Skip to content
This repository has been archived by the owner on May 14, 2020. It is now read-only.

Commit

Permalink
Merge pull request #614 from dune73/dune73-changelog-rc2
Browse files Browse the repository at this point in the history 
Extending CHANGES file
  • Loading branch information
@dune73
dune73 authored Oct 15, 2016
2 parents cb54f27 + 43148c5 commit 9683bb3
Showing 1 changed file with 17 additions and 5 deletions.
22 changes: 17 additions & 5 deletions CHANGES
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,24 @@

== Report Bugs/Issues to GitHub Issues Tracker or the mailinglist ==
* https://github.com/SpiderLabs/owasp-modsecurity-crs/issues
or the CRS mailinglist at
or the CRS mailinglist at
* https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set


== Changes from 3.0.0-RC1 to 3.0.0-RC2 ==

* Fixed Apache 2.2 compatibility issue with long configuration lines.
* Added more unix commands to RCE rule (github user @emphazer).
* Panic with error 500 if the crs-setup.conf file is not loaded.
* Generic mechanism to support application specific rule exclusions
(Chaim Sanders)
* Initial Wordpress rule exclusions (Walter Hop)
* Initial Drupal rule exclusions (Christian Folini, @emphazer)
* Cleanup of reputation checks / persistent blocking
(Christian Folini / Walter Hop)
* Shortened overly long RegExes to work on Apache 2.2 (Walter Hop)
* Add support for HTTP/2 in recent Apache 2.4 (Walter Hop)
* Updated list of malicious webscanners
* Include script in util/join-multiline-rules to work around
Apache 2.4 < 2.4.11 bug with long lines (Walter Hop)


== Changes from 2.2.9 to 3.0.0-RC1 ==

Expand All @@ -34,7 +44,8 @@ This is a cursory summary of the most important changes:
* Consolidation of rules, namely XSS and SQLi (Spider Labs/Trustwave team)
* Sampling mode / Easing in (Christian Folini)
* Tags much more systematic (Walter Hop)
* IP Reputation checks (Spider Labs/Trustwave team)
* IP reputation checks / persistent blocking of certain clients
(Spider Labs/Trustwave team)
* Phase actions use request/response/logging now instead of
numerical phases (Spider Labs/Trustwave team)
* Added NoScript XSS Filters (Spider Labs/Trustwave team)
Expand Down Expand Up @@ -71,6 +82,7 @@ This is a cursory summary of the most important changes:
* Introduction of var for static resources (Chaim Sanders)
* Many improvements to rules in 2014/5 (Ryan Barnett)


== Version 2.2.9 - 09/30/2013 ==

Security Fixes:
Expand Down

0 comments on commit 9683bb3

Please sign in to comment.