Difference between revisions of "Projects/OWASP ModSecurity Core Rule Set Project/Releases/ModSecurity 2.1.2"

From OWASP
Jump to: navigation, search
(Created page with "{{Template: <includeonly>{{{1}}}</includeonly><noinclude>Release About</noinclude> | project_name = OWASP ModSecurity Core Rule Set Project | project_home_page = :Category:OWASP ...")
 
Line 4: Line 4:
  
 
| release_name = ModSecurity 2.1.2
 
| release_name = ModSecurity 2.1.2
| release_date =  
+
| release_date = 02/17/2011
| release_description
+
| release_description =
 +
*Improvements:
 +
- Added experimental real-time application profiling ruleset.
 +
- Added experimental Lua script for profiling the # of page scripts, iframes, etc.. which will help to identify successful XSS attacks and planting of malware links.
 +
- Added new CSRF detection rule which will trigger if a subsequent request comes too quickly (need to use the Ignore Static Content rules).
 +
 
 +
*Bug Fixes:
 +
- Added missing " in the skipAfter SecAction in the CC Detection rule set
 +
 
  
 
| release_license = [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License - Version 2.0]
 
| release_license = [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License - Version 2.0]
  
| release_download_link =  
+
| release_download_link = http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.1.2.zip/download 
  
 
| leader_name1 = Ryan Barnett
 
| leader_name1 = Ryan Barnett

Revision as of 15:43, 15 March 2011

back to project home page

what is this release?
ModSecurity 2.1.2 - 02/17/2011 - (download)
Release Description:
  • Improvements:

- Added experimental real-time application profiling ruleset. - Added experimental Lua script for profiling the # of page scripts, iframes, etc.. which will help to identify successful XSS attacks and planting of malware links. - Added new CSRF detection rule which will trigger if a subsequent request comes too quickly (need to use the Ignore Static Content rules).

  • Bug Fixes:

- Added missing " in the skipAfter SecAction in the CC Detection rule set

Release License: GNU General Public License - Version 2.0
who worked on this release?
Release Leader(s):
how can you learn more?
Release Notes: View
Release Rating: Yellow button.JPG Not Reviewed - Assessment Details
Key Contacts
  • Contact the GPC to report a problem or concern about this release info or to update information.