6 changed files with 349 additions and 41 deletions
--- a/SOURCES/mod_security-2.9.3-remote-rules-timeout.patch
+++ b/SOURCES/mod_security-2.9.3-remote-rules-timeout.patch
@ -1,8 +1,8 @@
 diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c
-index ce97950..5d4e9b5 100644
+index 80f8f2b..7912d84 100644
 --- a/apache2/apache2_config.c
 +++ b/apache2/apache2_config.c
-@@ -2345,6 +2345,24 @@ static const char *cmd_remote_rules(cmd_parms *cmd, void *_dcfg, const char *p1,
+@@ -2354,6 +2354,24 @@ static const char *cmd_remote_rules(cmd_parms *cmd, void *_dcfg, const char *p1,
 }
 
 
@ -27,7 +27,7 @@ index ce97950..5d4e9b5 100644
 static const char *cmd_status_engine(cmd_parms *cmd, void *_dcfg, const char *p1)
 {
     if (strcasecmp(p1, "on") == 0) {
-@@ -3658,6 +3677,14 @@ const command_rec module_directives[] = {
+@@ -3667,6 +3685,14 @@ const command_rec module_directives[] = {
         "Abort or Warn"
     ),
 
@ -43,7 +43,7 @@ index ce97950..5d4e9b5 100644
     AP_INIT_TAKE1 (
         "SecXmlExternalEntity",
 diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c
-index b6e98e9..1410ac7 100644
+index 7bb215e..c155495 100644
 --- a/apache2/mod_security2.c
 +++ b/apache2/mod_security2.c
@@ -79,6 +79,8 @@ msc_remote_rules_server DSOLOCAL *remote_rules_server = NULL;
@ -56,7 +56,7 @@ index b6e98e9..1410ac7 100644
 int DSOLOCAL status_engine_state = STATUS_ENGINE_DISABLED;
 
 diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h
-index f170034..d9de1f0 100644
+index f24bc75..8bcd453 100644
 --- a/apache2/modsecurity.h
 +++ b/apache2/modsecurity.h
@@ -150,6 +150,7 @@ extern DSOLOCAL msc_remote_rules_server *remote_rules_server;
@ -68,10 +68,10 @@ index f170034..d9de1f0 100644
 extern DSOLOCAL int status_engine_state;
 
 diff --git a/apache2/msc_remote_rules.c b/apache2/msc_remote_rules.c
-index 8a6df9e..af437d1 100644
+index 99968f0..b8db13e 100644
 --- a/apache2/msc_remote_rules.c
 +++ b/apache2/msc_remote_rules.c
-@@ -353,6 +353,11 @@ int msc_remote_download_content(apr_pool_t *mp, const char *uri, const char *key
+@@ -358,6 +358,11 @@ int msc_remote_download_content(apr_pool_t *mp, const char *uri, const char *key
         /* We want Curl to return error in case there is an HTTP error code */
         curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1);
 
--- a/SOURCES/mod_security-2.9.6-CVE-2025-48866.patch
+++ b/SOURCES/mod_security-2.9.6-CVE-2025-48866.patch
@ -0,0 +1,25 @@
+From 614c6e18a734bd31a483abc2fa2faf217dcb81c3 Mon Sep 17 00:00:00 2001
+From: Ervin Hegedus <airween@gmail.com>
+Date: Sat, 24 May 2025 12:04:39 +0200
+Subject: [PATCH] fix: add ARGS to sanitize list only if it's not added yet in
+ case of sanitizeArg
+
+---
+ apache2/re_actions.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/apache2/re_actions.c b/apache2/re_actions.c
+index 4a922d27f..febc4759e 100644
+--- a/apache2/re_actions.c
+++ b/apache2/re_actions.c
+@@ -1455,8 +1455,9 @@ static apr_status_t msre_action_sanitizeArg_execute(modsec_rec *msr, apr_pool_t
+     for (i = 0; i < tarr->nelts; i++) {
+         msc_arg *arg = (msc_arg *)telts[i].val;
+ 
+-        if (strcasecmp(sargname, arg->name) == 0) {
+        if (arg->marked_for_sanitization == 0 && strcasecmp(sargname, arg->name) == 0) {
+             apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
+            arg->marked_for_sanitization = 1;
+         }
+     }
+ 
--- a/SOURCES/mod_security-2.9.6-move-log-opening.patch
+++ b/SOURCES/mod_security-2.9.6-move-log-opening.patch
@ -0,0 +1,190 @@
+From bec33810e95ac9ae4d05c74a7fd8cedb61224ca2 Mon Sep 17 00:00:00 2001
+From: Tomas Korbar <tkorbar@redhat.com>
+Date: Wed, 9 Oct 2024 14:39:14 +0200
+Subject: [PATCH] Move log opening to appropriate execution phase
+
+When piped logs are opened during parsing of configuration
+it results in unexpected situations in apache httpd
+and can cause hang of process which is trying to log
+into auditlog.
+
+Code should work as before, with the exception of
+one additional condition evaluation when primary
+audit log is not set and secondary audit log
+path to piped executable is now not relative
+to server root.
+---
+ apache2/apache2_config.c | 58 ----------------------------------------
+ apache2/mod_security2.c  |  1 +
+ apache2/msc_logging.c    | 52 +++++++++++++++++++++++++++++++++++
+ apache2/msc_logging.h    |  3 +++
+ 4 files changed, 56 insertions(+), 58 deletions(-)
+
+diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c
+index da10b4bfe6..8c2ebe3ba4 100644
+--- a/apache2/apache2_config.c
+++ b/apache2/apache2_config.c
+@@ -1239,35 +1239,6 @@ static const char *cmd_audit_log(cmd_parms *cmd, void *_dcfg, const char *p1)
+     directory_config *dcfg = _dcfg;
+ 
+     dcfg->auditlog_name = (char *)p1;
+-
+-    if (dcfg->auditlog_name[0] == '|') {
+-        const char *pipe_name = dcfg->auditlog_name + 1;
+-        piped_log *pipe_log;
+-
+-        pipe_log = ap_open_piped_log(cmd->pool, pipe_name);
+-        if (pipe_log == NULL) {
+-            return apr_psprintf(cmd->pool, "ModSecurity: Failed to open the audit log pipe: %s",
+-                    pipe_name);
+-        }
+-        dcfg->auditlog_fd = ap_piped_log_write_fd(pipe_log);
+-    }
+-    else {
+-        const char *file_name = ap_server_root_relative(cmd->pool, dcfg->auditlog_name);
+-        apr_status_t rc;
+-        
+-        if (dcfg->auditlog_fileperms == NOT_SET) {
+-            dcfg->auditlog_fileperms = CREATEMODE;
+-        }
+-        rc = apr_file_open(&dcfg->auditlog_fd, file_name,
+-                APR_WRITE | APR_APPEND | APR_CREATE | APR_BINARY,
+-                dcfg->auditlog_fileperms, cmd->pool);
+-
+-        if (rc != APR_SUCCESS) {
+-            return apr_psprintf(cmd->pool, "ModSecurity: Failed to open the audit log file: %s",
+-                    file_name);
+-        }
+-    }
+-
+     return NULL;
+ }
+ 
+@@ -1283,35 +1254,6 @@ static const char *cmd_audit_log2(cmd_parms *cmd, void *_dcfg, const char *p1)
+     }
+ 
+     dcfg->auditlog2_name = (char *)p1;
+-
+-    if (dcfg->auditlog2_name[0] == '|') {
+-        const char *pipe_name = ap_server_root_relative(cmd->pool, dcfg->auditlog2_name + 1);
+-        piped_log *pipe_log;
+-
+-        pipe_log = ap_open_piped_log(cmd->pool, pipe_name);
+-        if (pipe_log == NULL) {
+-            return apr_psprintf(cmd->pool, "ModSecurity: Failed to open the secondary audit log pipe: %s",
+-                    pipe_name);
+-        }
+-        dcfg->auditlog2_fd = ap_piped_log_write_fd(pipe_log);
+-    }
+-    else {
+-        const char *file_name = ap_server_root_relative(cmd->pool, dcfg->auditlog2_name);
+-        apr_status_t rc;
+-
+-        if (dcfg->auditlog_fileperms == NOT_SET) {
+-            dcfg->auditlog_fileperms = CREATEMODE;
+-        }
+-        rc = apr_file_open(&dcfg->auditlog2_fd, file_name,
+-                APR_WRITE | APR_APPEND | APR_CREATE | APR_BINARY,
+-                dcfg->auditlog_fileperms, cmd->pool);
+-
+-        if (rc != APR_SUCCESS) {
+-            return apr_psprintf(cmd->pool, "ModSecurity: Failed to open the secondary audit log file: %s",
+-                    file_name);
+-        }
+-    }
+-
+     return NULL;
+ }
+ 
+diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c
+index 1850191eb7..e257978b8f 100644
+--- a/apache2/mod_security2.c
+++ b/apache2/mod_security2.c
+@@ -1735,6 +1735,7 @@ static void register_hooks(apr_pool_t *mp) {
+ 
+     /* Logging */
+     ap_hook_error_log(hook_error_log, NULL, NULL, APR_HOOK_MIDDLE);
+    ap_hook_open_logs(modsec_open_logs, NULL, NULL, APR_HOOK_MIDDLE);
+     ap_hook_log_transaction(hook_log_transaction, NULL, transaction_afterme_list, APR_HOOK_MIDDLE);
+ 
+     /* Filter hooks */
+diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
+index 39588b10fa..b07732adb7 100644
+--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
+@@ -2316,3 +2316,55 @@ void sec_audit_logger(modsec_rec *msr) {
+     }
+     #endif
+ }
+
+static int open_audit_log(char *auditlog_name, unsigned char primary, apr_file_t **auditlog_fd,
+                          apr_fileperms_t *auditlog_fileperms, apr_pool_t *p) {
+    if (auditlog_name == NOT_SET_P) {
+        return OK;
+    }
+    if (auditlog_name[0] == '|') {
+        const char *pipe_name = auditlog_name + 1;
+        piped_log *pipe_log;
+
+        pipe_log = ap_open_piped_log(p, pipe_name);
+        if (pipe_log == NULL) {
+            ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
+                         "ModSecurity: Failed to open the %saudit log pipe: %s",
+                         primary ? "" : "secondary ", pipe_name);
+            return primary ? DONE : OK;
+        }
+        *auditlog_fd = ap_piped_log_write_fd(pipe_log);
+    }
+    else {
+        const char *file_name = ap_server_root_relative(p, auditlog_name);
+        apr_status_t rc;
+
+        if (*auditlog_fileperms == NOT_SET) {
+            *auditlog_fileperms = CREATEMODE;
+        }
+        rc = apr_file_open(auditlog_fd, file_name,
+                APR_WRITE | APR_APPEND | APR_CREATE | APR_BINARY,
+                *auditlog_fileperms, p);
+
+        if (rc != APR_SUCCESS) {
+            ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
+                         "ModSecurity: Failed to open the %saudit log file: %s",
+                         primary ? "" : "secondary ", file_name);
+            return primary ? DONE : OK;
+        }
+    }
+
+    return OK;
+}
+
+int modsec_open_logs(apr_pool_t *pconf, apr_pool_t *p, apr_pool_t *ptemp, server_rec *s_main) {
+    directory_config *dcfg = ap_get_module_config(s_main->lookup_defaults, &security2_module);
+
+    int primary_log_rc = open_audit_log(dcfg->auditlog_name, 1,
+                                        &dcfg->auditlog_fd, &dcfg->auditlog_fileperms, p);
+    if (primary_log_rc != OK) {
+        return primary_log_rc;
+    }
+    return open_audit_log(dcfg->auditlog2_name, 0,
+                          &dcfg->auditlog2_fd, &dcfg->auditlog_fileperms, p);
+}
+diff --git a/apache2/msc_logging.h b/apache2/msc_logging.h
+index 5378ddc659..d2e17fe237 100644
+--- a/apache2/msc_logging.h
+++ b/apache2/msc_logging.h
+@@ -43,6 +43,7 @@
+ #define AUDITLOG_PART_ENDMARKER             'Z'
+ 
+ #include "modsecurity.h"
+#include "httpd.h"
+ #include "apr_pools.h"
+ 
+ int DSOLOCAL is_valid_parts_specification(char *p);
+@@ -51,4 +52,6 @@ char DSOLOCAL *construct_log_vcombinedus_limited(modsec_rec *msr, int _limit, in
+ 
+ void DSOLOCAL sec_audit_logger(modsec_rec *msr);
+ 
+int modsec_open_logs(apr_pool_t *pconf, apr_pool_t *p, apr_pool_t *ptemp, server_rec *s_main);
+
+ #endif
+
--- a/SOURCES/modsecurity-2.9.3-apulibs.patch
+++ b/SOURCES/modsecurity-2.9.3-apulibs.patch
@ -0,0 +1,14 @@
+
+Strip redundant APR-util dependent libraries, it is sufficient to link against -laprutil-1.
+
+--- modsecurity-2.9.3/build/find_apu.m4.apulibs
+++ modsecurity-2.9.3/build/find_apu.m4
+@@ -59,7 +59,7 @@
+     APU_CFLAGS="`${APU_CONFIG} --includes`"
+     if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu CFLAGS: $APU_CFLAGS); fi
+     APU_LDFLAGS="`${APU_CONFIG} --ldflags`"
+-    APU_LDFLAGS="$APU_LDFLAGS `${APU_CONFIG} --libs`"
+    APU_LDFLAGS="$APU_LDFLAGS `${APU_CONFIG} --avoid-ldap --avoid-dbm --libs`"
+     if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDFLAGS: $APU_LDFLAGS); fi
+     APU_LDADD="`${APU_CONFIG} --link-libtool`"
+     if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDADD: $APU_LDADD); fi
--- a/SOURCES/modsecurity-2.9.3-lua-54.patch
+++ b/SOURCES/modsecurity-2.9.3-lua-54.patch
@ -0,0 +1,31 @@
+diff -ru modsecurity-2.9.3/apache2/msc_lua.c modsecurity-2.9.3-lua-patch/apache2/msc_lua.c
+--- modsecurity-2.9.3/apache2/msc_lua.c	2018-12-04 18:49:37.000000000 +0000
+++ modsecurity-2.9.3-lua-patch/apache2/msc_lua.c	2020-08-08 16:55:14.936045777 +0000
+@@ -429,12 +429,12 @@
+ #else
+ 
+     /* Create new state. */
+-#if LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 501
+#if LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 501 || LUA_VERSION_NUM == 504
+     L = luaL_newstate();
+ #elif LUA_VERSION_NUM == 500
+     L = lua_open();
+ #else
+-#error We are only tested under Lua 5.0, 5.1, 5.2, or 5.3.
+#error We are only tested under Lua 5.0, 5.1, 5.2, 5.3 or 5.4.
+ #endif
+     luaL_openlibs(L);
+ 
+@@ -459,10 +459,10 @@
+     /* Register functions. */
+ #if LUA_VERSION_NUM == 500 || LUA_VERSION_NUM == 501
+     luaL_register(L, "m", mylib);
+-#elif LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503
+#elif LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 504
+     luaL_setfuncs(L, mylib, 0);
+ #else
+-#error We are only tested under Lua 5.0, 5.1, 5.2, or 5.3.
+#error We are only tested under Lua 5.0, 5.1, 5.2, 5.3 or 5.4.
+ #endif
+ 
+     lua_setglobal(L, "m");
--- a/SPECS/mod_security.spec
+++ b/SPECS/mod_security.spec
@ -5,27 +5,35 @@
 %{!?_httpd_confdir:    %{expand: %%global _httpd_confdir    %%{_sysconfdir}/httpd/conf.d}}
 %{!?_httpd_moddir:    %{expand: %%global _httpd_moddir    %%{_libdir}/httpd/modules}}

-%global with_mlogc 1
+%bcond_without mlogc

 Summary: Security module for the Apache HTTP Server
-Name: mod_security 
+Name: mod_security
 Version: 2.9.6
-Release: 2%{?dist}
+Release: 4%{?dist}
 License: ASL 2.0
 URL: http://www.modsecurity.org/
-Group: System Environment/Daemons
 Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz
 Source1: mod_security.conf
 Source2: 10-mod_security.conf
 Source3: modsecurity_localrules.conf
-Patch1: mod_security-2.9.2-remote-rules-timeout.patch
-Patch3: mod_security-2.9.6-CVE-2025-47947.patch
+Patch0: modsecurity-2.9.3-lua-54.patch
+Patch1: modsecurity-2.9.3-apulibs.patch
+Patch2: mod_security-2.9.3-remote-rules-timeout.patch
+Patch3: mod_security-2.9.6-move-log-opening.patch
+
+# Security patches
+Patch100: mod_security-2.9.6-CVE-2025-47947.patch
+Patch101: mod_security-2.9.6-CVE-2025-48866.patch
+
 Requires: httpd httpd-mmn = %{_httpd_mmn}
-# To ensure correct file ownership
+%if 0%{?fedora} || 0%{?rhel} > 7
+# Ensure apache user exists for file ownership
 Requires(pre): httpd-filesystem
-BuildRequires: gcc
+%endif
+
+BuildRequires: gcc, make, autoconf, automake, libtool
 BuildRequires: httpd-devel
-BuildRequires: make
 BuildRequires: perl-generators
 BuildRequires: pkgconfig(libcurl)
 BuildRequires: pkgconfig(libpcre)
@ -36,7 +44,7 @@ BuildRequires: pkgconfig(lua)
 %if 0%{?el6}
 BuildRequires: yajl-devel
 %else
-BuildRequires: pkgconfig(yajl)  
+BuildRequires: pkgconfig(yajl)
 %endif


@ -45,28 +53,30 @@ ModSecurity is an open source intrusion detection and prevention engine
 for web applications. It operates embedded into the web server, acting
 as a powerful umbrella - shielding web applications from attacks.

-%if %with_mlogc
+%if %{with mlogc}
 %package        mlogc
 Summary:        ModSecurity Audit Log Collector
-Group:          System Environment/Daemons
-Requires:       mod_security%{?_isa} = %{version}-%{release}
+Requires:       mod_security
+%if 0%{?fedora} || 0%{?rhel} > 7
+# Ensure apache user exists for file ownership
 Requires(pre):  httpd-filesystem
+%endif

-%description    mlogc
+%description mlogc
 This package contains the ModSecurity Audit Log Collector.
 %endif

 %prep
-%setup -q -n modsecurity-%{version}
-%patch1 -p1 -b .remote-rules-timeout
-%patch3 -p1 -b .cve47947
+%autosetup -p1 -n modsecurity-%{version}

 %build
+./autogen.sh
 %configure --enable-pcre-match-limit=1000000 \
           --enable-pcre-match-limit-recursion=1000000 \
           --with-apxs=%{_httpd_apxs} \
           --with-yajl \
-           --enable-collection-global-lock
+           --disable-static
+
 # remove rpath
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
 sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
@ -105,7 +115,7 @@ install -m 700 -d $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}
 install -Dp -m0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules/

 # mlogc
-%if %with_mlogc
+%if %{with mlogc}
 install -d %{buildroot}%{_localstatedir}/log/mlogc
 install -d %{buildroot}%{_localstatedir}/log/mlogc/data
 install -m0755 mlogc/mlogc %{buildroot}%{_bindir}/mlogc
@ -127,7 +137,7 @@ install -m0644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf
 %config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/local_rules/*.conf
 %attr(770,apache,root) %dir %{_localstatedir}/lib/%{name}

-%if %with_mlogc
+%if %{with mlogc}
 %files mlogc
 %doc mlogc/INSTALL
 %attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/mlogc.conf
@ -138,27 +148,65 @@ install -m0644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf
 %endif

 %changelog
-* Thu May 29 2025 Joe Orton  <jorton@redhat.com> - 2.9.6-2
- add fix for CVE-2025-47947
- Resolves: RHEL-93005
+* Mon Oct 06 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-4
+- Resolves: RHEL-30628 - mod_security: httpd doesn't close read side of pipe
+  to rotatelogs for SecAuditLog leading to frozen state during graceful restart

-* Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-1
+* Tue Aug 19 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-3
+- Resolves: RHEL-100098 - mod_security: ModSecurity Denial of Service
+  Vulnerability (CVE-2025-48866)
+
+* Mon Aug 18 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-2
+- Resolves: RHEL-93014 - mod_security: ModSecurity Has Possible DoS
+  Vulnerability (CVE-2025-47947)
+
+* Wed Nov 16 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-1
 - new version 2.9.6
- Resolves: #2143207 - [RFE] upgrade mod_security to 2.9.6
+- Resolves: #2143211 - [RFE] upgrade mod_security to 2.9.6

-* Sun Nov 15 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.9.2-9
- Resolves: #1824859 - RFE: Add a feature that can set a mod_security/libcurl
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.9.3-12
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.9.3-11
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.3-10
+- Resolves: #1930664 - RFE: Add a feature that can set a mod_security/libcurl
  timeout for retrieving the rules
+- rename mlogc to mod_security-mlogc

-* Mon Dec 17 2018 Joe Orton <jorton@redhat.com> - 2.9.2-8
- enable collection global lock (#1650268)
+* Fri Jan 22 2021 Joe Orton <jorton@redhat.com> - 2.9.3-8
+- don't link against redundant apr-util dependent libraries

-* Wed Nov 28 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.9.2-7
- Related: #1650242 - mod_security-mlogc dropped
+* Sat Aug 08 2020 Othman Madjoudj <athmane@fedoraproject.org> - 2.9.3-7
+- Add a patch to fix build with Lua 5.4 until we completely switch to mod_sec3 as default

-* Thu Nov 15 2018 Joe Orton <jorton@redhat.com> - 2.9.2-6
- build -mlogc subpackage (#1650242)
- add httpd-filesystem as Requires(pre)
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.3-6
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.3-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Sun Dec 09 2018 Athmane Madjoudj <athmane@fedoraproject.org> - 2.9.3-1
+- Update to 2.9.3
+
+* Fri Nov 16 2018 Joe Orton <jorton@redhat.com> - 2.9.2-7
+- Requires(pre): httpd-filesystem to ensure apache user exists
+- enable mlogc everywhere, use buildcond to disable
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.2-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

 * Sun Feb 18 2018 Athmane Madjoudj <athmane@fedoraproject.org> - 2.9.2-5
 - Add gcc and make as BR (minimal buildroot change)