[SECURITY] Fedora 10 Update: mod_security-2.5.9-1.fc10

Fri Mar 13 18:44:16 UTC 2009

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-2686
2009-03-13 18:04:33
--------------------------------------------------------------------------------

Name        : mod_security
Product     : Fedora 10
Version     : 2.5.9
Release     : 1.fc10
URL         : http://www.modsecurity.org/
Summary     : Security module for the Apache HTTP Server
Description :
ModSecurity is an open source intrusion detection and prevention engine
for web applications. It operates embedded into the web server, acting
as a powerful umbrella - shielding web applications from attacks.

--------------------------------------------------------------------------------
Update Information:

Security fixes for potential denials of service when using PDF XSS protection as
well as when parsing multipart requests.
http://sourceforge.net/project/shownotes.php?release_id=667542&group_id=68846
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 12 2009 Michael Fleming <mfleming+rpm at thatfleminggent.com> 2.5.9-1
- Update to upstream release 2.5.9
- Fixes potential DoS' in multipart request and PDF XSS handling
* Mon Dec 29 2008 Michael Fleming <mfleming+rpm at enlartenment.com> 2.5.7-1
- Update to upstream 2.5.7
- Reinstate mlogc
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mod_security' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------