--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2009-2654
2009-03-13 18:03:29
--------------------------------------------------------------------------------Name        : mod_security
Product     : Fedora 9
Version     : 2.5.9
Release     : 1.fc9
URL         : https://modsecurity.org//
Summary     : Security module for the Apache HTTP Server
Description :
ModSecurity is an open source intrusion detection and prevention engine
for web applications. It operates embedded into the web server, acting
as a powerful umbrella - shielding web applications from attacks.

--------------------------------------------------------------------------------Update Information:

Security fixes for potential denials of service when using PDF XSS protection as
well as when parsing multipart requests.
;group_id=68846
--------------------------------------------------------------------------------ChangeLog:

* Thu Mar 12 2009 Michael Fleming  2.5.9-1
- Update to upstream release 2.5.9
- Fixes potential DoS' in multipart request and PDF XSS handling
* Mon Dec 29 2008 Michael Fleming  2.5.7-1
- Update to upstream 2.5.7
- Reinstate mlogc
* Sat Aug  2 2008 Michael Fleming  2.5.6-1
- Update to upstream 2.5.6
- Remove references to mlogc, it no longer ships in the main tarball.
- Link correctly vs. libxml2 and lua (bz# 445839)
- Remove bogus LoadFile directives as they're no longer needed.
* Sun Apr 13 2008 Michael Fleming  2.1.7-1
- Update to upstream 2.1.7
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update mod_security' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 9 Update: mod_security-2.5.9-1.fc9

March 13, 2009
Security fixes for potential denials of service when using PDF XSS protection as well as when parsing multipart requests.

Summary

ModSecurity is an open source intrusion detection and prevention engine

for web applications. It operates embedded into the web server, acting

as a powerful umbrella - shielding web applications from attacks.

Security fixes for potential denials of service when using PDF XSS protection as

well as when parsing multipart requests.

;group_id=68846

* Thu Mar 12 2009 Michael Fleming 2.5.9-1

- Update to upstream release 2.5.9

- Fixes potential DoS' in multipart request and PDF XSS handling

* Mon Dec 29 2008 Michael Fleming 2.5.7-1

- Update to upstream 2.5.7

- Reinstate mlogc

* Sat Aug 2 2008 Michael Fleming 2.5.6-1

- Update to upstream 2.5.6

- Remove references to mlogc, it no longer ships in the main tarball.

- Link correctly vs. libxml2 and lua (bz# 445839)

- Remove bogus LoadFile directives as they're no longer needed.

* Sun Apr 13 2008 Michael Fleming 2.1.7-1

- Update to upstream 2.1.7

su -c 'yum update mod_security' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2009-2654 2009-03-13 18:03:29 Product : Fedora 9 Version : 2.5.9 Release : 1.fc9 URL : https://modsecurity.org// Summary : Security module for the Apache HTTP Server Description : ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. Security fixes for potential denials of service when using PDF XSS protection as well as when parsing multipart requests. ;group_id=68846 * Thu Mar 12 2009 Michael Fleming 2.5.9-1 - Update to upstream release 2.5.9 - Fixes potential DoS' in multipart request and PDF XSS handling * Mon Dec 29 2008 Michael Fleming 2.5.7-1 - Update to upstream 2.5.7 - Reinstate mlogc * Sat Aug 2 2008 Michael Fleming 2.5.6-1 - Update to upstream 2.5.6 - Remove references to mlogc, it no longer ships in the main tarball. - Link correctly vs. libxml2 and lua (bz# 445839) - Remove bogus LoadFile directives as they're no longer needed. * Sun Apr 13 2008 Michael Fleming 2.1.7-1 - Update to upstream 2.1.7 su -c 'yum update mod_security' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 9
Version : 2.5.9
Release : 1.fc9
URL : https://modsecurity.org//
Summary : Security module for the Apache HTTP Server

Related News