Join Trustwave at the 2023 Gartner Security & Risk Management Summit in London, September 26-28. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Join Trustwave at the 2023 Gartner Security & Risk Management Summit in London, September 26-28. Learn More
We are announcing the release of ModSecurity version 3.0.9 (libModSecurity). This version contains a mixture of enhancements and bug fixes.
In some configurations with certain inputs, this bug could result in a segfault and a resultant crash of a worker process. A large volume of such requests sent very quickly could lead to the server becoming slow or unresponsive to legitimate requests. This item has been assigned CVE-2023-28882.
Additional information on the release, including the source (and hashes/signatures), is available at: https://github.com/SpiderLabs/ModSecurity/releases/tag/v3.0.9
The list of open issues is available on GitHub: https://github.com/SpiderLabs/ModSecurity/issues
Thanks to everybody who helped in this process: reporting issues, making comments and suggestions, sending patches, etc.
Copyright © 2023 Trustwave Holdings, Inc. All rights reserved.