mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-16 16:06:12 +03:00
update CHANGES
This commit is contained in:
brenosilva
parent
9d2b4568fc
commit
51067c23dd
5
CHANGES
5
CHANGES
@ -91,9 +91,8 @@
|
||||
|
||||
* Added build system support for KfreeBSD and HURD.
|
||||
|
||||
* In 2009, Stefan Esser published an evasion technique that relies on the use of single quotes and PHP.
|
||||
The trick was treating a request parameter as a file. A patch was applied into ModSecurity 2.5.11 by Brian Rectanus.
|
||||
Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion.
|
||||
* Fixed a multipart bypass issue related to quote parsing
|
||||
Credits to Qualys Vulnerability & Malware Research Labs (VMRL).
|
||||
|
||||
20 Mar 2012 - 2.6.5
|
||||
-------------------
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user