This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/OWASP ModSecurity Core Rule Set Project/Releases/ModSecurity 2.2.0"
From OWASP
Line 3: | Line 3: | ||
| project_home_page = :Category:OWASP ModSecurity Core Rule Set Project | | project_home_page = :Category:OWASP ModSecurity Core Rule Set Project | ||
− | | release_name = ModSecurity 2.2. | + | | release_name = ModSecurity 2.2.8 |
− | | release_date = | + | | release_date = 06/30/2013 |
| release_description = | | release_description = | ||
− | + | == Version 2.2.8 - 06/30/2013 == | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | - | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | Security Fixes: | |
− | - | + | |
− | + | Improvements: | |
− | - | + | * Updatd the /util directory structure |
− | - | + | * Added scripts to check Rule ID duplicates |
− | - | + | * Added script to remove v2.7 actions so older ModSecurity rules will work |
− | - | + | - https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/43 |
− | - | + | * Added new PHP rule (958977) to detect PHP exploits (Plesk 0-day from king cope) |
− | - Updated | + | - http://seclists.org/fulldisclosure/2013/Jun/21 |
− | https:// | + | - http://blog.spiderlabs.com/2013/06/honeypot-alert-active-exploits-attempts-for-plesk-vulnerability-.html |
− | - | + | |
− | - | + | |
− | + | Bug Fixes: | |
+ | * fix 950901 - word boundary added | ||
+ | - https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/48 | ||
+ | * fix regex error | ||
+ | - https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/44 | ||
+ | * Updated the Regex in 981244 to include word boundaries | ||
+ | - https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/36 | ||
+ | * Problem with Regression Test (Invalid use of backslash) - Rule 960911 - Test2 | ||
+ | - https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/34 | ||
+ | * ModSecurity: No action id present within the rule - ignore_static.conf | ||
+ | - https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/17 | ||
+ | * "Bad robots" rule blocks all Java applets on Windows XP machines | ||
+ | - https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/16 | ||
+ | * duplicated rules id 981173 | ||
+ | - https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/18 | ||
| release_license = [http://www.apache.org/licenses/LICENSE-2.0.txt Apache Software License v2 (ASLv2)] | | release_license = [http://www.apache.org/licenses/LICENSE-2.0.txt Apache Software License v2 (ASLv2)] | ||
− | | release_download_link = | + | | release_download_link = https://github.com/SpiderLabs/owasp-modsecurity-crs/releases/tag/2.2.8 |
| leader_name1 = Ryan Barnett | | leader_name1 = Ryan Barnett |
Latest revision as of 12:54, 28 August 2014
back to project home page
what | is this release? |
---|---|
ModSecurity 2.2.8 - 06/30/2013 - (download) | |
Release Description: == Version 2.2.8 - 06/30/2013 ==
Security Fixes: Improvements:
- https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/43
- http://seclists.org/fulldisclosure/2013/Jun/21 - http://blog.spiderlabs.com/2013/06/honeypot-alert-active-exploits-attempts-for-plesk-vulnerability-.html
- https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/48
- https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/44
- https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/36
- https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/34
- https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/17
- https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/16
- https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/18 | |
Release License: Apache Software License v2 (ASLv2) | |
who | worked on this release? |
Release Leader(s): | |
how | can you learn more? |
Release Notes: View | |
Release Rating: Projects/OWASP ModSecurity Core Rule Set Project/GPC/Assessment/ModSecurity 2.2.8 | |
Key Contacts | |
|