Bug#1040858: nmu: libnginx-mod-http-modsecurity_1.0.3-1+b1
On Tue, Jul 11, 2023 at 05:01:11PM +0200, Tobias Frost wrote:
>
> The situation is explained in more details in #1040799, but the gist
> is that src:libnginx-mod-http-modsecurity is currently compiled against "old" PCRE3 instead
> of "new" PCRE2, and thus is broken in unstable, testing and stable..
>
> This were the events that lead to the issue:
>
> - nginx uploaded with OLD PCRE
> - libnginx-mod-http-modsecurity entered NEW and had been accepted
> - it uses the OLD PCRE, as it is compiled against libmodsecurity3, which uses PCRE at that time
> - nginx uploaded with NEW PCRE2
> - modsecurity uploaded with PCRE2
>
> Situation:
> nginx -> PCRE2
> modsecurity -> PCRE2
> libnginx-mod-http-modsecurity -> OLD PCRE
thanks for clarification.
> --> a binnmu will rectify that.
>
> As Adam said in #1040799, this needs to be fixed first in unstable, this is
> why I'm filing this bug. ("b3" is required to ensure that unstable is newr than stable)
thanks again.
Now if the new (binNMU) package will be uploaded in the unstable (without
any modification), then we can apply the pending PR[1] and upload
it with a new version, eg. libnginx-mod-http-modsecurity_1.0.3-2?
a.
1: https://salsa.debian.org/modsecurity-packaging-team/libnginx-mod-http-modsecurity/-/merge_requests/1
Reply to: