All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Yann E. MORIN" <yann.morin.1998@free.fr>
To: Frank Vanbever <frank.vanbever@mind.be>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 1/1] package/libmodsecurity: security bump to 3.0.12
Date: Wed, 21 Feb 2024 18:14:06 +0100	[thread overview]
Message-ID: <ZdYvXmci-R4HOSkd@landeda> (raw)
In-Reply-To: <20240217092413.288309-1-frank.vanbever@mind.be>

Frank, All,

On 2024-02-17 10:24 +0100, Frank Vanbever via buildroot spake thusly:
> The project has been transferred from Trustwave (SpiderLabs) to OWASP, hence the
> change in URLs. The upstream CPE vendor ID will likely also change in the future
> but the upstream is still working on this [1].
> 
> - Fixes:
>   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1019
> 
> [1] https://github.com/owasp-modsecurity/ModSecurity/issues/3083
> 
> Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>

Applied to master, thanks.

Regards,
Yann E. MORIN.

> ---
>  package/libmodsecurity/Config.in           | 2 +-
>  package/libmodsecurity/libmodsecurity.hash | 5 +++--
>  package/libmodsecurity/libmodsecurity.mk   | 4 ++--
>  3 files changed, 6 insertions(+), 5 deletions(-)
> 
> diff --git a/package/libmodsecurity/Config.in b/package/libmodsecurity/Config.in
> index 69bb0494cc..da14b21669 100644
> --- a/package/libmodsecurity/Config.in
> +++ b/package/libmodsecurity/Config.in
> @@ -17,7 +17,7 @@ config BR2_PACKAGE_LIBMODSECURITY
>  	  SecRules format and apply them to HTTP content
>  	  provided by your application via Connectors.
>  
> -	  https://github.com/SpiderLabs/ModSecurity
> +	  https://github.com/owasp-modsecurity/ModSecurity
>  
>  comment "libmodsecurity needs a toolchain w/ C++, threads, dynamic library"
>  	depends on !BR2_INSTALL_LIBSTDCPP || \
> diff --git a/package/libmodsecurity/libmodsecurity.hash b/package/libmodsecurity/libmodsecurity.hash
> index b0a1bf33f3..2221a8a37d 100644
> --- a/package/libmodsecurity/libmodsecurity.hash
> +++ b/package/libmodsecurity/libmodsecurity.hash
> @@ -1,4 +1,5 @@
> -# From https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.11/modsecurity-v3.0.11.tar.gz.sha256
> -sha256  070f46c779d30785b95eb1316b46e2e4e6f90fd94a96aaca4bd54cd94738b692  modsecurity-v3.0.11.tar.gz
> +# From https://github.com/owasp-modsecurity/ModSecurity/releases/download/v3.0.12/modsecurity-v3.0.12.tar.gz.sha256
> +sha256  a36118401641feef376bb469bf468abf94b7948844976a188a6fccb53390b11f  modsecurity-v3.0.12.tar.gz
> +
>  # Localy calculated
>  sha256  c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4  LICENSE
> diff --git a/package/libmodsecurity/libmodsecurity.mk b/package/libmodsecurity/libmodsecurity.mk
> index 548eeb8602..d8c10b98b2 100644
> --- a/package/libmodsecurity/libmodsecurity.mk
> +++ b/package/libmodsecurity/libmodsecurity.mk
> @@ -4,9 +4,9 @@
>  #
>  ################################################################################
>  
> -LIBMODSECURITY_VERSION = 3.0.11
> +LIBMODSECURITY_VERSION = 3.0.12
>  LIBMODSECURITY_SOURCE = modsecurity-v$(LIBMODSECURITY_VERSION).tar.gz
> -LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/v$(LIBMODSECURITY_VERSION)
> +LIBMODSECURITY_SITE = https://github.com/owasp-modsecurity/ModSecurity/releases/download/v$(LIBMODSECURITY_VERSION)
>  LIBMODSECURITY_INSTALL_STAGING = YES
>  LIBMODSECURITY_LICENSE = Apache-2.0
>  LIBMODSECURITY_LICENSE_FILES = LICENSE
> -- 
> 2.40.1
> 
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

  reply	other threads:[~2024-02-21 17:14 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-17  9:24 [Buildroot] [PATCH 1/1] package/libmodsecurity: security bump to 3.0.12 Frank Vanbever via buildroot
2024-02-21 17:14 ` Yann E. MORIN [this message]
2024-03-16 22:28 ` Peter Korsgaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZdYvXmci-R4HOSkd@landeda \
    --to=yann.morin.1998@free.fr \
    --cc=buildroot@buildroot.org \
    --cc=frank.vanbever@mind.be \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.