| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: owasp-modsecurity-crs | Distribution: openSUSE Tumbleweed |
| Version: 3.3.5 | Vendor: openSUSE |
| Release: 1.3 | Build date: Fri Sep 1 11:33:41 2023 |
| Group: Productivity/Networking/Security | Build host: reproducible |
| Size: 870605 | Source RPM: owasp-modsecurity-crs-3.3.5-1.3.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://coreruleset.org | |
| Summary: OWASP ModSecurity Common Rule Set (CRS) | |
The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts.
Apache-2.0
* Fri Sep 01 2023 Robert Frohl <rfrohl@suse.com>
- use upstream archive for building the package, the base folder name in the
archive changed
* Wed Aug 16 2023 Alessandro de Oliveira Faria <cabelo@opensuse.org>
- Version 3.3.5.
* This is the OWASP ModSecurity Core Rule Set version 3.3.5.
* Important changes:
- Backport fix for CVE-2023-38199 from CRS v4 via new rule 920620 (Andrea Menin, Felipe Zipitría)
* Fixes:
- Fix paranoia level-related scoring issue in rule 921422 (Walter Hop)
- Move auditLogParts actions to the end of chained rules where used (Ervin Hegedus)
* Chore:
- Clean up redundant paranoia level tags (Ervin Hegedus)
- Clean up YAML test files to support go-ftw testing framework (Felipe Zipitría)
- Move testing framework from ftw to go-ftw (Felipe Zipitría)
* Fri May 19 2023 Alessandro de Oliveira Faria <cabelo@opensuse.org>
- Version 3.3.4.
* Important Notice: From CRS 3.2.2, 3.3.3 and up, ModSecurity 2.9.6 or 3.0.8 (or versions with backported patches) are required due to the addition of new protections. We recommend upgrading your ModSecurity as soon as possible. If your ModSecurity is too old, your webserver will refuse to start with an Unknown variable: &MULTIPART_PART_HEADERS error. If you are in trouble, you can temporarily delete file rules/REQUEST-922-MULTIPART-ATTACK.conf as a workaround and get your server up, however, you will be missing some protections. Therefore we recommend to upgrade ModSecurity before deploying this release.
* Tue Dec 01 2020 pgajdos@suse.com
- use system apache rpm macros
* Mon Jul 24 2017 bwiedemann@suse.com
- sort conf file entries to fix build-compare (boo#1041090)
* Sun Mar 08 2015 p.drouand@gmail.com
- Update to version 2.2.9
* Updated the /util directory structure
* fix 950901 - word boundary added
* modsecurity_35_bad_robots.data - gecko/25 blocks Firefox Android
https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/157
- Fix SuSE > SUSE spelling
- Use download Url as source
- Do not explicitely depend on apache2; apache2-mod_security2
depends on it
- Remove redundant %clean section
- Do not copy INSTALL file into the package
- ChangeLog has been replaced with CHANGES in upstream
* Wed Sep 19 2012 Thomas.Worm@DATEV.de
- Raised version to 2.2.6.
* Resolves bnc#779076
* Resolves CORERULES-87
* Thu Sep 06 2012 Thomas.Worm@DATEV.de
- Package modification for factory submission:
* Changed services to localonly mode
* Added copyright information to spec file
* Thu Sep 06 2012 Thomas.Worm@DATEV.de
- Added README.SuSE
* Thu Aug 30 2012 Thomas.Worm@DATEV.de
- Initial package version 2.2.5
/usr/share/doc/packages/owasp-modsecurity-crs /usr/share/doc/packages/owasp-modsecurity-crs/CHANGES.md /usr/share/doc/packages/owasp-modsecurity-crs/README.SUSE /usr/share/doc/packages/owasp-modsecurity-crs/README.md /usr/share/licenses/owasp-modsecurity-crs /usr/share/licenses/owasp-modsecurity-crs/LICENSE /usr/share/owasp-modsecurity-crs /usr/share/owasp-modsecurity-crs/crs-setup.conf.example /usr/share/owasp-modsecurity-crs/rules /usr/share/owasp-modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example /usr/share/owasp-modsecurity-crs/rules/REQUEST-901-INITIALIZATION.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-903.9003-NEXTCLOUD-EXCLUSION-RULES.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-903.9004-DOKUWIKI-EXCLUSION-RULES.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-903.9005-CPANEL-EXCLUSION-RULES.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-903.9006-XENFORO-EXCLUSION-RULES.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-905-COMMON-EXCEPTIONS.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-910-IP-REPUTATION.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-911-METHOD-ENFORCEMENT.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-912-DOS-PROTECTION.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-913-SCANNER-DETECTION.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-921-PROTOCOL-ATTACK.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-922-MULTIPART-ATTACK.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-934-APPLICATION-ATTACK-NODEJS.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-944-APPLICATION-ATTACK-JAVA.conf /usr/share/owasp-modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-950-DATA-LEAKAGES.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf /usr/share/owasp-modsecurity-crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example /usr/share/owasp-modsecurity-crs/rules/crawlers-user-agents.data /usr/share/owasp-modsecurity-crs/rules/iis-errors.data /usr/share/owasp-modsecurity-crs/rules/java-classes.data /usr/share/owasp-modsecurity-crs/rules/java-code-leakages.data /usr/share/owasp-modsecurity-crs/rules/java-errors.data /usr/share/owasp-modsecurity-crs/rules/lfi-os-files.data /usr/share/owasp-modsecurity-crs/rules/php-config-directives.data /usr/share/owasp-modsecurity-crs/rules/php-errors.data /usr/share/owasp-modsecurity-crs/rules/php-function-names-933150.data /usr/share/owasp-modsecurity-crs/rules/php-function-names-933151.data /usr/share/owasp-modsecurity-crs/rules/php-variables.data /usr/share/owasp-modsecurity-crs/rules/restricted-files.data /usr/share/owasp-modsecurity-crs/rules/restricted-upload.data /usr/share/owasp-modsecurity-crs/rules/scanners-headers.data /usr/share/owasp-modsecurity-crs/rules/scanners-urls.data /usr/share/owasp-modsecurity-crs/rules/scanners-user-agents.data /usr/share/owasp-modsecurity-crs/rules/scripting-user-agents.data /usr/share/owasp-modsecurity-crs/rules/sql-errors.data /usr/share/owasp-modsecurity-crs/rules/unix-shell.data /usr/share/owasp-modsecurity-crs/rules/windows-powershell-commands.data /usr/share/owasp-modsecurity-crs/util /usr/share/owasp-modsecurity-crs/util/README /usr/share/owasp-modsecurity-crs/util/av-scanning /usr/share/owasp-modsecurity-crs/util/av-scanning/runAV /usr/share/owasp-modsecurity-crs/util/av-scanning/runAV/common.c /usr/share/owasp-modsecurity-crs/util/av-scanning/runAV/common.h /usr/share/owasp-modsecurity-crs/util/av-scanning/runAV/comp /usr/share/owasp-modsecurity-crs/util/av-scanning/runAV/runAV-clamd.c /usr/share/owasp-modsecurity-crs/util/av-scanning/runAV/runAV.c /usr/share/owasp-modsecurity-crs/util/av-scanning/runav.pl /usr/share/owasp-modsecurity-crs/util/browser-tools /usr/share/owasp-modsecurity-crs/util/browser-tools/js-overrides.js /usr/share/owasp-modsecurity-crs/util/crs2-renumbering /usr/share/owasp-modsecurity-crs/util/crs2-renumbering/IdNumbering.csv /usr/share/owasp-modsecurity-crs/util/crs2-renumbering/README /usr/share/owasp-modsecurity-crs/util/crs2-renumbering/update.py /usr/share/owasp-modsecurity-crs/util/geo-location /usr/share/owasp-modsecurity-crs/util/geo-location/README /usr/share/owasp-modsecurity-crs/util/honeypot-sensor /usr/share/owasp-modsecurity-crs/util/honeypot-sensor/README.md /usr/share/owasp-modsecurity-crs/util/honeypot-sensor/mlogc-honeypot-sensor.conf /usr/share/owasp-modsecurity-crs/util/honeypot-sensor/modsecurity_crs_10_honeypot.conf /usr/share/owasp-modsecurity-crs/util/id-range /usr/share/owasp-modsecurity-crs/util/join-multiline-rules /usr/share/owasp-modsecurity-crs/util/join-multiline-rules/join.py /usr/share/owasp-modsecurity-crs/util/regexp-assemble /usr/share/owasp-modsecurity-crs/util/regexp-assemble/920600.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/921421.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/921422.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/922110-chain1.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/include /usr/share/owasp-modsecurity-crs/util/regexp-assemble/include/allowed-charsets.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932100.txt /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932105.txt /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932106.txt /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932110.txt /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932115.txt /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932130.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932140.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-932150.txt /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-933131.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-933160.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-933161.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-934100.txt /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-941130.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-941160.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942120.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942130.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942140.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942150.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942170.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942180.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942190.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942200.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942210.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942240.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942260.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942280.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942300.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942310.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942320.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942330.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942340.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942350.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942360.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942370.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942380.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942390.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942400.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942410.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942470.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-942480.data /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-assemble-v2.pl /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-assemble.pl /usr/share/owasp-modsecurity-crs/util/regexp-assemble/regexp-cmdline.py /usr/share/owasp-modsecurity-crs/util/regexp-tricks /usr/share/owasp-modsecurity-crs/util/regexp-tricks/negative-lookahead.py /usr/share/owasp-modsecurity-crs/util/send-payload-pls.sh /usr/share/owasp-modsecurity-crs/util/verify.rb /usr/share/owasp-modsecurity-crs/util/virtual-patching /usr/share/owasp-modsecurity-crs/util/virtual-patching/arachni2modsec.pl /usr/share/owasp-modsecurity-crs/util/virtual-patching/zap2modsec.pl
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 30 23:23:08 2024