Paketname
apache-mod_security
Datum
2010-02-26
Advisory ID
MDVSA-2010:050
Betroffene Versionen
CS4.0 x86_64 , MES5 i586 , CS4.0 i586 , MES5 x86_64

Problembeschreibung

This release fixes several important issues to help prevent a detection
bypass and denial of service attacks against ModSecurity. Quite a few
small but notable bugs were fixed. The latest Core Ruleset (2.0.5)
is included.

This update provides mod_security 2.5.12, which is not vulnerable to
these issues.

Aktualisierte Pakete

CS4.0 x86_64

 ae250cdf3ad5a26412060761a5f9b693  corporate/4.0/x86_64/apache-mod_security-2.5.12-0.1.20060mlcs4.x86_64.rpm
 8cd16b4b4169fdc674172f528a8e300b  corporate/4.0/x86_64/mlogc-2.5.12-0.1.20060mlcs4.x86_64.rpm 
 643bbdd7992f90d73701b147dacfdb11  corporate/4.0/SRPMS/apache-mod_security-2.5.12-0.1.20060mlcs4.src.rpm

MES5 i586

 5d075d31c949990342c25e1ebfd1c3d5  mes5/i586/apache-mod_security-2.5.12-0.1mdvmes5.i586.rpm
 bafe8e09662e57e35cc97852fc0594f2  mes5/i586/mlogc-2.5.12-0.1mdvmes5.i586.rpm 
 6a81014ccb3844947f4bace2435f51d2  mes5/SRPMS/apache-mod_security-2.5.12-0.1mdvmes5.src.rpm

CS4.0 i586

 060b65ea36f76addd895826357b2a5b6  corporate/4.0/i586/apache-mod_security-2.5.12-0.1.20060mlcs4.i586.rpm
 6adf7cc4ab70afa5bde905d216016c2d  corporate/4.0/i586/mlogc-2.5.12-0.1.20060mlcs4.i586.rpm 
 643bbdd7992f90d73701b147dacfdb11  corporate/4.0/SRPMS/apache-mod_security-2.5.12-0.1.20060mlcs4.src.rpm

MES5 x86_64

 0da28a88ecf44589784c6ab2f090ae13  mes5/x86_64/apache-mod_security-2.5.12-0.1mdvmes5.x86_64.rpm
 101288df2a94f66354b6a4bfdc1b003f  mes5/x86_64/mlogc-2.5.12-0.1mdvmes5.x86_64.rpm 
 6a81014ccb3844947f4bace2435f51d2  mes5/SRPMS/apache-mod_security-2.5.12-0.1mdvmes5.src.rpm

Referenzen