Bug 856525

Summary: mlogc is missing
Product: [Fedora] Fedora EPEL Reporter: Ronny Buchmann <ronny-rhbugzilla>
Component: mod_securityAssignee: Othman Madjoudj <athmanem>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: el6CC: athmanem, pvrabec
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-12-20 15:26:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ronny Buchmann 2012-09-12 08:35:15 UTC 
mlogc is missing in mod_security-2.6.7-1. This was included in mod_security-2.5.12.

This breaks existing installations using mlogc.

Applies also to el5 version.
Comment 1 Fedora Update System 2012-09-12 10:31:29 UTC 
mod_security-2.6.7-2.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/mod_security-2.6.7-2.el6
Comment 2 Othman Madjoudj 2012-09-12 10:35:34 UTC 
A new build with mlogc sub-package will be pushed to epel-testing (mod_security-2.6.7-2). 
EPEL 5 will follow soon.
Comment 3 Fedora Update System 2012-09-12 11:53:12 UTC 
mod_security-2.6.7-2.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/mod_security-2.6.7-2.el5
Comment 4 Ronny Buchmann 2012-09-12 13:03:07 UTC 
mlogc as a separate package is fine for me, but it doesn't provide a seamless update (which is broken anyway, due to mod_security_crs lingering in testing).

I think the right way would be to have mod_security require mlogc and mod_security_crs for EPEL
Comment 5 Fedora Update System 2012-09-12 19:28:23 UTC 
Package mod_security-2.6.7-2.el6:
* should fix your issue,
* was pushed to the Fedora EPEL 6 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=epel-testing mod_security-2.6.7-2.el6'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-12872/mod_security-2.6.7-2.el6
then log in and leave karma (feedback).
Comment 6 Othman Madjoudj 2012-09-13 10:18:37 UTC 
(In reply to comment #4)
> mlogc as a separate package is fine for me, but it doesn't provide a
> seamless update (which is broken anyway, due to mod_security_crs lingering
> in testing).
> 
> I think the right way would be to have mod_security require mlogc and
> mod_security_crs for EPEL

mlogc should be an optional package, because not everyone is deploying mod_security with it, there's other way to do mod_security logs analysis (some HIDS - Host-based intrusion detection system - can alert/block web attacks through mod_security audit log).
Comment 7 Fedora Update System 2012-12-20 15:26:15 UTC 
mod_security-2.6.7-2.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.