16:32 joneum 

Merge r535197 from www/nginx-devel:

Remove legacy third-party modules:

o) modsecurity2
o) fastdfs

All modules, including all third-party modules, are dynamic now.

Sponsored by:	Netzkommune GmbH

 

18:52 joneum 

Update 3rd party-module:
- modsecurity to 2.9.3
- njs to 21572a0

Sponsored by:	Netzkommune GmbH

 

08:41 joneum 

Update third-party-module:

- modsecurity from 2.9.1 to 2.9.2
- remove needless patch

Update LOCAL Mastersite

 

21:45 osa 

Upgrade third-party modules:

o) http_push from 0.99.6 to 0.99.7;
o) modsecurity from 2.9.1-RC1 to 2.9.1.

 

18:09 osa 

Upgrade third-party modsecurity module from 2.9.0 to 2.9.1-rc1.

 

12:03 osa 

Use luajit instead of lua for third-party modsecurity module, sort list of
dependences for it.

PR:	200263

 

12:49 osa 

Update third-party modsecurity module from 2.8.0 to 2.9.0.

<ChangeLog>

12 Feb 2015 - 2.9.0
-------------------

 * Fix apr_crypto.h include, now checking if apr_crypto.h is available by
   checking the definition WITH_APU_CRYPTO.
   [martinjina and ModSecurity team]

15 Dez 2014 - 2.9.0-RC2
-----------------------

 * OpenSSL dependency was removed on MS Windows builds. ModSecurity is now using
   the Windows certificate storage.
   [Gregg Smith, Steffen and ModSecurity team]
 * Informs about external resources loaded/failed while reloading Apache.
   [ModSecurity team]
 * Adds missing 'ModSecurity:' prefix in some warnings messages.
   [Walter Hop and ModSecurity team]
 * Refactoring external resources download warn messages. Holding the message
   to be displayed when Apache is ready to write on the error_log.
   [ModSecurity team]
 * Remote resources loading process is now failing in case of HTTP error.
   [Walter Hop and ModSecurity team]
 * Fixed start up crash on Apache with mod_ssl configured. Crash was happening
   during the download of remote resources.
   [Christian Folini, Walter Hop and ModSecurity team]
 * Curl is not a mandatory dependency to ModSecurity core anymore.
   [Rainer Jung and ModSecurity team]

18 Nov 2014 - 2.9.0-RC1
-----------------------

 * `pmFromFile' and `ipMatchFromFile' operators are now accepting HTTPS served
    files as parameter.
 * `SecRemoteRules' directive - allows you to specify a HTTPS served file that
    may contain rules in the SecRule format to be loaded into your ModSecurity
    instance.
 * `SecRemoteRulesFailAction' directive - allows you to control whenever the
    user wants to Abort or just Warn when there is a problem while downloading
    rules specified with the directive: `SecRemoteRules'.
 * `fuzzyHash' operator - allows to match contents using fuzzy hashes.
 * `FILES_TMP_CONTENT' collection - make available the content of uploaded
    files.
 * InsecureNoCheckCert - option to validate or not a chain of SSL certificates
   on mlogc connections.
 * ModSecurityIIS: ModSecurity event ID was changed from 0 to 0x1.
   [Issue #676 - Kris Kater and ModSecurity team]
 * Fixed signature on "status call": ModSecurity is now using the original
   server signature.
   [Issues #702 - Linas and ModSecurity team]
 * YAJL version is printed while ModSecurity initialization.
   [Issue #703 - Steffen (Apache Lounge) and Mauro Faccenda]
 * Fixed subnet representation using slash notation on the @ipMatch operator.
   [Issue #706 - Walter Hop and ModSecurity team]
 * Limited the length of a status call.
   [Issue #714 - 'cpanelkurt' and ModSecurity team]
 * Added the missing -P option to nginx regression tests.
   [Issue #720 - Paul Yang]
 * Fixed automake scripts to do not use features which will be deprecated in
   the upcoming releases of automake.
   [Issue #760 - ModSecurity team]
 * apr-utils's LDFALGS is now considered while building ModSecurity.
   [Issue #782 - Daniel J. Luke]
 * IIS installer is not considering IIS 6 as compatible anymore.
   [Issue #790 - ModSecurity team]
 * Fixed yajl build script: now looking for the correct header file.
   [Issue #804 - 'rpfilomeno' and ModSecurity team]
 * mlgoc is now forced to use TLS 1.x.
   [Issue #806 - Josh Amishav-Zlatin and ModSecurity team]

</ChangeLog>

 

17:47 osa 

Update third-party modsecurity module from 2.7.5 to latest version 2.8.0.