[mod-security-packagers] Announcement: ModSecurity version 2.9.3
Brought to you by:
victorhora,
zimmerletw
From: Victor H. <VH...@tr...> - 2018-12-05 17:03:10
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 We are happy to announce ModSecurity version 2.9.3! As previously announced, libModSecurity has reached official stable stage and was released for almost an year now. Therefore, new features and major improvements will be implemented only on version 3.x. Security or *major* bugs are planned to be back ported. Still, in a effort to keep our commitment with the community, 2.9.3 still contains a number of improvements in different areas. These include, optimizations in the code, updating all dependencies, updating the embedded CRS version of the IIS build, clean ups, support for other architectures among other changes. In addition to these improvements, a few key issues were fixed including mpm-itk / mod_ruid2 compatibility which was a roadblock for some CPANEL ModSecurity users and many other improvements focused on improving performance, usability and code resilience. POTENTIAL SECURITY ISSUES: - Fix ip tree lookup on netmask content [@tinselcity] - - potential off by one in parse_arguments [@tinselcity] The complete list of changes is available on our change logs: - - https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.3 The source and binaries (and the respective hashes/signatures) are available at: - - https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.3 The documentation for this release is available at: - - https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29 The list of open issues is available on GitHub: - - https://github.com/SpiderLabs/ModSecurity/labels/2.x As with every new release, a milestone was created to host all the issues that will be fixed till we reach the given milestone. With that, we not only give the community the full transparency of the work that is being doing on ModSec, but also even more chances to participate. Milestones give the chance to anyone from the community to deduce when and what will be released. For instance the 2.9.4 milestone is in progress even before 2.9.3 milestone is closed. Some of the active milestones from the ModSecurity project follows: - - milestone v2.9.3: https://github.com/SpiderLabs/ModSecurity/milestone/10 - - milestone v2.9.4: https://github.com/SpiderLabs/ModSecurity/milestone/14 Thanks to everybody who helped in this process: reporting issues, making comments and suggestions, sending patches and so on. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEENVJvmdv3xZcwKAX5LzS6oLmekUFAlwIAmoACgkQ5LzS6oLm ekWTzQ//cIX68Y2HIBaR7nFvxsY199acxxKyJdoop3bVpJkZfBPUzgO7pUPGWPJj LF3FD8yKqnNJkI2iArJqGWBCa4b9UQi01JLLWiiOdTRWOtHfU8miVOIKFD7nTRGj DgNna1j8DEn8mrFcXyZctnhNfQu0Fp7sI2PLf5H4RyO58NpDyVxxquZwmLmc0ZQb LIAz0td/pNl3O2anJzIimXusQe9qba/qqxC/W7W5ZqEBrqIR/UJ9s7qDxMaReyQ4 MGBvxxjqg3GLNV43v5M9RtaBcYTf3hT55AyG78MHqK+sZop+UhLUL+m6HU1F7FN/ 4FvEfu/tq5ntHtCrh4xGk9JIbF4R7EdJEG9ruNbHZfKEPpJ5YNp2SScFRB/PQqAB EL7wTetkKLpQiGPFEV6+W6vKV8BjTJFakEzdOojcELqmza/KslHMIlZoqcdwN1ln iUxxeHW1txNWhfPvi8X1P6nxl10LaYTCHcUesHgjDvwhDgYX2FHYKwtALwVUgRVB oOZjiyLpuMqNHDUdOBCkUlFIAxQj3EZ2ujORBXmD+SXhy5Su+S59hrT/iju37NgK miwpbDNc1NwZQqoUSS+WG5W3TwqCCLzEcJIIwGqyW9K6HhM/Jyuadszvx5XzguyD sZNz9cOmlSeGENJ5PMrEgVXN4v00k1FRpsqjErSlN3BlCglqpzY= =F1hT -----END PGP SIGNATURE----- |