Change log : modsecurity-crs package : Debian

3.3.5-2

Published in sid-release on 2023-10-14

modsecurity-crs (3.3.5-2) unstable; urgency=medium

  [ Debian Janitor ]
  * Apply multi-arch hints. + modsecurity-crs: Add Multi-Arch: foreign.
  * Use versioned copyright format URI.
  * Update watch file format version to 4.
  * Bump debhelper from old 12 to 13.
  * Set debhelper-compat version in Build-Depends.
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
  * debian/watch: Use GitHub /tags rather than /releases page.
  * Set upstream metadata fields: Repository, Security-Contact.
    Note: see modifications in these PR's:
    https://salsa.debian.org/modsecurity-packaging-team/modsecurity-crs/-/merge_requests/2/
    https://salsa.debian.org/modsecurity-packaging-team/modsecurity-crs/-/merge_requests/4/

 -- Ervin Hegedüs <email address hidden>  Sun, 01 Oct 2023 20:11:31 +0200

3.3.5-1

Superseded in sid-release on 2023-10-14

modsecurity-crs (3.3.5-1) unstable; urgency=medium

  * Team upload
  * New upstream version 3.3.5
    Fixes CVE-2023-38199. (Closes: #1041109)

 -- Ervin Hegedüs <email address hidden>  Sat, 29 Jul 2023 17:04:52 +0200

Available diffs

diff from 3.3.4-1 to 3.3.5-1 (175.3 KiB)

3.3.4-1

Published in bookworm-release on 2023-06-01

Superseded in sid-release on 2023-07-31

modsecurity-crs (3.3.4-1) unstable; urgency=medium

  * New upstream version
  * Fixes CVE-2022-39955, CVE-2022-39956, CVE-2022-39957
    and CVE-2022-39958. (Closes: #1021137)
  * Lower libapache2-mod-security2 Recommends to Suggests.
    Bump version number due to new requirements.

 -- Ervin Hegedüs <email address hidden>  Sun, 02 Oct 2022 17:24:54 +0200

Available diffs

diff from 3.3.2-1 to 3.3.4-1 (31.7 KiB)

3.1.0-1+deb10u2

Published in buster-release on 2021-10-09

modsecurity-crs (3.1.0-1+deb10u2) buster; urgency=medium

  * Add upstream patch to fix request body bypass
    CVE-2021-35368 (Closes: #992000)

 -- Alberto Gonzalez Iniesta <email address hidden>  Tue, 24 Aug 2021 12:37:59 +0200

3.3.0-1+deb11u1

Published in bullseye-release on 2021-10-09

modsecurity-crs (3.3.0-1+deb11u1) bullseye; urgency=medium

  * Add upstream patch to fix request body bypass
    CVE-2021-35368 (Closes: #992000)

 -- Alberto Gonzalez Iniesta <email address hidden>  Tue, 24 Aug 2021 17:40:57 +0200

3.3.2-1

Superseded in sid-release on 2022-10-03

modsecurity-crs (3.3.2-1) unstable; urgency=medium

  * New upstream version
  * Fixes CVE-2021-35368 (Closes: #92000)

 -- Alberto Gonzalez Iniesta <email address hidden>  Tue, 24 Aug 2021 10:09:01 +0200

Available diffs

diff from 3.3.0-1 to 3.3.2-1 (14.8 KiB)

3.3.0-1

Superseded in bullseye-release on 2021-10-09

Superseded in sid-release on 2021-08-24

modsecurity-crs (3.3.0-1) unstable; urgency=medium

  * New upstream version 3.3.0
  * Refresh patches/fix_paths

 -- Alberto Gonzalez Iniesta <email address hidden>  Sun, 16 Aug 2020 20:24:09 +0200

Available diffs

diff from 3.2.0-1 to 3.3.0-1 (224.5 KiB)

3.1.0-1+deb10u1

Superseded in buster-release on 2021-10-09

modsecurity-crs (3.1.0-1+deb10u1) buster; urgency=medium

  * Add upstream patch to fix php script upload rules.
    CVE-2019-13464 (Closes: #943773)

 -- Alberto Gonzalez Iniesta <email address hidden>  Sun, 03 Nov 2019 14:34:05 +0100

3.2.0-1

Superseded in sid-release on 2020-08-16

modsecurity-crs (3.2.0-1) unstable; urgency=medium

  [ Alberto Gonzalez Iniesta ]
  * debian/control: Add Vcs-* fields

  [ Ervin Hegedus ]
  * New upstream version 3.2.0 (Closes: #943773)
  * Bump debian/compat and Build-Dep on debhelper to 12
  * Added <email address hidden> to Uploaders
  * Modified fix_paths patch:
    * removed the crs-setup.conf.example related part (upstream updated)
    * added the right interpreter in the new script under util/

 -- Ervin Hegedus <email address hidden>  Mon, 21 Oct 2019 19:05:16 +0000

Available diffs

diff from 3.1.1-1 to 3.2.0-1 (125.6 KiB)

3.1.1-1

Superseded in sid-release on 2019-11-03

modsecurity-crs (3.1.1-1) unstable; urgency=medium

  * New upstream release.
  * Fixes CVE-2019-11387 (Closes: #928053)

 -- Alberto Gonzalez Iniesta <email address hidden>  Wed, 26 Jun 2019 08:42:44 +0200

Available diffs

diff from 3.1.0-1 to 3.1.1-1 (14.7 KiB)

3.1.0-1

Superseded in buster-release on 2019-11-16

Superseded in sid-release on 2019-06-26

modsecurity-crs (3.1.0-1) unstable; urgency=medium

  * New upstream release.
  * Bump debian/compat and Build-Dep on debhelper to 11
  * Bumped Standards-Version to 4.2.1.

 -- Alberto Gonzalez Iniesta <email address hidden>  Tue, 27 Nov 2018 09:12:54 +0100

Available diffs

diff from 3.0.2-1 to 3.1.0-1 (176.8 KiB)

3.0.2-1

Superseded in buster-release on 2018-12-02

Superseded in sid-release on 2018-11-27

modsecurity-crs (3.0.2-1) unstable; urgency=medium

  * New upstream release.
  * Add "python" as Suggests to make lintian happy.
  * Bumped Standards-Version to 4.1.0. Changed Priority to "optional".

 -- Alberto Gonzalez Iniesta <email address hidden>  Tue, 10 Oct 2017 09:59:46 +0200

Available diffs

diff from 3.0.0-3 to 3.0.2-1 (16.8 KiB)

2.2.9-1+deb8u1

Published in jessie-release on 2017-05-07

modsecurity-crs (2.2.9-1+deb8u1) stable; urgency=medium

  * Fix typo in modsecurity_crs_16_session_hijacking.conf.
    (Closes: #838009)

 -- Alberto Gonzalez Iniesta <email address hidden>  Thu, 17 Nov 2016 11:18:03 +0100

3.0.0-3

Superseded in buster-release on 2017-10-15

Published in stretch-release on 2017-01-02

Superseded in sid-release on 2017-10-10

modsecurity-crs (3.0.0-3) unstable; urgency=medium

  * Add KNOWN_BUGS file to package
  * Demote libapache2-mod-security2's Dependency to Recommends so nginx
    users can install modsecurity-crs. (Closes: #807033)
  * Move crs-setup and EXCLUSION-RULES to /etc/modsecurity/crs to ease
    user editing and package upgrading.
  * Add new file owasp-crs.load which Includes the required files to get
    OWASP CRS working.

 -- Alberto Gonzalez Iniesta <email address hidden>  Wed, 21 Dec 2016 11:23:50 +0100

Available diffs

diff from 3.0.0-2 to 3.0.0-3 (1.9 KiB)

3.0.0-2

Superseded in stretch-release on 2017-01-02

Superseded in sid-release on 2016-12-22

modsecurity-crs (3.0.0-2) unstable; urgency=medium

  * Improve README.Debian to avoid including conf files twice.

 -- Alberto Gonzalez Iniesta <email address hidden>  Thu, 17 Nov 2016 13:30:39 +0100

Available diffs

diff from 2.2.9-2 to 3.0.0-2 (370.2 KiB)

2.2.9-2

Superseded in stretch-release on 2016-11-23

Superseded in sid-release on 2016-11-17

modsecurity-crs (2.2.9-2) unstable; urgency=medium

  * patches/fix_826710.patch. Remove typo in rule 981063.

 -- Alberto Gonzalez Iniesta <email address hidden>  Mon, 19 Sep 2016 19:43:05 +0200

Available diffs

diff from 2.2.9-1 to 2.2.9-2 (757 bytes)

2.2.9-1

Superseded in stretch-release on 2016-09-25

Superseded in jessie-release on 2017-05-07

Superseded in sid-release on 2016-09-20

modsecurity-crs (2.2.9-1) unstable; urgency=medium


  * New upstream version
  * Change Depends from libapache2-modsecurity to 
    libapache2-mod-security2.
  * Bump dependency version on libapache2-mod-security2.

 -- Alberto Gonzalez Iniesta <email address hidden>  Tue, 23 Sep 2014 13:22:17 +0200

Available diffs

diff from 2.2.8-1 to 2.2.9-1 (30.8 KiB)

2.2.8-1

Superseded in jessie-release on 2014-09-29

Superseded in sid-release on 2014-09-23

modsecurity-crs (2.2.8-1) unstable; urgency=low


  * New upstream version
  * Update perl_path patch
  * Fix path to GeoLiteCity.dat (Closes: #705248)
  * Add geoip-database-contrib to Suggests
  * Fix path to arachni_integration.lua (Closes: #705249)
  * Fix path to appsensor_request_exception_enforce.lua (Closes: #705250)
  * Update debian/rules and debian/watch

 -- Alberto Gonzalez Iniesta <email address hidden>  Fri, 12 Jul 2013 10:36:51 +0200

Available diffs

diff from 2.2.5-2 to 2.2.8-1 (284.9 KiB)

2.2.5-2

Superseded in jessie-release on 2013-07-23

Published in wheezy-release on 2012-07-16

Superseded in sid-release on 2013-07-12

modsecurity-crs (2.2.5-2) unstable; urgency=low


  * Update debian/copyright with right license.

 -- Alberto Gonzalez Iniesta <email address hidden>  Mon, 02 Jul 2012 17:18:35 +0200

Available diffs

diff from 2.2.5-1 to 2.2.5-2 (958 bytes)

2.2.5-1

Superseded in wheezy-release on 2012-07-16

Superseded in sid-release on 2012-07-02

modsecurity-crs (2.2.5-1) unstable; urgency=low


  * New upstream release

 -- Alberto Gonzalez Iniesta <email address hidden>  Mon, 18 Jun 2012 11:44:26 +0200

Available diffs

diff from 2.2.4-1 to 2.2.5-1 (40.3 KiB)

2.2.4-1

Superseded in wheezy-release on 2012-06-29

Superseded in sid-release on 2012-06-18

modsecurity-crs (2.2.4-1) unstable; urgency=low


  * New upstream release
  * Include activated_rules/ directory for alternate way to handle
    rules inclusion
  * Bumped Standards-Version to 3.9.3

 -- Alberto Gonzalez Iniesta <email address hidden>  Fri, 16 Mar 2012 17:23:57 +0100

Available diffs

diff from 2.2.0-1 (in Ubuntu) to 2.2.4-1 (640.8 KiB)

2.2.3-1

Superseded in sid-release on 2012-03-17

modsecurity-crs (2.2.3-1) unstable; urgency=low


  * New upstream release

 -- Alberto Gonzalez Iniesta <email address hidden>  Tue, 20 Dec 2011 07:47:43 +0100

2.2.2-1

Superseded in sid-release on 2011-12-20

modsecurity-crs (2.2.2-1) unstable; urgency=low


  * New upstream release
  * Added >= 2.6.0 to libapache2-modsecurity dependency (Closes: #640837)

 -- Alberto Gonzalez Iniesta <email address hidden>  Sun, 02 Oct 2011 12:16:35 +0200

2.2.0-1

Superseded in wheezy-release on 2012-03-31

Superseded in sid-release on 2011-10-02

modsecurity-crs (2.2.0-1) unstable; urgency=low
  * New upstream release  * Bumped Standards-Version to 3.9.2 -- Alberto Gonzalez Iniesta <email address hidden>  Thu, 16 Jun 2011 17:55:02 +0200

2.1.2-1

Superseded in wheezy-release on 2011-09-21

Superseded in sid-release on 2011-09-20

modsecurity-crs (2.1.2-1) unstable; urgency=low
  * Initial release (Closes: #620252) -- Alberto Gonzalez Iniesta <email address hidden>  Thu, 31 Mar 2011 16:42:48 +0200

Debian
modsecurity-crs package

Change log for modsecurity-crs package in Debian

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Debianmodsecurity-crs package

Change log for modsecurity-crs package in Debian

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Debian
modsecurity-crs package