github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-10 08:12:27 +03:00
Code Issues Packages Projects Releases Wiki Activity

update CHANGES

Browse Source
This commit is contained in:
brenosilva
2012-06-01 20:52:19 +00:00
parent 14156d831b
commit 480af9375d
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@@ -82,6 +82,11 @@ XX NNN 2012 - 2.7.0-rc1
* Current Google Safe Browsing implementation is deprecated. Google changed the API and does not allow * Current Google Safe Browsing implementation is deprecated. Google changed the API and does not allow
anymore the malware database for download. anymore the malware database for download.
* In 2009, Stefan Esser published an evasion technique that relies on the use of single quotes and PHP.
The trick was treating a request parameter as a file. A patch was applied into ModSecurity 2.5.11 by Brian Rectanus.
Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion technique (MODSEC-312).
20 Mar 2012 - 2.6.5 20 Mar 2012 - 2.6.5
------------------- -------------------