XX NNN 2012 - 2.7.0-rc3 release log
* Fixed requests bigger than SecRequestBodyNoFilesLimit were truncated even engine mode was detection only.
* Fixed double close() for multipart temporary files (Thanks Seema Deepak).
* Fixed many small issues reported by Coverity Scanner (Thanks Peter Vrabek).
* Fixed format string issue in ngnix experimental code. (Thanks Eldar Zaitov).
* Added ctl:ruleRemoveTargetById/Tag/Msg and removed ctl:ruleUpdateTargetById/Tag/Msg.
* Added IIS and Ngnix platform code.
* Added new transformation utf8toUnicode.
Download other versions -
Live Wiki Documentation
The Wiki Documentation will always be the most up-to-date.
Reference Manual
FAQ
Migration Matrix
Log Data Format Documentation
Roadmap
Visit website -
http://www.modsecurity.org/
Stable Releases
ModSecurity is an open source product licensed under ASLv2. It comes with full source code and documentation. Older releases are signed by Ivan Ristic or Brian Rectanus. Newer releases are signed by Breno Silva. These public keys are available via most PGP key server mirrors.
modsecurity-apache_2.6.7.tar.gz (PGP MD5)
NOTE: Direct downloads are handled by the SourceForge.net project page. More downloads are available there than listed on this page.
Snapshot/Candidate Releases
As part of an ongoing effort to improve the overall release process, these snapshots will be very similar to full releases, except that they might also have some small issue to solve before release a stable version.
ModSecurity v2.7.0 modsecurity-apache_2.7.0-rc3.tar.gz (v2.7.0-RC3) (CHANGES)
ModSecurity for IIS v2.7.0 ModSecurityIIS_2.7.0-rc3.msi
Development Releases
If you would like to test out new features that are available in development releases, just follow these steps to sync with the SourceForge SVN repository:
- Create a directory to clone the code:
- Clone the source code:
SVN: GIT:
There are no binary packages on modsecurity.org. Below is a list of third-party sites that sometimes have an up-to-date binary version of ModSecurity:
RHEL/CentOS Yum Repository (Jason Litka)
http://www.jasonlitka.com/yum-repository/
Debian (Alberto Gonzalez Iniesta):
http://packages.debian.org/search?searchon=sourcenames&keywords=modsecurity-apache
Fedora Core (Michael Fleming):
http://fedoraproject.org/wiki/EPEL
FreeBSD (Alex Dupre):
http://www.freebsd.org/cgi/ports.cgi?query=mod_security&stype=all
Gentoo:
http://www.gentoo-portage.com/www-apache/mod_security
Apache 2.x on Windows (Steffen):
http://www.apachelounge.com/
HP-UX (Internet Express):
http://h20338.www2.hp.com/hpux11i/cache/324414-0-0-0-121.html
Netware, Windows (Guenter Knauf):
http://www.gknw.at/development/apache/
Resources
[1] ModSecurity home page: http://www.modsecurity.org/
[2] OWASP Core Rule Set for ModSecurity:https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
Previous post regarding ModSecurity -
http://santoshdudhade.blogspot.in/2012/04/what-ismodsecurity-or-modsecurity.html
http://santoshdudhade.blogspot.in/2012/04/secure-apache-2x-web-server-with.html
http://santoshdudhade.blogspot.in/2012/07/mod-security-v267.html
0 comments:
Post a Comment