diff options
| author |   Diego Elio Pettenò <flameeyes@gentoo.org> | 2009-07-27 16:42:44 +0000 |
|---|---|---|
| committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2009-07-27 16:42:44 +0000 |
| commit | 9c53d8ec613519d5ab55ce3c462629f29ca80a73 (patch) | |
| tree | 02e9614c5b18181c568332ac659b72ba7af708fc /www-apache | |
| parent | Remove call to elibtoolize since we call eautoreconf and force >=libtool-2 wr... (diff) | |
| download | gentoo-2-9c53d8ec613519d5ab55ce3c462629f29ca80a73.tar.gz gentoo-2-9c53d8ec613519d5ab55ce3c462629f29ca80a73.tar.bz2 gentoo-2-9c53d8ec613519d5ab55ce3c462629f29ca80a73.zip | |
Also list rule 950907 in the list of draconian rules.
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'www-apache')
| -rw-r--r-- | www-apache/mod_security/ChangeLog | 6 | ||||
| -rw-r--r-- | www-apache/mod_security/mod_security-2.5.9-r1.ebuild | 8 |
2 files changed, 9 insertions, 5 deletions
diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog index fc562df15f36..691d74787b1d 100644 --- a/www-apache/mod_security/ChangeLog +++ b/www-apache/mod_security/ChangeLog @@ -1,6 +1,10 @@ # ChangeLog for www-apache/mod_security # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.26 2009/07/15 19:13:03 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.27 2009/07/27 16:42:44 flameeyes Exp $ + + 27 Jul 2009; Diego E. Pettenò <flameeyes@gentoo.org> + mod_security-2.5.9-r1.ebuild: + Also list rule 950907 in the list of draconian rules. 15 Jul 2009; Diego E. Pettenò <flameeyes@gentoo.org> mod_security-2.5.9-r1.ebuild: diff --git a/www-apache/mod_security/mod_security-2.5.9-r1.ebuild b/www-apache/mod_security/mod_security-2.5.9-r1.ebuild index 94b4a68daa9f..b9b9f05a0704 100644 --- a/www-apache/mod_security/mod_security-2.5.9-r1.ebuild +++ b/www-apache/mod_security/mod_security-2.5.9-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.9-r1.ebuild,v 1.2 2009/07/15 19:13:03 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.9-r1.ebuild,v 1.3 2009/07/27 16:42:44 flameeyes Exp $ inherit apache-module autotools @@ -99,14 +99,14 @@ pkg_postinst() { elog "Please note that the core rule set distributed with mod_security is quite" elog "draconic. If you're using this on a blog, a forum or another user-submitted" elog "web application where you might talk about standard Unix paths (such as /etc" - elog "or /bin), you might want to disable at least rule 950005 (command injection)" - elog "if you're sure it might not be a security risk." + elog "or /bin), you might want to disable at least rules 950005 and 950907" + elog "(command injection) if you're sure it might not be a security risk." elog " " elog "To do that on the most limited case you might want to use something like" elog "the following code (this comes from a Typo weblog instance):" elog " " elog " <Location /comments>" - elog " SecRuleRemoveById 950005" + elog " SecRuleRemoveById 950005 950907" elog " </Location>" elog " " } |