The CRS project has always been in a somewhat continuos development model. In general this becomes very problematic as the team does not package the software for different distro¹s. If you would like to see CRS updated in your distro, please do encourage the packager to upgrade. As a rule of thumb starting with 3.0 (Which is forthcoming) we will try to provide more solid versioning.
On 3/7/16, 5:26 PM, "owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of Brian Davis (bridavis)" <owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of brida...@cisco.com> wrote: >Thanks, Athmane. > >One question, what is mod_security_crs package at 2.2.6 while the Git repo >is at 2.2.9? > >Thanks, >Brian > >On 3/7/16, 7:00 AM, >"owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of >owasp-modsecurity-core-rule-set-requ...@lists.owasp.org" ><owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of >owasp-modsecurity-core-rule-set-requ...@lists.owasp.org> wrote: > >>Send Owasp-modsecurity-core-rule-set mailing list submissions to >> owasp-modsecurity-core-rule-set@lists.owasp.org >> >>To subscribe or unsubscribe via the World Wide Web, visit >> http://scanmail.trustwave.com/?c=4062&d=44be1sNUaV9vNA9G3yRDc8FWV2nKlV1_ >>N__ov2DZFA&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2 >>fowasp-modsecurity-core-rule-set >> >>or, via email, send a message with subject or body 'help' to >> owasp-modsecurity-core-rule-set-requ...@lists.owasp.org >> >>You can reach the person managing the list at >> owasp-modsecurity-core-rule-set-ow...@lists.owasp.org >> >>When replying, please edit your Subject line so it is more specific >>than "Re: Contents of Owasp-modsecurity-core-rule-set digest..." >> >> >>Today's Topics: >> >> 1. Re: ARGS against PUT (was Re: Owasp-modsecurity-core-rule-set >> Digest, Vol 83, Issue 8) (Athmane Madjoudj) >> >> >>---------------------------------------------------------------------- >> >>Message: 1 >>Date: Sun, 6 Mar 2016 22:48:25 +0100 >>From: Athmane Madjoudj <athm...@fedoraproject.org> >>To: "Brian Davis (bridavis)" <brida...@cisco.com> >>Cc: "owasp-modsecurity-core-rule-set@lists.owasp.org" >> <owasp-modsecurity-core-rule-set@lists.owasp.org> >>Subject: Re: [Owasp-modsecurity-core-rule-set] ARGS against PUT (was >> Re: Owasp-modsecurity-core-rule-set Digest, Vol 83, Issue 8) >>Message-ID: >> <caov0wtpoyr-mmufvuxpbuho-kqe_rxotxq2hegg7x7tnrto...@mail.gmail.com> >>Content-Type: text/plain; charset=UTF-8 >> >>Hi Brian, >> >>On Sun, Mar 6, 2016 at 4:49 PM, Brian Davis (bridavis) >><brida...@cisco.com> wrote: >>> (For some reason I didn?t get the direct email response.) >>> >>> After doing some more research, I think it?s relates to the fact that >>>the >>> <script> is in a JSON payload, and it turns out I?m not running a >>>recent >>> enough version of mod security which supports JSON parsing. CentOS 7.1 >>>is >>> only packaging 2.7.3, where as JSON parser comes in 2.8. >>> >>> I?m working on manually upgrading and trying again to see if that >>>helps. >> >>You may use this repo which is the same package version as Fedora >>development branch. >> >>http://scanmail.trustwave.com/?c=4062&d=44be1sNUaV9vNA9G3yRDc8FWV2nKlV1_N >>_2-t2mMGg&s=5&u=https%3a%2f%2fcopr%2efedorainfracloud%2eorg%2fcoprs%2fath >>mane%2fmod%5fsecurity%2f >> >> >>Best regards. >> >>- Athmane >> >> >>------------------------------ >> >>_______________________________________________ >>Owasp-modsecurity-core-rule-set mailing list >>Owasp-modsecurity-core-rule-set@lists.owasp.org >>http://scanmail.trustwave.com/?c=4062&d=44be1sNUaV9vNA9G3yRDc8FWV2nKlV1_N >>__ov2DZFA&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2f >>owasp-modsecurity-core-rule-set >> >> >>End of Owasp-modsecurity-core-rule-set Digest, Vol 83, Issue 14 >>*************************************************************** > >_______________________________________________ >Owasp-modsecurity-core-rule-set mailing list >Owasp-modsecurity-core-rule-set@lists.owasp.org >http://scanmail.trustwave.com/?c=4062&d=44be1sNUaV9vNA9G3yRDc8FWV2nKlV1_N_ >_ov2DZFA&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2fow >asp-modsecurity-core-rule-set ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
