Forum Topics > Announcements

Mod Security 2.9.3 released


It's been a long time since 2.9.2 came out and I was beginning to wonder about this module.

Changes in version 2.9.3;

 * Allow 0 length JSON requests.
 * Include unanmed JSON values in unnamed ARGS
 * Fix buffer size for utf8toUnicode transformation
 * Fix sanitizing JSON request bodies in native audit log format
 * Add sanity check for a couple malloc() and make code more resilient
 * Fix mpm-itk / mod_ruid2 compatibility
 * Code cosmetics: checks if actionset is not null before use it
 * Only generate SecHashKey when SecHashEngine is On
 * Docs: Reformat README to Markdown and update dependencies
 * good practices: Initialize variables before use it
 * Let body parsers observe SecRequestBodyNoFilesLimit
 * potential off by one in parse_arguments
 * Fix utf-8 character encoding conversion
 * Fix ip tree lookup on netmask content
 * modsecurity.conf-recommended: Fix spelling
 * Fix arabic charset in unicode_mapping file
 * Optionally preallocates memory when SecStreamInBodyInspection is on
 * Fixes SecConnWriteStateLimit
 * Added "empy chunk" check
 * Add capture action to @detectXSS operator
 * Adds missing headers

You can get your copy of the new module from our download page.


[0] Message Index

Sitemap 1 2 3 4 5 6 7 8 9 10 11 12 13 
Go to full version