Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
We are happy to announce ModSecurity version 2.9.3!
As previously announced, libModSecurity has reached official stable stage and was released for almost an year now. Therefore, new features and major improvements will be implemented only on version 3.x. Security or *major* bugs are planned to be back ported. Version 2 and version 3 has a completely independent development/release cycle.
Still, in a effort to keep our commitment with the community, 2.9.3 still contains a number of improvements in different areas. These include, optimizations in the code, updating all dependencies, updating the embedded CRS version of the IIS build, clean ups, support for other architectures among other changes.
In addition to these improvements, a few key issues were fixed including mpm-itk / mod_ruid2 compatibility which was a roadblock for some CPANEL ModSecurity users and many other improvements focused on improving performance, usability and code resilience.
- Fix ip tree lookup on netmask content
[@tinselcity, @zimmerle]
The complete list of changes is available on our change logs:
- https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.3
The source and binaries (and the respective hashes/signatures) are
available at:
- https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.3
The documentation for this release is available at:
- https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual- v2.x
The list of open issues is available on GitHub:
- https://github.com/SpiderLabs/ModSecurity/labels/2.x
As with every new release, a milestone was created to host all the issues that will be fixed till we reach the given milestone. With that, we not only give the community the full transparency of the work that is being doing on ModSec, but also even more chances to participate.
Milestones give the chance to anyone from the community to deduce when and what will be released. For instance the 2.9.4 milestone is in progress even before 2.9.3 milestone is closed.
Some of the active milestones from the ModSecurity project follows:
- milestone v2.9.3:
https://github.com/SpiderLabs/ModSecurity/milestone/10
- milestone v2.9.4:
https://github.com/SpiderLabs/ModSecurity/milestone/14
Thanks to everybody who helped in this process: reporting issues, making comments and suggestions, sending patches and so on.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.