modsecurity-logo.gif

이번 버전에서는 몇가지 중요한 문제가 수정되었습니다. 큰 변경점은 탐지를 우회할 수 있던 문제와

DOS(denial of service)공격이 가능했던 부분을 수정했다고 합니다. 또한 Core Ruleset (v2.0.5)가

포함되어 있습니다.

2.5.12로의 업데이트를 권장하고 있지만 업데이트시 몇가지 큰 변화가 있어서 그부분은 필히 숙지를 한뒤

업데이트를 하시기 바랍니다.


Notable changes which may impact an upgrade:


* PCRE match limits are substantially lowered by default. If you have custom rules that are resulting
 in "PCRE limits exceeded", then you may have to adjust SecPcreMatchLimit

* directives or modify your regex. You can also revert to the default by building with
"--disable-pcre-match-limit" and "--disable-pcre-match-limit-recursion" configure options
(not recommended, though).

* PCRE "studying" is now on by default (Use the --disable-pcre-study configure option to turn it off).
This allows for extra checks when compiling a regex for optimization. Normally this is a good thing,
but it may slow down a restart/reload on large rulesets.

* A new form of processing flags has been introduced. ModSecurity processing flags may indicate an
issue or inconsistency when processing a transaction. These flags have been placed in the TX collection
so that they maintain backwards compatibility. Each of these flags are prefixed with "MSC_".
If you are using this prefix, then you may have false positives and will need to change to another prefix.
Currently there is just one flag, TX:MSC_PCRE_LIMITS_EXCEEDED, being used. See the documentation on the
TX and SecPcreMatchLimit* directives for more information.

* ModSecurity will now (by default) not process more than 100 file uploads.
This can be overridden via SecUploadFileLimit. You are encouraged to *lower* the limit
if you do not allow mass uploads of files on your site.

* The @pmFromFile operator will now trim whitespace from both sides of the phrase (line) when reading in
the list of phrases. If you have used whitespace as a left or right boundary in custom rules,
then you will need to replace the boundary with non-whitespace character.


자세한 변경 사항은 아래링크를 참고하세요.

https://sourceforge.net/projects/mod-security/files/modsecurity-apache/2.5.12/CHANGES_2.5.12.txt/download


관련 링크 :

http://www.modsecurity.org/

http://article.gmane.org/gmane.comp.apache.mod-security.user/7178


'News' 카테고리의 다른 글

XE Core 1.4.1.0 배포  (3) 2010.05.02
Samba 3.5.2 release  (0) 2010.04.08
ProFTPD 1.3.2e, 1.3.3 release  (0) 2010.02.25
SpamAssassin 3.3.0 release  (0) 2010.02.01
XE Core 1.4.0 배포  (0) 2010.01.28

+ Recent posts