Revisions of apache2-mod_security2
buildservice-autocommit
accepted
request 1099113
from
Dirk Mueller (dirkmueller)
(revision 5)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 4)
- reenable tests - switch to SpiderLabs owasp 3.2.0 release (final release, upstream archived the project, please switch to coreruleset instead): * Various security fixes, see * https://raw.githubusercontent.com/SpiderLabs/owasp-modsecurity-crs/v3.2.0/CHANGES - introduce supply chain security by adding gpg signature and keyring
buildservice-autocommit
accepted
request 1098838
from
Dirk Mueller (dirkmueller)
(revision 3)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 2)
- update to 2.9.7: * Fix: FILES_TMP_CONTENT may sometimes lack complete content * Support configurable limit on number of arguments processed * Silence compiler warning about discarded const * Support for JIT option for PCRE2 * Use uid for user if apr_uid_name_get() fails * Fix: handle error with SecConnReadStateLimit configuration * Only check for pcre2 install if required * Adjustment of previous fix for log messages * Mark apache error log messages as from mod_security2 * Use pkg-config to find libxml2 first * Support for PCRE2 in mlogc * Support for PCRE2 * Adjust parser activation rules in modsecurity.conf- recommended * Multipart parsing fixes and new MULTIPART_PART_HEADERS collection * Limit rsub null termination to where necessary * IIS: Update dependencies for next planned release * XML parser cleanup: NULL duplicate pointer * Properly cleanup XML parser contexts upon completion * Fix memory leak in streams * Fix: negative usec on log line when data type long is 32b * mlogc log-line parsing fails due to enhanced timestamp * Allow no-key, single-value JSON body * Set SecStatusEngine Off in modsecurity.conf-recommended * Fix memory leak that occurs on JSON parsing error * Multipart names/filenames may include single quote if double- quote enclosed * Add SecRequestBodyJsonDepthLimit to modsecurity.conf-
Dirk Mueller (dirkmueller)
committed
(revision 1)
Displaying all 5 revisions