will check if we have the correct key in our keyring. # For the trustedkeys.gpg, see "man 1 gpgv". - /usr/bin/gpg --keyring trustedkeys.gpg --no-default-keyring --list-keys 0xE6DFB08CE8B11277 &>/dev/null + /usr/bin/gpg --keyring trustedkeys.gpg --no-default-keyring --list-keys 0xE4BCD2EA82E67A45 &>/dev/null GPG_RET=${?} # 2 means we don't have his key, 0 means we do. set -e @@ -88,7 +88,7 @@ rm $PKG/usr/lib/*.so rmdir --ignore-fail-on-non-empty $PKG/usr/lib mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp -a CHANGES LICENSE NOTICE README.TXT README_WINDOWS.TXT authors.txt \ +cp -a CHANGES LICENSE NOTICE README.md README_WINDOWS.md authors.txt \ $PKG/usr/doc/$PRGNAM-$VERSION cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild @@ -99,8 +99,9 @@ cat unicode.mapping > $PKG/etc/httpd/extra/unicode.mapping # The Core Rule Set mkdir -p ${PKG}/etc/httpd/crs cp -Rv owasp-modsecurity-crs-${CRS_VERSION}/* ${PKG}/etc/httpd/crs -cat owasp-modsecurity-crs-${CRS_VERSION}/modsecurity_crs_10_setup.conf.example > \ - ${PKG}/etc/httpd/crs/modsecurity_crs_10_setup.conf.new +mv -v ${PKG}/etc/httpd/crs/crs-setup.conf.example ${PKG}/etc/httpd/crs/crs-setup.conf.new +mv -v ${PKG}/etc/httpd/crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example ${PKG}/etc/httpd/crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.new +mv -v ${PKG}/etc/httpd/crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example ${PKG}/etc/httpd/crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.new mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc diff --git a/network/modsecurity-apache/modsecurity-apache.info b/network/modsecurity-apache/modsecurity-apache.info index bbbcd5c1b1..5500d5738f 100644 --- a/network/modsecurity-apache/modsecurity-apache.info +++ b/network/modsecurity-apache/modsecurity-apache.info @@ -1,12 +1,12 @@ PRGNAM="modsecurity-apache" -VERSION="2.9.1" +VERSION="2.9.3" HOMEPAGE="https://www.modsecurity.org/" -DOWNLOAD="https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz \ - https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz.asc \ - https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/2.2.9/owasp-modsecurity-crs-2.2.9.tar.gz" -MD5SUM="0fa92b852abc857a20b9e24f83f814cf \ - fc0ba69ff9a321ff30e94d31c22e5640 \ - ba5b6d514f5586d33a54b26a5f64eb5c" +DOWNLOAD="https://www.modsecurity.org/tarball/2.9.3/modsecurity-2.9.3.tar.gz \ + https://github.com/SpiderLabs/ModSecurity/releases/download/v2.9.3/modsecurity-2.9.3.tar.gz.asc \ + https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/v3.1.0/owasp-modsecurity-crs-3.1.0.tar.gz" +MD5SUM="215a96d679a5b0fadcf13b5d09b35422 \ + b1005b1ad337951c876d729264a13f0d \ + 4e0a0fbaf077b50364c934083c4cb905" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" |