Re: [Mod-security-developers] [mod-security-packagers] ModSecurity version 2.9.1-rc1 announcement

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi Robert,

Usually we wait 15 days between the RC and the real release. That depends on the amount of issues reported and how fast we address each of the issues.

Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com<http://www.trustwave.com/>

From: Robert Paprocki <rpa...@fe...<mailto:rpa...@fe...>>
Reply-To: "ro...@cr...<mailto:ro...@cr...>" <ro...@cr...<mailto:ro...@cr...>>, "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>>
Date: Thursday, February 11, 2016 at 11:15 AM
To: "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>>
Subject: Re: [Mod-security-developers] [mod-security-packagers] ModSecurity version 2.9.1-rc1 announcement

OOC, do we have a timeline for when the final non-RC 2.9.1 will be released?

On Thu, Feb 11, 2016 at 4:00 AM, Felipe Costa <FC...@tr...<mailto:FC...@tr...>> wrote:
Hi Walter,

Thanks for testing the release candidate. I will investigate this issue.

Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com<http://www.trustwave.com/>

From: Walter Hop <mo...@sp...<mailto:mo...@sp...>>
Reply-To: "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>>
Date: Wednesday, February 10, 2016 at 7:00 PM
To: "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>>
Subject: Re: [Mod-security-developers] [mod-security-packagers] ModSecurity version 2.9.1-rc1 announcement

Hi Felipe,

Thanks for the work on this release!
My regression tests on FreeBSD are good, JSON logging works, Lua 5.1/5.2/5.3 works.
I plan to remove the hard dependency on Lua 5.1 in our port.

The only thing I found so far in the RC is that the audit log is a bit dirty with extra Apache-Error log lines. I created an issue for this: https://github.com/SpiderLabs/ModSecurity/issues/1073<http://scanmail.trustwave.com/?c=4062&d=2p281jEwnc_Gd6p2jqSI30PDrRIPZIB4lVhpMMPZlA&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2fissues%2f1073>

I’ll give it a spin on some staging servers.

Br.!
WH

On 03 Feb 2016, at 18:17, Felipe Costa <FC...@tr...<mailto:FC...@tr...>> wrote:

Signed PGP part
Hi,

It is a pleasure to announce the first release candidate for ModSecurity
version 2.9.1. The version 2.9.1-RC1 contains fixes and new features.
The new features list includes audit logs in JSON format.

I would like to thank you all, that participate in the construction of
this release. A special thanks to the ones who sent patches and the ones
who participated on the community meetings, which helped to increase the
quality of our releases. Thank you.

The documentation of the new features is already available on our wiki
page: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual<http://scanmail.trustwave.com/?c=4062&d=2p281jEwnc_Gd6p2jqSI30PDrRIPZIB4lQRsM5WMkg&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2fwiki%2fReference-Manual>

The source and binaries (and the respective hashes) are available at:
https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.1-RC1<http://scanmail.trustwave.com/?c=4062&d=2p281jEwnc_Gd6p2jqSI30PDrRIPZIB4lV9pYZfaxQ&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2freleases%2ftag%2fv2%2e9%2e1-RC1>

The most important changes are listed bellow:

* New features

- Added support to generate audit logs in JSON format.
   [Issue #914, #897, #656 - Robert Paprocki]
- Extended Lua support to include version 5.3
   [Issue #837, #762, #814 - Athmane Madjoudj and ModSecurity team]
- mlogc: Allows user to choose between TLS versions (TLSProtocol option
   introduced).
   [Issue #881 - Ishwor Gurung]
- Allows mod_proxy's "nocanon" behavior to be specified in proxy actions.
   [Issue #1031, #961, #763 - Mario D. Santana and ModSecurity team]

* Bug fixes

- Creating AuditLog serial file (or parallel index) respecting the
   permission configured with SecAuditLogFileMode. Previously, it was
   used only to save the transactions while in parallel mode.
   [Issue #852 - @littlecho and ModSecurity team]
- Checking for hashing injection response, to report in case of failure.
   [Issue #1041 - ModSecurity team]
- Stop buffering when the request is larger than SecRequestBodyLimit
   in ProcessPartial mode
   [Issue #709, #705, #728 - Justin Gerace and ModSecurity team]
- Refactoring conditional #if/#defs directives.
   [Issue #996 - Wesley M and ModSecurity team]
- mlogc-batch-load.pl.in<http://scanmail.trustwave.com/?c=4062&d=2p281jEwnc_Gd6p2jqSI30PDrRIPZIB4lQhuNMWIwQ&s=5&u=http%3a%2f%2fmlogc-batch-load%2epl%2ein>: fix searching SecAuditLogStorageDir
   files with Apache 2.4
   [Issue #775 - Elia Pinto]
- Understands IIS 10 as compatible on Windows installer.
   [Issue #931 - Anton Serbulov, Pavel Vasilevich and ModSecurity team]
- Fix apache logging limitation by using correct Apache call.
   [Issue #840 - Christian Folini]
- Fix apr_crypto.h check on 32-bit Linux platform
   [Issue #882, #883 - Kurt Newman]
- Fix variable resolution duration (Content of the DURATION variable).
   [Issue #662 - Andrew Elble]
- Fix crash while adding empty keys to persistent collections.
   [Issue #927 - Eugene Alekseev, Marc Stern and ModSecurity team]
- Remove misguided call to srand()
   [Issues #778, #781 and #836 - Michael Bunk, @gilperon]
- Fix compilation problem while ssdeep is installed in non-standard
   location.
   [Issue #872 - Kurt Newman]
- Fix invalid storage reference by apr_psprintf at msc_crypt.c
   [Issue #609 - Jeff Trawick]

* Known issues

- Instabilities of nginx add-on are still expected. Please use the "nginx
   refactoring" branch and stay tuned for the ModSecurity version 3.

Br.,
Felipe "Zimmerle" Costa
Lead Developer for ModSecurity
Security Researcher, SpiderLabs

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com<http://www.trustwave.com> <http://www.trustwave.com/>

--
Walter Hop | PGP key: https://lifeforms.nl/pgp<http://scanmail.trustwave.com/?c=4062&d=2p281jEwnc_Gd6p2jqSI30PDrRIPZIB4lQs-YcPewQ&s=5&u=https%3a%2f%2flifeforms%2enl%2fpgp>

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140<http://scanmail.trustwave.com/?c=4062&d=2p281jEwnc_Gd6p2jqSI30PDrRIPZIB4lVg8ZcLdlQ&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140>
_______________________________________________
mod-security-developers mailing list
mod...@li...<mailto:mod...@li...>
https://lists.sourceforge.net/lists/listinfo/mod-security-developers<http://scanmail.trustwave.com/?c=4062&d=2p281jEwnc_Gd6p2jqSI30PDrRIPZIB4lQ0-acDakg&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers>
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/spiderLabs.php

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.