github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Set the minimum security protocol version for SecRemoteRules

Browse Source
This commit is contained in:
Ervin Hegedus
2024-01-27 17:09:43 +01:00
parent 5e17e6dfc4
commit b687f51840
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@@ -1,6 +1,8 @@
DD mmm YYYY - 2.9.x (to be released) DD mmm YYYY - 2.9.x (to be released)
------------------- -------------------
* Set the minimum security protocol version for SecRemoteRules
[Issue security/code-scanning/2 - @airween]
* Allow lua version 5.4 * Allow lua version 5.4
[Issue #2996 - @3eka, @martinhsv] [Issue #2996 - @3eka, @martinhsv]
* Configure: do not check for pcre1 if pcre2 requested * Configure: do not check for pcre1 if pcre2 requested

4
apache2/msc_remote_rules.c
View File

@@ -331,8 +331,8 @@ int msc_remote_download_content(apr_pool_t *mp, const char *uri, const char *key
headers_chunk = curl_slist_append(headers_chunk, header_key); headers_chunk = curl_slist_append(headers_chunk, header_key);
} }
/* Make it TLS 1.x only. */ /* Make it TLS 1.2 at least. */
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1); curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
#ifdef WIN32 #ifdef WIN32
res_len = SearchPathA(NULL, "curl-ca-bundle.crt", NULL, (2048 + 1), buf, &ptr); res_len = SearchPathA(NULL, "curl-ca-bundle.crt", NULL, (2048 + 1), buf, &ptr);