This is the offical release for mod_security 2.5.9

Changelog
* Fixed parsing multipart content with a missing part header name which
would crash Apache. Discovered by "Internet Security Auditors"
(isecauditors.com).

* Added ability to specify the config script directly using --with-apr
and --with-apu.

* Updated copyright year to 2009.

* Added macro expansion for append/prepend action.

* Fixed race condition in concurrent updates of persistent counters. Updates
are now atomic.

* Cleaned up build, adding an option for verbose configure output and making
the mlogc build more portable.

* Fixed PDF XSS issue where a non-GET request for a PDF file would crash the
Apache httpd process. Discovered by Steve Grubb at Red Hat.

* Removed an invalid "Internal error: Issuing "%s" for unspecified error."
message that was logged when denying with nolog/noauditlog set and
causing the request to be audited.

To upgrade:

yum upgrade mod_security