Package: wnpp Severity: wishlist Owner: Alberto Gonzalez Iniesta <[EMAIL PROTECTED]>
* Package name : libapache-mod-security2 Version : 2.5.x Upstream Author : Breach Security, Inc. (http://www.breach.com/) * URL : http://www.modsecurity.org/ * License : GPLv2 Programming Lang: C Description : Tighten web applications security for Apache Mod_security is an Apache 1.x/2.x module whose purpose is to tighten the Web application security. Effectively, it is an intrusion detection and prevention system for the web server. . At the moment its main features are: * Audit log; store full request details in a separate file, including POST payloads. * Request filtering; incoming requests can be analysed and offensive requests can be rejected (or simply logged, if that is what you want). This feature can be used to prevent many types of attacks (e.g. XSS attacks, SQL injection, ...) and even allow you to run insecure applications on your servers (if you have no other choice, of course). ********************** ** To: debian-legal ** ********************** I'm Cc'ing debian-legal because this package was removed from Debian [1] due to GPLv2 and Apache licences not being compatible [2][3]. After some threads in upstream's mailing list, great interest from users and some work from upstream [4], they (upstream) wrote a exception (draft) in order to get ModSecurity back to Debian [5]. So upstream is basically waiting the green light from -legal on this draft so the new release already includes it. I'm sending this ITP because I understand this exception should solve the problem and got positive feedback from other DDs. So please, if you see something wrong with this talk now or STFU forever :) Please Cc: me and Ivan since we're not subscribed. Thanks, Alberto [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=313615 [2] http://www.gnu.org/philosophy/license-list.html#GPLIncompatibleLicenses [3] http://www.thinkingstone.com/about/legal/licensing-clarifications.html [4] http://lists.debian.org/debian-legal/2008/01/msg00172.html [5] http://blog.modsecurity.org/2008/06/modsecurity-lic.html -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.25.6 (PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- Alberto Gonzalez Iniesta | They that give up essential liberty agi@(agi.as|debian.org) | to obtain a little temporary safety Encrypted mail preferred | deserve neither liberty nor safety. -- Benjamin Franklin Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
