diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index b53607c..0000000
--- a/.gitignore
+++ /dev/null
@@ -1,25 +0,0 @@
-modsecurity-apache_2.5.12.tar.gz
-/modsecurity-apache_2.5.13.tar.gz
-/modsecurity-apache_2.6.5.tar.gz
-/modsecurity-apache_2.6.6.tar.gz
-/modsecurity-apache_2.6.8.tar.gz
-/modsecurity-apache_2.7.0.tar.gz
-/modsecurity-apache_2.7.1.tar.gz
-/modsecurity-apache_2.7.2.tar.gz
-/modsecurity-apache_2.7.3.tar.gz
-/modsecurity-apache_2.7.4.tar.gz
-/modsecurity-apache_2.7.5.tar.gz
-/modsecurity-apache_2.7.5.tar.gz.sha256
-/v2.7.6.tar.gz
-/modsecurity-apache_2.7.7.tar.gz
-/modsecurity-apache_2.7.7.tar.gz.sha256
-/modsecurity-2.8.0.tar.gz
-/modsecurity-2.8.0.tar.gz.sha256
-/modsecurity-2.9.0.tar.gz
-/modsecurity-2.9.1.tar.gz
-/modsecurity-2.9.2.tar.gz
-/modsecurity-2.9.3.tar.gz
-/modsecurity-2.9.4.tar.gz
-/modsecurity-2.9.5.tar.gz
-/modsecurity-2.9.6.tar.gz
-/modsecurity-2.9.7.tar.gz
diff --git a/10-mod_security.conf b/10-mod_security.conf
deleted file mode 100644
index dfe0955..0000000
--- a/10-mod_security.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-LoadModule security2_module modules/mod_security2.so
-
-
- LoadModule unique_id_module modules/mod_unique_id.so
-
diff --git a/dead.package b/dead.package
new file mode 100644
index 0000000..393d437
--- /dev/null
+++ b/dead.package
@@ -0,0 +1 @@
+mod_security was removed due to minimization efforts prior to public launch
diff --git a/mod_security-2.9.3-remote-rules-timeout.patch b/mod_security-2.9.3-remote-rules-timeout.patch
deleted file mode 100644
index 1d347ac..0000000
--- a/mod_security-2.9.3-remote-rules-timeout.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c
-index 80f8f2b..7912d84 100644
---- a/apache2/apache2_config.c
-+++ b/apache2/apache2_config.c
-@@ -2354,6 +2354,24 @@ static const char *cmd_remote_rules(cmd_parms *cmd, void *_dcfg, const char *p1,
- }
-
-
-+static const char *cmd_remote_timeout(cmd_parms *cmd, void *_dcfg, const char *p1)
-+{
-+ directory_config *dcfg = (directory_config *)_dcfg;
-+ long int timeout;
-+
-+ if (dcfg == NULL) return NULL;
-+
-+ timeout = strtol(p1, NULL, 10);
-+ if ((timeout == LONG_MAX)||(timeout == LONG_MIN)||(timeout < 0)) {
-+ return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SecRemoteTimeout: %s", p1);
-+ }
-+
-+ remote_rules_timeout = timeout;
-+
-+ return NULL;
-+}
-+
-+
- static const char *cmd_status_engine(cmd_parms *cmd, void *_dcfg, const char *p1)
- {
- if (strcasecmp(p1, "on") == 0) {
-@@ -3667,6 +3685,14 @@ const command_rec module_directives[] = {
- "Abort or Warn"
- ),
-
-+ AP_INIT_TAKE1 (
-+ "SecRemoteTimeout",
-+ cmd_remote_timeout,
-+ NULL,
-+ CMD_SCOPE_ANY,
-+ "timeout in seconds"
-+ ),
-+
-
- AP_INIT_TAKE1 (
- "SecXmlExternalEntity",
-diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c
-index 7bb215e..c155495 100644
---- a/apache2/mod_security2.c
-+++ b/apache2/mod_security2.c
-@@ -79,6 +79,8 @@ msc_remote_rules_server DSOLOCAL *remote_rules_server = NULL;
- #endif
- int DSOLOCAL remote_rules_fail_action = REMOTE_RULES_ABORT_ON_FAIL;
- char DSOLOCAL *remote_rules_fail_message = NULL;
-+unsigned long int DSOLOCAL remote_rules_timeout = NOT_SET;
-+
-
- int DSOLOCAL status_engine_state = STATUS_ENGINE_DISABLED;
-
-diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h
-index f24bc75..8bcd453 100644
---- a/apache2/modsecurity.h
-+++ b/apache2/modsecurity.h
-@@ -150,6 +150,7 @@ extern DSOLOCAL msc_remote_rules_server *remote_rules_server;
- #endif
- extern DSOLOCAL int remote_rules_fail_action;
- extern DSOLOCAL char *remote_rules_fail_message;
-+extern DSOLOCAL unsigned long int remote_rules_timeout;
-
- extern DSOLOCAL int status_engine_state;
-
-diff --git a/apache2/msc_remote_rules.c b/apache2/msc_remote_rules.c
-index 99968f0..b8db13e 100644
---- a/apache2/msc_remote_rules.c
-+++ b/apache2/msc_remote_rules.c
-@@ -358,6 +358,11 @@ int msc_remote_download_content(apr_pool_t *mp, const char *uri, const char *key
- /* We want Curl to return error in case there is an HTTP error code */
- curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1);
-
-+ /* In case we want different timeout than a default one */
-+ if (remote_rules_timeout != NOT_SET){
-+ curl_easy_setopt(curl, CURLOPT_TIMEOUT, remote_rules_timeout);
-+ }
-+
- res = curl_easy_perform(curl);
-
- if (res != CURLE_OK)
diff --git a/mod_security-2.9.7-send_error_bucket.patch b/mod_security-2.9.7-send_error_bucket.patch
deleted file mode 100644
index 7691507..0000000
--- a/mod_security-2.9.7-send_error_bucket.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From b2fa083522c70368c7ab911696dcb87dde5dc688 Mon Sep 17 00:00:00 2001
-From: Tomas Korbar
-Date: Thu, 22 Dec 2022 14:49:34 +0100
-Subject: [PATCH] Clear original response code in send_error_bucket function
-
-If this is left intact, then apache thinks that this code
-was generated during processing of ErrorDocument and does not
-handle it properly
-
-Fix #2849
----
- apache2/apache2_util.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/apache2/apache2_util.c b/apache2/apache2_util.c
-index cdae2b580..520a30f2f 100644
---- a/apache2/apache2_util.c
-+++ b/apache2/apache2_util.c
-@@ -31,6 +31,11 @@ apr_status_t send_error_bucket(modsec_rec *msr, ap_filter_t *f, int status) {
- /* Set the status line explicitly for the error document */
- f->r->status_line = ap_get_status_line(status);
-
-+ /* Clear previously set response code to make clear that this is
-+ * not a recursive error
-+ */
-+ f->r->status = 200;
-+
- brigade = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc);
- if (brigade == NULL) return APR_EGENERAL;
-
diff --git a/mod_security.conf b/mod_security.conf
deleted file mode 100644
index e9fe3dd..0000000
--- a/mod_security.conf
+++ /dev/null
@@ -1,56 +0,0 @@
-
- # Default recommended configuration
- SecRuleEngine On
- SecRequestBodyAccess On
- SecRule REQUEST_HEADERS:Content-Type "text/xml" \
- "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
- SecRequestBodyLimit 13107200
- SecRequestBodyNoFilesLimit 131072
- SecRequestBodyInMemoryLimit 131072
- SecRequestBodyLimitAction Reject
- SecRule REQBODY_ERROR "!@eq 0" \
- "id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
- SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
- "id:'200002',phase:2,t:none,log,deny,status:400,msg:'Multipart request body \
- failed strict validation: \
- PE %{REQBODY_PROCESSOR_ERROR}, \
- BQ %{MULTIPART_BOUNDARY_QUOTED}, \
- BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
- DB %{MULTIPART_DATA_BEFORE}, \
- DA %{MULTIPART_DATA_AFTER}, \
- HF %{MULTIPART_HEADER_FOLDING}, \
- LF %{MULTIPART_LF_LINE}, \
- SM %{MULTIPART_MISSING_SEMICOLON}, \
- IQ %{MULTIPART_INVALID_QUOTING}, \
- IP %{MULTIPART_INVALID_PART}, \
- IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
- FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
-
- SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
- "id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"
-
- SecPcreMatchLimit 1000
- SecPcreMatchLimitRecursion 1000
-
- SecRule TX:/^MSC_/ "!@streq 0" \
- "id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
-
- SecResponseBodyAccess Off
- SecDebugLog /var/log/httpd/modsec_debug.log
- SecDebugLogLevel 0
- SecAuditEngine RelevantOnly
- SecAuditLogRelevantStatus "^(?:5|4(?!04))"
- SecAuditLogParts ABIJDEFHZ
- SecAuditLogType Serial
- SecAuditLog /var/log/httpd/modsec_audit.log
- SecArgumentSeparator &
- SecCookieFormat 0
- SecTmpDir /var/lib/mod_security
- SecDataDir /var/lib/mod_security
-
- # ModSecurity Core Rules Set and Local configuration
- Include modsecurity.d/*.conf
- Include modsecurity.d/activated_rules/*.conf
- Include modsecurity.d/local_rules/*.conf
-
-
diff --git a/mod_security.spec b/mod_security.spec
deleted file mode 100644
index cb1dbdc..0000000
--- a/mod_security.spec
+++ /dev/null
@@ -1,526 +0,0 @@
-%{!?_httpd_apxs: %{expand: %%global _httpd_apxs %%{_sbindir}/apxs}}
-%{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo 0-0)}}
-# /etc/httpd/conf.d with httpd < 2.4 and defined as /etc/httpd/conf.modules.d with httpd >= 2.4
-%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
-%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}}
-%{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}}
-
-%bcond_without mlogc
-
-Summary: Security module for the Apache HTTP Server
-Name: mod_security
-Version: 2.9.7
-Release: 4%{?dist}
-License: Apache-2.0
-URL: http://www.modsecurity.org/
-Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz
-Source1: mod_security.conf
-Source2: 10-mod_security.conf
-Source3: modsecurity_localrules.conf
-Patch0: modsecurity-2.9.3-lua-54.patch
-Patch1: modsecurity-2.9.3-apulibs.patch
-Patch2: mod_security-2.9.3-remote-rules-timeout.patch
-Patch3: mod_security-2.9.7-send_error_bucket.patch
-
-Requires: httpd httpd-mmn = %{_httpd_mmn}
-%if 0%{?fedora} || 0%{?rhel} > 7
-# Ensure apache user exists for file ownership
-Requires(pre): httpd-filesystem
-%endif
-
-BuildRequires: gcc, make, autoconf, automake, libtool
-BuildRequires: httpd-devel
-BuildRequires: perl-generators
-BuildRequires: pcre2-devel
-BuildRequires: pkgconfig(libcurl)
-BuildRequires: pkgconfig(libxml-2.0)
-BuildRequires: pkgconfig(lua)
-
-# Workarround for EL6
-%if 0%{?el6}
-BuildRequires: yajl-devel
-%else
-BuildRequires: pkgconfig(yajl)
-%endif
-
-
-%description
-ModSecurity is an open source intrusion detection and prevention engine
-for web applications. It operates embedded into the web server, acting
-as a powerful umbrella - shielding web applications from attacks.
-
-%if %{with mlogc}
-%package mlogc
-Summary: ModSecurity Audit Log Collector
-Requires: mod_security
-%if 0%{?fedora} || 0%{?rhel} > 7
-# Ensure apache user exists for file ownership
-Requires(pre): httpd-filesystem
-%endif
-
-%description mlogc
-This package contains the ModSecurity Audit Log Collector.
-%endif
-
-%prep
-%autosetup -p1 -n modsecurity-%{version}
-
-%build
-./autogen.sh
-%configure --enable-pcre-match-limit=1000000 \
- --enable-pcre-match-limit-recursion=1000000 \
- --with-apxs=%{_httpd_apxs} \
- --with-yajl \
- --with-pcre2 \
- --disable-static
-
-# remove rpath
-sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
-sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
-
-make %{_smp_mflags}
-
-%check
-# Test suite does not start because of some issue in shipped httpd config (fix upstreamed in PR #669)
-# After the fix, the test suite starts but still fails
-#make test
-#make test-regression
-
-%install
-install -d %{buildroot}%{_sbindir}
-install -d %{buildroot}%{_bindir}
-install -d %{buildroot}%{_httpd_moddir}
-install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/
-install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules
-install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules
-
-install -m0755 apache2/.libs/mod_security2.so %{buildroot}%{_httpd_moddir}/mod_security2.so
-
-%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
-# 2.4-style
-install -Dp -m0644 %{SOURCE2} %{buildroot}%{_httpd_modconfdir}/10-mod_security.conf
-install -Dp -m0644 %{SOURCE1} %{buildroot}%{_httpd_confdir}/mod_security.conf
-sed -i 's/Include/IncludeOptional/' %{buildroot}%{_httpd_confdir}/mod_security.conf
-%else
-# 2.2-style
-install -d -m0755 %{buildroot}%{_httpd_confdir}
-cat %{SOURCE2} %{SOURCE1} > %{buildroot}%{_httpd_confdir}/mod_security.conf
-%endif
-install -m 700 -d $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}
-
-# Local rules example
-install -Dp -m0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules/
-
-# mlogc
-%if %{with mlogc}
-install -d %{buildroot}%{_localstatedir}/log/mlogc
-install -d %{buildroot}%{_localstatedir}/log/mlogc/data
-install -m0755 mlogc/mlogc %{buildroot}%{_bindir}/mlogc
-install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load
-install -m0644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf
-%endif
-
-
-%files
-%doc CHANGES LICENSE README.* NOTICE
-%{_httpd_moddir}/mod_security2.so
-%config(noreplace) %{_httpd_confdir}/*.conf
-%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
-%config(noreplace) %{_httpd_modconfdir}/*.conf
-%endif
-%dir %{_sysconfdir}/httpd/modsecurity.d
-%dir %{_sysconfdir}/httpd/modsecurity.d/activated_rules
-%dir %{_sysconfdir}/httpd/modsecurity.d/local_rules
-%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/local_rules/*.conf
-%attr(770,apache,root) %dir %{_localstatedir}/lib/%{name}
-
-%if %{with mlogc}
-%files mlogc
-%doc mlogc/INSTALL
-%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/mlogc.conf
-%attr(0755,root,root) %dir %{_localstatedir}/log/mlogc
-%attr(0770,root,apache) %dir %{_localstatedir}/log/mlogc/data
-%attr(0755,root,root) %{_bindir}/mlogc
-%attr(0755,root,root) %{_bindir}/mlogc-batch-load
-%endif
-
-%changelog
-* Tue Jan 02 2024 Tomas Korbar - 2.9.7-4
-- Clear original response code in send_error_bucket function
-
-* Thu Jul 20 2023 Fedora Release Engineering - 2.9.7-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
-
-* Fri Jun 02 2023 Luboš Uhliarik - 2.9.7-2
-- SPDX migration
-
-* Thu Apr 13 2023 Luboš Uhliarik - 2.9.7-1
-- new version 2.9.7
-- use pcre2 instead of deprecated pcre (rhbz #2128330)
-
-* Thu Jan 19 2023 Fedora Release Engineering - 2.9.6-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Wed Sep 14 2022 Luboš Uhliarik - 2.9.6-1
-- new version 2.9.6
-
-* Wed Aug 31 2022 Luboš Uhliarik - 2.9.5-1
-- new version 2.9.5
-
-* Thu Jul 21 2022 Fedora Release Engineering - 2.9.4-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Thu Jan 20 2022 Fedora Release Engineering - 2.9.4-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Wed Aug 18 2021 Luboš Uhliarik - 2.9.4-1
-- new version 2.9.4
-
-* Thu Jul 22 2021 Fedora Release Engineering - 2.9.3-11
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Tue Jan 26 2021 Fedora Release Engineering - 2.9.3-10
-- Resolves: #1930664 - RFE: Add a feature that can set a mod_security/libcurl
- timeout for retrieving the rules
-- rename mlogc to mod_security-mlogc
-
-* Fri Jan 22 2021 Joe Orton - 2.9.3-8
-- don't link against redundant apr-util dependent libraries
-
-* Sat Aug 08 2020 Othman Madjoudj - 2.9.3-7
-- Add a patch to fix build with Lua 5.4 until we completely switch to mod_sec3 as default
-
-* Sat Aug 01 2020 Fedora Release Engineering - 2.9.3-6
-- Second attempt - Rebuilt for
- https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Tue Jul 28 2020 Fedora Release Engineering - 2.9.3-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Wed Jan 29 2020 Fedora Release Engineering - 2.9.3-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Thu Jul 25 2019 Fedora Release Engineering - 2.9.3-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Fri Feb 01 2019 Fedora Release Engineering - 2.9.3-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Sun Dec 09 2018 Athmane Madjoudj - 2.9.3-1
-- Update to 2.9.3
-
-* Fri Nov 16 2018 Joe Orton - 2.9.2-7
-- Requires(pre): httpd-filesystem to ensure apache user exists
-- enable mlogc everywhere, use buildcond to disable
-
-* Fri Jul 13 2018 Fedora Release Engineering - 2.9.2-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Sun Feb 18 2018 Athmane Madjoudj - 2.9.2-5
-- Add gcc and make as BR (minimal buildroot change)
-
-* Thu Feb 08 2018 Fedora Release Engineering - 2.9.2-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Thu Aug 03 2017 Fedora Release Engineering - 2.9.2-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Wed Jul 26 2017 Fedora Release Engineering - 2.9.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Fri Jul 21 2017 Athmane Madjoudj - 2.9.2-1
-- Update to 2.9.2
-
-* Fri Feb 10 2017 Fedora Release Engineering - 2.9.1-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
-
-* Wed Mar 09 2016 Athmane Madjoudj 2.9.1-1
-- Update to final 2.9.1
-- Minor spec fix.
-
-* Tue Mar 08 2016 Athmane Madjoudj 2.9.1-0.1.rc1
-- Add workaround for el6
-
-* Tue Mar 08 2016 Athmane Madjoudj 2.9.1-0.rc1
-- Update to 2.9.1-rc1
-- Remove upstreamed patch
-
-* Thu Feb 04 2016 Fedora Release Engineering - 2.9.0-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
-
-* Fri Oct 02 2015 Athmane Madjoudj 2.9.0-5
-- Update BuildRequires using pkgconfig name schema
-
-* Tue Sep 01 2015 Athmane Madjoudj 2.9.0-4
-- Add yajl support
-
-* Wed Jun 17 2015 Fedora Release Engineering - 2.9.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
-
-* Fri Feb 13 2015 Athmane Madjoudj 2.9.0-2
-- Remove curl version dep. since it no longer required
-
-* Fri Feb 13 2015 Athmane Madjoudj 2.9.0-1
-- Update to 2.9.0
-- Remove backported patch
-- Add patch to fix lua 5.3 build issue (PR #837)
-
-* Tue Nov 04 2014 Athmane Madjoudj 2.8.0-7
-- Make sure mod_security is built with correct curl version
-
-* Mon Nov 03 2014 Athmane Madjoudj 2.8.0-6
-- Changes the default SSL version to TLS 1.2 since SSLv3 is vulnerable to poodle
-
-* Sun Aug 17 2014 Fedora Release Engineering - 2.8.0-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
-
-* Fri Aug 15 2014 Athmane Madjoudj 2.8.0-4
-- Add support for user-provided configurations and rules (rhbz #1129843)
-
-* Sat Jun 07 2014 Fedora Release Engineering - 2.8.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-
-* Wed Apr 16 2014 Athmane Madjoudj 2.8.0-1
-- Update to 2.8.0 Final
-
-* Thu Apr 03 2014 Athmane Madjoudj 2.8.0-0.rc1
-- Update to 2.8.0-RC1
-
-* Tue Mar 04 2014 Athmane Madjoudj 2.7.7-6
-- Fix status code in the configuration file (upstream PR #666)
-
-* Sat Mar 01 2014 Athmane Madjoudj 2.7.7-5
-- Fix rpmlint warnings
-
-* Thu Feb 27 2014 Athmane Madjoudj 2.7.7-4
-- Add check section
-
-* Sat Feb 22 2014 Athmane Madjoudj 2.7.7-3
-- Fix bogus date in chanelog
-
-* Thu Jan 23 2014 Joe Orton - 2.7.7-2
-- fix _httpd_mmn expansion in absence of httpd-devel
-
-* Thu Dec 19 2013 Athmane Madjoudj 2.7.7-1
-- Update to 2.7.7
-- Fix the spec file since upstream fixed the bugs reported.
-
-* Tue Dec 17 2013 Athmane Madjoudj 2.7.6-2
-- Add autotools deps
-
-* Tue Dec 17 2013 Athmane Madjoudj 2.7.6-1
-- Update to 2.7.6
-- Fix spec since upstream will only provide tarball via Github
-
-* Sat Aug 03 2013 Petr Pisar - 2.7.5-2
-- Perl 5.18 rebuild
-
-* Tue Jul 30 2013 Athmane Madjoudj 2.7.5-1
-- Update to 2.7.5
-
-* Thu Jul 18 2013 Petr Pisar - 2.7.4-2
-- Perl 5.18 rebuild
-
-* Tue May 28 2013 Athmane Madjoudj 2.7.4-1
-- Update to 2.7.4
-- Drop non required patch
-
-* Tue May 28 2013 Athmane Madjoudj 2.7.3-2
-- Fix NULL pointer dereference (DoS, crash) (CVE-2013-2765) (RHBZ #967615)
-- Fix a possible memory leak.
-
-* Sat Mar 30 2013 Athmane Madjoudj 2.7.3-1
-- Update to 2.7.3
-
-* Fri Jan 25 2013 Athmane Madjoudj 2.7.2-1
-- Update to 2.7.2
-- Update source url in the spec.
-
-* Thu Nov 22 2012 Athmane Madjoudj 2.7.1-5
-- Use conditional for loading mod_unique_id (rhbz #879264)
-- Fix syntax errors on httpd 2.4.x by using IncludeOptional (rhbz #879264, comment #2)
-
-* Mon Nov 19 2012 Peter Vrabec 2.7.1-4
-- mlogc subpackage is not provided on RHEL7
-
-* Thu Nov 15 2012 Athmane Madjoudj 2.7.1-3
-- Add some missing directives RHBZ #569360
-- Fix multipart/invalid part ruleset bypass issue (CVE-2012-4528)
- (RHBZ #867424, #867773, #867774)
-
-* Thu Nov 15 2012 Athmane Madjoudj 2.7.1-2
-- Fix mod_security.conf
-
-* Thu Nov 15 2012 Athmane Madjoudj 2.7.1-1
-- Update to 2.7.1
-- Remove libxml2 build patch (upstreamed)
-- Update spec since upstream moved to github
-
-* Thu Oct 18 2012 Athmane Madjoudj 2.7.0-2
-- Add a patch to fix failed build against libxml2 >= 2.9.0
-
-* Wed Oct 17 2012 Athmane Madjoudj 2.7.0-1
-- Update to 2.7.0
-
-* Fri Sep 28 2012 Athmane Madjoudj 2.6.8-1
-- Update to 2.6.8
-
-* Wed Sep 12 2012 Athmane Madjoudj 2.6.7-2
-- Re-add mlogc sub-package for epel (#856525)
-
-* Sat Aug 25 2012 Athmane Madjoudj 2.6.7-1
-- Update to 2.6.7
-
-* Sat Aug 25 2012 Athmane Madjoudj 2.6.7-1
-- Update to 2.6.7
-
-* Fri Jul 20 2012 Fedora Release Engineering - 2.6.6-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
-
-* Fri Jun 22 2012 Peter Vrabec - 2.6.6-2
-- mlogc subpackage is not provided on RHEL
-
-* Thu Jun 21 2012 Peter Vrabec - 2.6.6-1
-- upgrade
-
-* Mon May 7 2012 Joe Orton - 2.6.5-3
-- packaging fixes
-
-* Fri Apr 27 2012 Peter Vrabec 2.6.5-2
-- fix license tag
-
-* Thu Apr 05 2012 Peter Vrabec 2.6.5-1
-- upgrade & move rules into new package mod_security_crs
-
-* Fri Feb 10 2012 Petr Pisar - 2.5.13-3
-- Rebuild against PCRE 8.30
-- Do not install non-existing files
-
-* Fri Jan 13 2012 Fedora Release Engineering - 2.5.13-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
-
-* Tue May 3 2011 Michael Fleming - 2.5.13-1
-- Newer upstream version
-
-* Wed Jun 30 2010 Michael Fleming - 2.5.12-3
-- Fix log dirs and files ordering per bz#569360
-
-* Thu Apr 29 2010 Michael Fleming - 2.5.12-2
-- Fix SecDatadir and minimal config per bz #569360
-
-* Sat Feb 13 2010 Michael Fleming - 2.5.12-1
-- Update to latest upstream release
-- SECURITY: Fix potential rules bypass and denial of service (bz#563576)
-
-* Fri Nov 6 2009 Michael Fleming - 2.5.10-2
-- Fix rules and Apache configuration (bz#533124)
-
-* Thu Oct 8 2009 Michael Fleming - 2.5.10-1
-- Upgrade to 2.5.10 (with Core Rules v2)
-
-* Sat Jul 25 2009 Fedora Release Engineering - 2.5.9-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
-
-* Thu Mar 12 2009 Michael Fleming 2.5.9-1
-- Update to upstream release 2.5.9
-- Fixes potential DoS' in multipart request and PDF XSS handling
-
-* Wed Feb 25 2009 Fedora Release Engineering - 2.5.7-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
-
-* Mon Dec 29 2008 Michael Fleming 2.5.7-1
-- Update to upstream 2.5.7
-- Reinstate mlogc
-
-* Sat Aug 2 2008 Michael Fleming 2.5.6-1
-- Update to upstream 2.5.6
-- Remove references to mlogc, it no longer ships in the main tarball.
-- Link correctly vs. libxml2 and lua (bz# 445839)
-- Remove bogus LoadFile directives as they're no longer needed.
-
-* Sun Apr 13 2008 Michael Fleming 2.1.7-1
-- Update to upstream 2.1.7
-
-* Sat Feb 23 2008 Michael Fleming 2.1.6-1
-- Update to upstream 2.1.6 (Extra features including SecUploadFileMode)
-
-* Tue Feb 19 2008 Fedora Release Engineering - 2.1.5-3
-- Autorebuild for GCC 4.3
-
-* Sun Jan 27 2008 Michael Fleming 2.1.5-2
-- Update to 2.1.5 (bz#425986)
-- "blocking" -> "optional_rules" per tarball ;-)
-
-
-* Thu Sep 13 2007 Michael Fleming 2.1.3-1
-- Update to 2.1.3
-- Update License tag per guidelines.
-
-* Mon Sep 3 2007 Joe Orton 2.1.1-3
-- rebuild for fixed 32-bit APR (#254241)
-
-* Wed Aug 29 2007 Fedora Release Engineering - 2.1.1-2
-- Rebuild for selinux ppc32 issue.
-
-* Tue Jun 19 2007 Michael Fleming 2.1.1-1
-- New upstream release
-- Drop ASCIIZ rule (fixed upstream)
-- Re-enable protocol violation/anomalies rules now that REQUEST_FILENAME
- is fixed upstream.
-
-* Sun Apr 1 2007 Michael Fleming 2.1.0-3
-- Automagically configure correct library path for libxml2 library.
-- Add LoadModule for mod_unique_id as the logging wants this at runtime
-
-* Mon Mar 26 2007 Michael Fleming 2.1.0-2
-- Fix DSO permissions (bz#233733)
-
-* Tue Mar 13 2007 Michael Fleming 2.1.0-1
-- New major release - 2.1.0
-- Fix CVE-2007-1359 with a local rule courtesy of Ivan Ristic
-- Addition of core ruleset
-- (Build)Requires libxml2 and pcre added.
-
-* Sun Sep 3 2006 Michael Fleming 1.9.4-2
-- Rebuild
-- Fix minor longstanding braino in included sample configuration (bz #203972)
-
-* Mon May 15 2006 Michael Fleming 1.9.4-1
-- New upstream release
-
-* Tue Apr 11 2006 Michael Fleming 1.9.3-1
-- New upstream release
-- Trivial spec tweaks
-
-* Wed Mar 1 2006 Michael Fleming 1.9.2-3
-- Bump for FC5
-
-* Fri Feb 10 2006 Michael Fleming 1.9.2-2
-- Bump for newer gcc/glibc
-
-* Wed Jan 18 2006 Michael Fleming 1.9.2-1
-- New upstream release
-
-* Fri Dec 16 2005 Michael Fleming 1.9.1-2
-- Bump for new httpd
-
-* Thu Dec 1 2005 Michael Fleming 1.9.1-1
-- New release 1.9.1
-
-* Wed Nov 9 2005 Michael Fleming 1.9-1
-- New stable upstream release 1.9
-
-* Sat Jul 9 2005 Michael Fleming 1.8.7-4
-- Add Requires: httpd-mmn to get the appropriate "module magic" version
- (thanks Ville Skytta)
-- Disabled an overly-agressive rule or two..
-
-* Sat Jul 9 2005 Michael Fleming 1.8.7-3
-- Correct Buildroot
-- Some sensible and safe rules for common apps in mod_security.conf
-
-* Thu May 19 2005 Michael Fleming 1.8.7-2
-- Don't strip the module (so we can get a useful debuginfo package)
-
-* Thu May 19 2005 Michael Fleming 1.8.7-1
-- Initial spin for Extras
diff --git a/modsecurity-2.9.3-apulibs.patch b/modsecurity-2.9.3-apulibs.patch
deleted file mode 100644
index bde44bb..0000000
--- a/modsecurity-2.9.3-apulibs.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-
-Strip redundant APR-util dependent libraries, it is sufficient to link against -laprutil-1.
-
---- modsecurity-2.9.3/build/find_apu.m4.apulibs
-+++ modsecurity-2.9.3/build/find_apu.m4
-@@ -59,7 +59,7 @@
- APU_CFLAGS="`${APU_CONFIG} --includes`"
- if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu CFLAGS: $APU_CFLAGS); fi
- APU_LDFLAGS="`${APU_CONFIG} --ldflags`"
-- APU_LDFLAGS="$APU_LDFLAGS `${APU_CONFIG} --libs`"
-+ APU_LDFLAGS="$APU_LDFLAGS `${APU_CONFIG} --avoid-ldap --avoid-dbm --libs`"
- if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDFLAGS: $APU_LDFLAGS); fi
- APU_LDADD="`${APU_CONFIG} --link-libtool`"
- if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDADD: $APU_LDADD); fi
diff --git a/modsecurity-2.9.3-lua-54.patch b/modsecurity-2.9.3-lua-54.patch
deleted file mode 100644
index ca6e560..0000000
--- a/modsecurity-2.9.3-lua-54.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-diff -ru modsecurity-2.9.3/apache2/msc_lua.c modsecurity-2.9.3-lua-patch/apache2/msc_lua.c
---- modsecurity-2.9.3/apache2/msc_lua.c 2018-12-04 18:49:37.000000000 +0000
-+++ modsecurity-2.9.3-lua-patch/apache2/msc_lua.c 2020-08-08 16:55:14.936045777 +0000
-@@ -429,12 +429,12 @@
- #else
-
- /* Create new state. */
--#if LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 501
-+#if LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 501 || LUA_VERSION_NUM == 504
- L = luaL_newstate();
- #elif LUA_VERSION_NUM == 500
- L = lua_open();
- #else
--#error We are only tested under Lua 5.0, 5.1, 5.2, or 5.3.
-+#error We are only tested under Lua 5.0, 5.1, 5.2, 5.3 or 5.4.
- #endif
- luaL_openlibs(L);
-
-@@ -459,10 +459,10 @@
- /* Register functions. */
- #if LUA_VERSION_NUM == 500 || LUA_VERSION_NUM == 501
- luaL_register(L, "m", mylib);
--#elif LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503
-+#elif LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 504
- luaL_setfuncs(L, mylib, 0);
- #else
--#error We are only tested under Lua 5.0, 5.1, 5.2, or 5.3.
-+#error We are only tested under Lua 5.0, 5.1, 5.2, 5.3 or 5.4.
- #endif
-
- lua_setglobal(L, "m");
diff --git a/modsecurity_localrules.conf b/modsecurity_localrules.conf
deleted file mode 100644
index 983d7df..0000000
--- a/modsecurity_localrules.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# User defined rules and settings .
-#
-# You can use this file/directory to drop your local rules or
-# to remove some rules provided by mod_security_crs package with SecRuleRemoveById
-#
-# You can also disable mod_security for some incompatible web applications (eg. phpMyAdmin).
-#
-#
-
diff --git a/sources b/sources
deleted file mode 100644
index 9eee122..0000000
--- a/sources
+++ /dev/null
@@ -1 +0,0 @@
-SHA512 (modsecurity-2.9.7.tar.gz) = a333d142f0dedf332a3cccca8267ccf9193cd4ad5a026b3cdbe0713dd1f3edde33739eae8baced2c63409cc0b220001e0a226ea032874a97c08e4065eb1fbdd5