The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.6.4 Release.

The stability of this release must be good and it includes some bug fixes. Mlogc old 100% cpu consume bug appears to be fixed now.
A new bug related to ctl:updateTargetByID was fixed, making apache memory grow.
The last release has a bug when reloading data from session and user collections, users running rules that use those collection must upgrade to this version.
Please see the release notes included into CHANGES file.

For known problems and more information about bug fixes, please see the online ModSecurity Jira. Please report any bug to


Breno Silva