ModSecurity 2.5.10 has been released and is now available.

This release fixes a number of small issues.  Notable issues that have been fixed are a cleaner build process,
fixes to mlogc to build on Windows and allow more reliable SSL neg. to the console, less verbose logging 
when using anomaly scoring with CRS v2.x and a feature to allow easier use with Apache mpm-itk.
Downloads and docs from modsecurity.org as usual.

변경점은 아래를 참고하세요.
18 Sep 2009 - 2.5.10
--------------------
 * Cleanup mlogc so that it builds on Windows.
 * Added more detailed messages to replace "Unknown error" in filters.
 * Added SecAuditLogDirMode and SecAuditLogFileMode to allow fine tuning auditlog permissions 
   (especially with mpm-itk).
 * Cleanup SecUploadFileMode implementation.
 * Cleanup build scripts.
 * Fixed crash on configuration if SecMarker is used before any rules.
 * Fixed SecRuleUpdateActionById so that it will work on chain starters.
 * Cleanup build system for mlogc.
 * Allow mlogc to periodically flush memory pools.
 * Using nolog,auditlog will now log the "Message:" line to the auditlog, but nothing to the error log.
    Prior versions dropped the "Message:" line from both logs.  To do this now, just use "nolog" 
    or "nolog,noauditlog".
 * Forced mlogc to use SSLv3 to avoid some potential auto negotiation issues with some libcurl versions.
 * Fixed mlogc issue seen on big endian machines where content type could be listed as zero.
 * Removed extra newline from audit log message line when logging XML errors.
   This was causing problems parsing audit logs.
 * Fixed @pm/@pmFromFile case insensitivity.
 * Truncate long parameters in log message for "Match of ... against ... required" messages.
 * Correctly resolve chained rule actions in logs.
 * Cleanup some code for portability.
 * AIX does not support hidden visibility with xlc compiler.
 * Allow specifying EXTRA_CFLAGS during configure to override gcc specific values for non-gcc compilers.
 * Populate GEO:COUNTRY_NAME and GEO:COUNTRY_CONTINENT as documented.
 * Handle a newer geo database more gracefully, avoiding a potential crash for new countries that 
   ModSecurity is not yet aware.
 * Allow checking &GEO "@eq 0" for a failed @geoLookup.
 * Fixed mlogc global mutex locking issue and added more debugging output.
 * Cleaned up build dependencies and configure options.

관련 링크: http://modsecurity.org/
다운로드 링크: http://modsecurity.org/download/index.html

'News' 카테고리의 다른 글

XE Core 1.2.6 배포  (1) 2009.10.13
mc-4.7.0-pre3 Release  (0) 2009.10.05
CentOS 도메인 관련(?) 분쟁  (1) 2009.07.31
Textyle ver 0.9 배포  (0) 2009.07.29
Mozilla Firefox ( 3.0.11 이하 ) Multiple Vulnerabilities  (0) 2009.07.24

+ Recent posts

티스토리툴바