Thanks, Athmane. One question, what is mod_security_crs package at 2.2.6 while the Git repo is at 2.2.9?
Thanks, Brian On 3/7/16, 7:00 AM, "owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of owasp-modsecurity-core-rule-set-requ...@lists.owasp.org" <owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of owasp-modsecurity-core-rule-set-requ...@lists.owasp.org> wrote: >Send Owasp-modsecurity-core-rule-set mailing list submissions to > owasp-modsecurity-core-rule-set@lists.owasp.org > >To subscribe or unsubscribe via the World Wide Web, visit > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > >or, via email, send a message with subject or body 'help' to > owasp-modsecurity-core-rule-set-requ...@lists.owasp.org > >You can reach the person managing the list at > owasp-modsecurity-core-rule-set-ow...@lists.owasp.org > >When replying, please edit your Subject line so it is more specific >than "Re: Contents of Owasp-modsecurity-core-rule-set digest..." > > >Today's Topics: > > 1. Re: ARGS against PUT (was Re: Owasp-modsecurity-core-rule-set > Digest, Vol 83, Issue 8) (Athmane Madjoudj) > > >---------------------------------------------------------------------- > >Message: 1 >Date: Sun, 6 Mar 2016 22:48:25 +0100 >From: Athmane Madjoudj <athm...@fedoraproject.org> >To: "Brian Davis (bridavis)" <brida...@cisco.com> >Cc: "owasp-modsecurity-core-rule-set@lists.owasp.org" > <owasp-modsecurity-core-rule-set@lists.owasp.org> >Subject: Re: [Owasp-modsecurity-core-rule-set] ARGS against PUT (was > Re: Owasp-modsecurity-core-rule-set Digest, Vol 83, Issue 8) >Message-ID: > <caov0wtpoyr-mmufvuxpbuho-kqe_rxotxq2hegg7x7tnrto...@mail.gmail.com> >Content-Type: text/plain; charset=UTF-8 > >Hi Brian, > >On Sun, Mar 6, 2016 at 4:49 PM, Brian Davis (bridavis) ><brida...@cisco.com> wrote: >> (For some reason I didn?t get the direct email response.) >> >> After doing some more research, I think it?s relates to the fact that >>the >> <script> is in a JSON payload, and it turns out I?m not running a recent >> enough version of mod security which supports JSON parsing. CentOS 7.1 >>is >> only packaging 2.7.3, where as JSON parser comes in 2.8. >> >> I?m working on manually upgrading and trying again to see if that helps. > >You may use this repo which is the same package version as Fedora >development branch. > >https://copr.fedorainfracloud.org/coprs/athmane/mod_security/ > > >Best regards. > >- Athmane > > >------------------------------ > >_______________________________________________ >Owasp-modsecurity-core-rule-set mailing list >Owasp-modsecurity-core-rule-set@lists.owasp.org >https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > > >End of Owasp-modsecurity-core-rule-set Digest, Vol 83, Issue 14 >*************************************************************** _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
