misc/141831: upgrade www/mod_security is overwriting existing rules
as default setting
Carsten Wiedmann
carsten_sttgt at gmx.de
Mon Dec 21 10:40:07 UTC 2009
>Number: 141831
>Category: misc
>Synopsis: upgrade www/mod_security is overwriting existing rules as default setting
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Dec 21 10:40:06 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Carsten Wiedmann
>Release: FreeBSD 8.0-RELEASE
>Organization:
>Environment:
>Description:
Hello,
I've just updated mod_security to 2.5.11 with portupgrade and I was not happy about that all my adjusted rules was overwritten (and also the adjusted mod_security2.conf).
And of course, the installed core rules was version 2.0.4 and now there was also a downgrade to 2.0.3.
Now I've seen there is a SKIP_RULES. That's for make.conf?
It also seems, that the port is not installing the tool "rules-updater".
Regards,
Carsten
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list