Skip to content

Releases: coreruleset/modsecurity-crs-docker

release/20241209

09 Dec 05:30
@theseion theseion
release/20241209
a366f6c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20241209

Important

This release breaks the nginx images because the config tries to load a module that doesn't exist.
Please do not use this release.

What's Changed

  • feat: add cors headers default nginx by @fzipi in #304

Full Changelog: release/20241202...release/20241209

Contributors

fzipi
Loading

release/20241202

02 Dec 15:08
@fzipi fzipi
release/20241202
7596a24
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20241202

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

  • chore(deps): update all non-major dependencies in readme.md by @renovate in #302

Full Changelog: release/20241107...release/20241202

Contributors

renovate
Loading

release/20241107

07 Nov 10:09
@theseion theseion
release/20241107
f088c94
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20241107

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

  • Fix /tmp/modsecurity/* directories permissions so nginx workers can write to them by @isavcic in #300

New Contributors

Full Changelog: release/20241030...release/20241107

Contributors

isavcic
Loading

release/20241030

30 Oct 23:37
@fzipi fzipi
release/20241030
ac69620
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20241030

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

  • chore(deps): update dependency coreruleset/coreruleset to v4.8.0 in readme.md by @renovate in #298
  • chore: remove embedded certificate in openresty image by @fzipi in #297

Full Changelog: release/20241009...release/20241030

Contributors

renovate and fzipi
Loading

release/20241009

09 Oct 16:31
@fzipi fzipi
release/20241009
1ef072c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20241009

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

  • chore(deps): update nginxinc/nginx-unprivileged docker tag to v1.27.2 in readme.md by @renovate in #293
  • fix: update upstream modsecurity.conf-recommended by @fzipi in #295
  • fix: use MODSEC_ARGUMENTS_LIMIT in SecRule for argument count limit by @Kuppit in #294

New Contributors

Full Changelog: release/20241003...release/20241009

Contributors

Kuppit, renovate, and fzipi
Loading

release/20241003

03 Oct 09:25
@fzipi fzipi
release/20241003
37d99ea
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20241003

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

  • fix: modify Nginx Dockerfile to address OWASP ModSecurity Issue #2041 by @Dr-Lazarus-V2 in #292

Full Changelog: release/20240924...release/20241003

Contributors

Dr-Lazarus-V2
Loading

release/20240924

25 Sep 02:11
@fzipi fzipi
release/20240924
443a1a7

Choose a tag to compare

View all tags
release/20240924

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

  • chore(deps): update dependency coreruleset/coreruleset to v4.7.0 in readme.md by @renovate in #291

Full Changelog: release/20240919...release/20240924

Contributors

renovate
Loading

release/20240919

19 Sep 13:10
@fzipi fzipi
release/20240919
f132f01
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20240919

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

New Contributors

Full Changelog: release/20240913...release/20240919

Contributors

Dr-Lazarus-V2
Loading

release/20240913

13 Sep 13:18
@fzipi fzipi
release/20240913
c29d1ce
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
release/20240913

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

New Contributors

Full Changelog: release/20240903...release/20240913

Contributors

WterBerg, fzipi, and stefanpejcic
Loading

release/20240903

03 Sep 16:40
@fzipi fzipi
release/20240903
1c087fc

Choose a tag to compare

View all tags
release/20240903

Important

Do not use the *nginx images in this release. They are affected by a vulnerability in libmodsecurity3 v3.0.13.

What's Changed

  • chore(deps): update all non-major dependencies in docker-bake.hcl by @renovate in #281

This release includes new versions for modsecurity v2 and libmodsecurity v3!

Package Update Change
ModSecurity2 patch 2.9.7 -> 2.9.8
ModSecurity3 patch 3.0.12 -> 3.0.13

Full Changelog: release/20240828...release/20240903

Contributors

renovate
Loading