MDVSA-2010:050
- Package name
- apache-mod_security
- Date
- 2010-02-26
- Advisory ID
- MDVSA-2010:050
- Affected versions
- CS4.0 x86_64 , MES5 i586 , CS4.0 i586 , MES5 x86_64
Problem description
This release fixes several important issues to help prevent a detection
bypass and denial of service attacks against ModSecurity. Quite a few
small but notable bugs were fixed. The latest Core Ruleset (2.0.5)
is included.
This update provides mod_security 2.5.12, which is not vulnerable to
these issues.
Updated packages
CS4.0 x86_64
ae250cdf3ad5a26412060761a5f9b693 corporate/4.0/x86_64/apache-mod_security-2.5.12-0.1.20060mlcs4.x86_64.rpm 8cd16b4b4169fdc674172f528a8e300b corporate/4.0/x86_64/mlogc-2.5.12-0.1.20060mlcs4.x86_64.rpm 643bbdd7992f90d73701b147dacfdb11 corporate/4.0/SRPMS/apache-mod_security-2.5.12-0.1.20060mlcs4.src.rpm
MES5 i586
5d075d31c949990342c25e1ebfd1c3d5 mes5/i586/apache-mod_security-2.5.12-0.1mdvmes5.i586.rpm bafe8e09662e57e35cc97852fc0594f2 mes5/i586/mlogc-2.5.12-0.1mdvmes5.i586.rpm 6a81014ccb3844947f4bace2435f51d2 mes5/SRPMS/apache-mod_security-2.5.12-0.1mdvmes5.src.rpm
CS4.0 i586
060b65ea36f76addd895826357b2a5b6 corporate/4.0/i586/apache-mod_security-2.5.12-0.1.20060mlcs4.i586.rpm 6adf7cc4ab70afa5bde905d216016c2d corporate/4.0/i586/mlogc-2.5.12-0.1.20060mlcs4.i586.rpm 643bbdd7992f90d73701b147dacfdb11 corporate/4.0/SRPMS/apache-mod_security-2.5.12-0.1.20060mlcs4.src.rpm
MES5 x86_64
0da28a88ecf44589784c6ab2f090ae13 mes5/x86_64/apache-mod_security-2.5.12-0.1mdvmes5.x86_64.rpm 101288df2a94f66354b6a4bfdc1b003f mes5/x86_64/mlogc-2.5.12-0.1mdvmes5.x86_64.rpm 6a81014ccb3844947f4bace2435f51d2 mes5/SRPMS/apache-mod_security-2.5.12-0.1mdvmes5.src.rpm