I wanted to pass along some updates to the latest CRS version out in GitHub -
== Version 2.2.7 - 12/19/2012 == Improvements: * Added JS Overrides file to identify successfull XSS probes * Added new XSS Detection Rules from Ashar Javed (http://twitter.com/soaj1664ashar) * Updated the SQLi Filters to add in Oracle specific functions - https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/7 Bug Fixes: * Fixed Session Hijacking rules - https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/8 Please grab a copy of the code from GitHub and test out these new updates and let me know if you have any issues. -- Ryan Barnett Trustwave SpiderLabs ModSecurity Project Leader OWASP ModSecurity CRS Project Leader ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
