[Owasp-modsecurity-core-rule-set] Announcing Release of OWASPModSecurity Core Rule Set (CRS) v2.0.8

Ryan Barnett RBarnett at trustwave.com
Tue Aug 31 17:29:29 EDT 2010 

On 8/31/10 5:19 PM, "MARTIN, JASON (ATTSI)" <JM9991 at att.com> wrote:

> I believe this is a tar version compatibility issue:
> http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2007-05/msg00679.
> html
> 
> -Jason Martin
> 

Ah, could be.  This is what I had on my macbook -

$ tar --version
bsdtar 2.6.2 - libarchive 2.6.2

I just installed gnutar through ports.

$ gnutar --version
tar (GNU tar) 1.23
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by John Gilmore and Jay Fenlason.

I will try and post some new archives asap.



> 
> 
> -----Original Message-----
> From: owasp-modsecurity-core-rule-set-bounces at lists.owasp.org
> [mailto:owasp-modsecurity-core-rule-set-bounces at lists.owasp.org] On
> Behalf Of Ryan Barnett
> Sent: Tuesday, August 31, 2010 2:15 PM
> To: Christian Bockermann
> Cc: owasp-modsecurity-core-rule-set at lists.owasp.org
> Subject: Re: [Owasp-modsecurity-core-rule-set] Announcing Release of
> OWASPModSecurity Core Rule Set (CRS) v2.0.8
> 
> 
> On 8/31/10 4:53 PM, "Christian Bockermann" <chris at jwall.org> wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> 
>> 
>> Am 31.08.2010 um 22:39 schrieb Ryan Barnett:
>> 
>>>> and said tar file won't
>>>> extract under RHEL5 :(.
>>>> 
>>> Anyone else with problems?  I just downloaded it/extracted it fine.
>>> 
>>> 
> http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CUR
> RENT
>>> /modsecurity-crs_2.0.8.tar.gz/download
>>> 
>> 
>> 
>> Doesn't look too well on my CentOS either:
>> 
>> [chris at jwall ~]$ tar tzvf modsecurity-crs_2.0.8.tar.gz
>> tar: Ignoring unknown extended header keyword `SCHILY.dev'
>> tar: Ignoring unknown extended header keyword `SCHILY.ino'
>> tar: Ignoring unknown extended header keyword `SCHILY.nlink'
>> drwxr-xr-x rbarnett/234561557 0 2010-08-27 19:08:25
> modsecurity-crs_2.0.8/
>> tar: Ignoring unknown extended header keyword `SCHILY.dev'
>> tar: Ignoring unknown extended header keyword `SCHILY.ino'
>> tar: Ignoring unknown extended header keyword `SCHILY.nlink'
>> ...
>> - -rw-r--r-- rbarnett/234561557   2542 2010-08-27 18:59:49
>> modsecurity-crs_2.0.8/base_rules/modsecurity_crs_60_correlation.conf
>> tar: Error exit delayed from previous errors
>> 
> 
> 
> Hmm... Not sure what the issue could be.  I retested everything locally
> and
> also verified the MD5 hash of the tar/gz file on SF and re-downloaded
> and
> everything is fine.  Same issue with the ZIP archive?
> 
> 
> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
> 


--
Ryan Barnett
Senior Security Researcher
Trustwave - SpiderLabs
Email: rbarnett at trustwave.com
Phone: (703) 794-2248
Cell: (571) 382-0476
www.trustwave.com

This transmission may contain information that is privileged, confidential,
and/or exempt from disclosure under applicable law. If you are not the
intended recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including any
reliance thereon) is STRICTLY PROHIBITED. If you received this transmission
in error, please immediately contact the sender and destroy the material in
its entirety, whether in electronic or hard copy format. Thank you.

More information about the Owasp-modsecurity-core-rule-set mailing list