|
From: Felipe C. <FC...@tr...> - 2017-12-15 15:10:46
|
Thank you Christian. Indeed I am very happy with this release :) Hope to make the life of ModSecurity users better. Thanks, also, to everybody that was involved on with it, including you :) Br., Felipe “Zimmerle” Costa Security Researcher, Lead Developer ModSecurity. Trustwave | SMART SECURITY ON DEMAND www.trustwave.com<http://www.trustwave.com/> ________________________________ From: Christian Folini <chr...@ne...> Sent: Friday, December 15, 2017 8:11:55 AM To: mod...@li...; mod...@li... Subject: Re: [Mod-security-developers] ModSecurity version 3.0.0 announcement Congratulations Zimmerle! This is a very big day and I am impressed by your achievement! I drink to a bright future for libModSecurity 3.0! Christian On Thu, Dec 14, 2017 at 10:26:17PM +0000, Felipe Costa wrote: > > It is a pleasure to announce the release of ModSecurity version 3.0.0, aka > libModSecurity. This version contains fixes on top of v3.0.0-rc1 and > improvements on some features. > > The most important addition of this release was the full support for some > missing pieces such as: Lua, SecRuleRemoveByTag and the @fuzzyHash operator. > > At this point ModSecurity version 3 is considerable to be feature complete. Any > missing piece may not be suitable for version 3 family. At least not > before discussion. > > The list with the full changes can be found on the project CHANGES file, > available here: > - https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_SrVbV5HsA&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2freleases%2ftag%2fv3%2e0%2e0%2fCHANGES > > The version 3.0.0 can be downloaded straight from GitHub: > - https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_XuJPgVM5w&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2freleases%2ftag%2fv3%2e0%2e0%2f > > The list of open issues is also available on GitHub: > - https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_XuJOVNNsA&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2fissues%3fq%3dis%253Aissue%2bis%253Aopen%2blabel%253Alibmodsecurity > > Notice that differently from version 2, ModSecurity v3 does not target any > specific web server or web server version. The version 3 is about a library. > The connectors are the ones responsible to create the link between the web > server and libModSecurity. Each web server should have its own connector. > Currently we support the Nginx connector and there is a Apache connector > available for test (not yet released). > > IMPORTANT: ModSecurity version 2 will be available and maintained parallel > to version 3. There is no ETA to deprecate the version 2.x. New features and > major improvements will be implemented on version 3.x. Security or major bugs > are planned to be back ported. Version 2 and version 3 has a completely > independent development/release cycle. > > Thanks to everybody who helped in this process: reporting issues, making > comments and suggestions, sending patches and so on. > > Further details on the compilation process for ModSecurity v3, can be found on > the project README: > - https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_X2HOldK4w&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2ftree%2fv3%2fmaster%23compilation > > Complementary documentation for the connectors are available here: > - nginx: https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_XjUPlEYtg&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity-nginx%2f%23compilation > - Apache: https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_S6AOVZO4g&s=5&u=https%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity-apache%2f%23compilation > > > Br., > Felipe "Zimmerle" Costa > Security Researcher, Lead Developer ModSecurity. > > Trustwave | SMART SECURITY ON DEMAND > www.trustwave.com<http://www.trustwave.com> > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, http://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_S6Ga1Ea5g&s=5&u=http%3a%2f%2fSlashdot%2eorg%21 http://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_XjVbVUc4g&s=5&u=http%3a%2f%2fsdm%2elink%2fslashdot > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_S-CZ1NJsQ&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php -- https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_SuGaFUd4A&s=5&u=https%3a%2f%2fwww%2efeistyduck%2ecom%2ftraining%2fmodsecurity-training-course https://scanmail.trustwave.com/?c=4062&d=-J-z2kP3sJBdn_MkkJUUMkJvM0JY3XGs_SyFb18b7A&s=5&u=https%3a%2f%2fwww%2efeistyduck%2ecom%2fbooks%2fmodsecurity-handbook%2f mailto:chr...@ne... twitter: @ChrFolini |
