Version 2.5.12 of ModSecurity
Release Notes: This release fixes several important issues to help prevent a detection bypass and denial of service attacks against ModSecurity. Quite a few small but notable bugs were fixed. The latest Core Ruleset (2.0.5) is included.
Other releases
Release Notes: This release fixes several important issues to help prevent a detection bypass and denial of service attacks against ModSecurity. Quite a few small but notable bugs were fixed. The latest Core Ruleset (2.0.5) is included.
Release Notes: This release fixes a multipart parsing issue that has the potential to allow bypassing the rules engine. This bypass can be avoided via some simple rules, however. Other changes include a rules update (CRS 2.0.3) and some minor cleanup in build, mlogc, persistence, and the output filter ordering.
Release Notes: This release fixes a number of small issues. Notable issues that have been fixed are a cleaner build process, fixes to mlogc to build on Windows and allow more reliable SSL negotiation to the console, less verbose logging when using anomaly scoring with CRS v2.x, and a feature to allow easier use with Apache mpm-itk.
Release Notes: This release cleans up the build scripts and adds some features to better manage audit log permissions (especially with mpm-itk).
Release Notes: This development release fixes some build issues with mlogc, a potential configuration crash, and SecRuleUpdateActionById. It includes the latest release of the Core Rule Set (CRS), 2.0.1.
