github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update CHANGES

Browse Source
This commit is contained in:
brenosilva 2012-06-08 15:29:11 +00:00
parent 28621131a3
commit c5cc0bfa95
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGES
View File

@ -1,4 +1,4 @@
XX NNN 2012 - 2.7.0-rc1
08 Jun 2012 - 2.7.0-rc1
-------------------
* Added SecEncryptionEngine. Initial crypt engine support, at the momment it will sign some Html
@ -88,10 +88,12 @@ XX NNN 2012 - 2.7.0-rc1
* Current Google Safe Browsing implementation is deprecated. Google changed the API and does not allow
anymore the malware database for download.
08 Jun 2012 - 2.6.6
-------------------
* In 2009, Stefan Esser published an evasion technique that relies on the use of single quotes and PHP.
The trick was treating a request parameter as a file. A patch was applied into ModSecurity 2.5.11 by Brian Rectanus.
Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion technique (MODSEC-312).
Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion.
20 Mar 2012 - 2.6.5
-------------------