Announcing ModSecurity v2.9.0 Stable Release

The SpiderLabs Research - ModSecurity Team is proud to announce the stable release of version 2.9.0 which contains bug fixes reported during the Release Candidate (RC) phase. The most important change from v2.9.0-RC2 to v2.9.0:

  • Fix apr_crypto.h include, now checking if apr_crypto.h is available by checking the definition WITH_APU_CRYPTO. [martinjina and ModSecurity team]

A complete list of changes from 2.8.0 to 2.9.0 is available here: https://github.com/SpiderLabs/ModSecurity/releases

The source and binaries (and the respective hashes) are available at: https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.0

SHA256(modsecurity-2.9.0.tar.gz)= e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434

SHA256(ModSecurityIIS_2.9.0-32b.msi)= 3e7fc5e48c43738352935a2cc58dcd9272ed9e6d8ef4f6d57609183bcc443a57

SHA256(ModSecurityIIS_2.9.0-64b.msi)= cda1abf2c2e6f58b4dd33f4a16ab84c8b861663957dbdc2cf8ad7a4df1ad6645

We would like to thank you all the community members that took the time to help to test both release candidates and provide feedback by opening GitHub Issue tickets. This community support is critical to the success of the project. Thanks!

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.