github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

backport HURD and KfreeBSD build support

Browse Source
This commit is contained in:
brenosilva 2012-06-08 15:39:17 +00:00
parent c5cc0bfa95
commit 56a3965198
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -72,8 +72,6 @@
^ Added new rule metadata actions ver, maturity and accuracy. Also included into RULE collection. ^ Added new rule metadata actions ver, maturity and accuracy. Also included into RULE collection.
* Added build system support for KfreeBSD and HURD.
* Updated Reference manual into doc/ directory. * Updated Reference manual into doc/ directory.
* Fixed Variable DURATION contains the elapsed time in microseconds for compatible reasons with apache and * Fixed Variable DURATION contains the elapsed time in microseconds for compatible reasons with apache and
@ -91,6 +89,8 @@
08 Jun 2012 - 2.6.6 08 Jun 2012 - 2.6.6
------------------- -------------------
* Added build system support for KfreeBSD and HURD.
* In 2009, Stefan Esser published an evasion technique that relies on the use of single quotes and PHP. * In 2009, Stefan Esser published an evasion technique that relies on the use of single quotes and PHP.
The trick was treating a request parameter as a file. A patch was applied into ModSecurity 2.5.11 by Brian Rectanus. The trick was treating a request parameter as a file. A patch was applied into ModSecurity 2.5.11 by Brian Rectanus.
Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion. Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion.