modsecurity-crs (3.3.5-2) unstable; urgency=medium [ Debian Janitor ] * Apply multi-arch hints. + modsecurity-crs: Add Multi-Arch: foreign. * Use versioned copyright format URI. * Update watch file format version to 4. * Bump debhelper from old 12 to 13. * Set debhelper-compat version in Build-Depends. * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse. * debian/watch: Use GitHub /tags rather than /releases page. * Set upstream metadata fields: Repository, Security-Contact. Note: see modifications in these PR's: https://salsa.debian.org/modsecurity-packaging-team/modsecurity-crs/-/merge_requests/2/ https://salsa.debian.org/modsecurity-packaging-team/modsecurity-crs/-/merge_requests/4/ -- Ervin Hegedüs Sun, 01 Oct 2023 20:11:31 +0200 modsecurity-crs (3.3.5-1) unstable; urgency=medium * Team upload * New upstream version 3.3.5 Fixes CVE-2023-38199. (Closes: #1041109) -- Ervin Hegedüs Sat, 29 Jul 2023 17:04:52 +0200 modsecurity-crs (3.3.4-1) unstable; urgency=medium * New upstream version * Fixes CVE-2022-39955, CVE-2022-39956, CVE-2022-39957 and CVE-2022-39958. (Closes: #1021137) * Lower libapache2-mod-security2 Recommends to Suggests. Bump version number due to new requirements. -- Ervin Hegedüs Sun, 02 Oct 2022 17:24:54 +0200 modsecurity-crs (3.3.2-1) unstable; urgency=medium * New upstream version * Fixes CVE-2021-35368 (Closes: #92000) -- Alberto Gonzalez Iniesta Tue, 24 Aug 2021 10:09:01 +0200 modsecurity-crs (3.3.0-1) unstable; urgency=medium * New upstream version 3.3.0 * Refresh patches/fix_paths -- Alberto Gonzalez Iniesta Sun, 16 Aug 2020 20:24:09 +0200 modsecurity-crs (3.2.0-1) unstable; urgency=medium [ Alberto Gonzalez Iniesta ] * debian/control: Add Vcs-* fields [ Ervin Hegedus ] * New upstream version 3.2.0 (Closes: #943773) * Bump debian/compat and Build-Dep on debhelper to 12 * Added to Uploaders * Modified fix_paths patch: * removed the crs-setup.conf.example related part (upstream updated) * added the right interpreter in the new script under util/ -- Ervin Hegedus Mon, 21 Oct 2019 19:05:16 +0000 modsecurity-crs (3.1.1-1) unstable; urgency=medium * New upstream release. * Fixes CVE-2019-11387 (Closes: #928053) -- Alberto Gonzalez Iniesta Wed, 26 Jun 2019 08:42:44 +0200 modsecurity-crs (3.1.0-1) unstable; urgency=medium * New upstream release. * Bump debian/compat and Build-Dep on debhelper to 11 * Bumped Standards-Version to 4.2.1. -- Alberto Gonzalez Iniesta Tue, 27 Nov 2018 09:12:54 +0100 modsecurity-crs (3.0.2-1) unstable; urgency=medium * New upstream release. * Add "python" as Suggests to make lintian happy. * Bumped Standards-Version to 4.1.0. Changed Priority to "optional". -- Alberto Gonzalez Iniesta Tue, 10 Oct 2017 09:59:46 +0200 modsecurity-crs (3.0.0-3) unstable; urgency=medium * Add KNOWN_BUGS file to package * Demote libapache2-mod-security2's Dependency to Recommends so nginx users can install modsecurity-crs. (Closes: #807033) * Move crs-setup and EXCLUSION-RULES to /etc/modsecurity/crs to ease user editing and package upgrading. * Add new file owasp-crs.load which Includes the required files to get OWASP CRS working. -- Alberto Gonzalez Iniesta Wed, 21 Dec 2016 11:23:50 +0100 modsecurity-crs (3.0.0-2) unstable; urgency=medium * Improve README.Debian to avoid including conf files twice. -- Alberto Gonzalez Iniesta Thu, 17 Nov 2016 13:30:39 +0100 modsecurity-crs (3.0.0-1) unstable; urgency=medium * New upstream release. -- Alberto Gonzalez Iniesta Mon, 14 Nov 2016 19:17:48 +0100 modsecurity-crs (2.2.9-2) unstable; urgency=medium * patches/fix_826710.patch. Remove typo in rule 981063. -- Alberto Gonzalez Iniesta Mon, 19 Sep 2016 19:43:05 +0200 modsecurity-crs (2.2.9-1) unstable; urgency=medium * New upstream version * Change Depends from libapache2-modsecurity to libapache2-mod-security2. * Bump dependency version on libapache2-mod-security2. -- Alberto Gonzalez Iniesta Tue, 23 Sep 2014 13:22:17 +0200 modsecurity-crs (2.2.8-1) unstable; urgency=low * New upstream version * Update perl_path patch * Fix path to GeoLiteCity.dat (Closes: #705248) * Add geoip-database-contrib to Suggests * Fix path to arachni_integration.lua (Closes: #705249) * Fix path to appsensor_request_exception_enforce.lua (Closes: #705250) * Update debian/rules and debian/watch -- Alberto Gonzalez Iniesta Fri, 12 Jul 2013 10:36:51 +0200 modsecurity-crs (2.2.5-2) unstable; urgency=low * Update debian/copyright with right license. -- Alberto Gonzalez Iniesta Mon, 02 Jul 2012 17:18:35 +0200 modsecurity-crs (2.2.5-1) unstable; urgency=low * New upstream release -- Alberto Gonzalez Iniesta Mon, 18 Jun 2012 11:44:26 +0200 modsecurity-crs (2.2.4-1) unstable; urgency=low * New upstream release * Include activated_rules/ directory for alternate way to handle rules inclusion * Bumped Standards-Version to 3.9.3 -- Alberto Gonzalez Iniesta Fri, 16 Mar 2012 17:23:57 +0100 modsecurity-crs (2.2.3-1) unstable; urgency=low * New upstream release -- Alberto Gonzalez Iniesta Tue, 20 Dec 2011 07:47:43 +0100 modsecurity-crs (2.2.2-1) unstable; urgency=low * New upstream release * Added >= 2.6.0 to libapache2-modsecurity dependency (Closes: #640837) -- Alberto Gonzalez Iniesta Sun, 02 Oct 2011 12:16:35 +0200 modsecurity-crs (2.2.0-1) unstable; urgency=low * New upstream release * Bumped Standards-Version to 3.9.2 -- Alberto Gonzalez Iniesta Thu, 16 Jun 2011 17:55:02 +0200 modsecurity-crs (2.1.2-1) unstable; urgency=low * Initial release (Closes: #620252) -- Alberto Gonzalez Iniesta Thu, 31 Mar 2011 16:42:48 +0200