logoon  windows
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Forum Register Log in  RSS Apache Lounge


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored by anyone.

Your donations will help to keep this site alive and well, and continuing the building of the binaries.




ModSecurity 1.9.3 released

 
Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules



View previous topic :: View next topic  
Author Message
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2151
Location: Hilversum, NL, EU

PostPosted: Wed 12 Apr '06 21:07    Post subject: ModSecurity 1.9.3 released Reply with quote

ModSecurity 1.9.3 has been released. The Win32 binary is available for immediate download here from the Apache Lounge

Changes since 1.9.2:

* Fixed malformed serial audit log entry problem.
* Strict checking of what is supplied for the "severity" action.
* Prettier output in the logs (text instead of numbers).
* Improved detection of the response protocol version.
* Improved the internal chroot feature to work with mod_fastcgi, mod_fcgi, mod_cgid (testers welcome).
* Response headers are now escaped in the concurrent audit log.
* New action: logparts (adjust the audit log parts setting).
* Added support for multiple messages per transaction.
* Added SCRIPT_BASENAME, REQUEST_BASENAME.
* Implemented variable caching to reduce memory consumption. Large memory savings can be achived but only when the rule set is significantly large. Not noticable for "normal" installations.
* Fixed the "Server" trailer message in the concurrent audit log.
* Removed the extra newline added to the index file by the ncurrent audit logger.
* Fixed a problem in the action list parser which caused parsing to stop after any action with a quoted parameter.
* (Apache 2.x only) Fixed a response buffering problem that manifested as partial loss of output when virtual subrequests are used (it is the output from the virtual subrequests that would be lost).
* Deprecated DynamicOnly because it is inherently difficult to use and often unpredictable.

Steffen
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules
Page 1 of 1