The Apache Haus Forum

Advanced search  

News:

Welcome to Apache Haus Distribution Forum

Pages: [1]   Go Down

Author Topic: Mod Security 2.9.3 released  (Read 14 times)

Gregg

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 839
Mod Security 2.9.3 released
« on: Today at 04:51:20 AM »

It's been a long time since 2.9.2 came out and I was beginning to wonder about this module.

Changes in version 2.9.3;

 * Allow 0 length JSON requests.
 * Include unanmed JSON values in unnamed ARGS
 * Fix buffer size for utf8toUnicode transformation
 * Fix sanitizing JSON request bodies in native audit log format
 * Add sanity check for a couple malloc() and make code more resilient
 * Fix mpm-itk / mod_ruid2 compatibility
 * Code cosmetics: checks if actionset is not null before use it
 * Only generate SecHashKey when SecHashEngine is On
 * Docs: Reformat README to Markdown and update dependencies
 * good practices: Initialize variables before use it
 * Let body parsers observe SecRequestBodyNoFilesLimit
 * potential off by one in parse_arguments
 * Fix utf-8 character encoding conversion
 * Fix ip tree lookup on netmask content
 * modsecurity.conf-recommended: Fix spelling
 * Fix arabic charset in unicode_mapping file
 * Optionally preallocates memory when SecStreamInBodyInspection is on
 * Fixes SecConnWriteStateLimit
 * Added "empy chunk" check
 * Add capture action to @detectXSS operator
 * Uses LOG_NO_STOPWATCH instead of DLOG_NO_STOPWATCH
 * Adds missing headers


You can get your copy of the new module from our download page.
Logged
Pages: [1]   Go Up
 

Sitemap 1 2 3 4 5 6 7 8 9 10 11 12 13