Topic: ModSecurity 2.6.4 available

[Steffen]

ModSecurity 2.6.4 is now available, inlcludes Mlogc.

The stability of this release must be good and it includes some bug fixes. Mlogc old 100% cpu consume bug appears to be fixed now.
A new bug related to ctl:updateTargetByID was fixed, making apache memory grow.
The last release has a bug when reloading data from session and user collections, users running rules that use those collection must upgrade to this version.

Steffen


Changes:

09 Mar 2012 with 2.6.4
--------------------------
* Fixed Mlogc 100% CPU consume (Thanks Klaubert Herr and Ebrahim Khalilzadeh).
* Fixed ModSecurity cannot load session and user sdbm data.
* Fixed updateTargetById was creating rule unparsed content making apache memory grow.
* Code cleanup.
* Fixed @rsub adding garbage data into stream variables.
* Fixed regex for section A into mlogc-batch-load.pl (Thanks Ebrahim Khalilzadeh).
* Fixed logdata cuts message without closing it with final chars.
* Added sanitizeMatchedBytes support to verifyCPF, verifyCC and verifySSN.

[aturbide]

I believe a new bug was introduced with this version. If you use persistent collections (use the initcol cmd to setup ip and global collections), you might see tons of warnings with the term "collection_retrieve_ex: Retrieving collection " in your logs. This is due to an incorrect loglevel set for the collection routine. It won't affect the operations, just fill your logs fast.

[Steffen]

Thanks for posting.

A fix for release is on the way, planned next week. Breno wants also fix some other little things. Because it won't effect operation I shall not distribute a version with only this fix.

Steffen

[glsmith]

Hopefully Breno is making it LUA 5.2 compatible as well. I suppose I could email him myself with that one.

[maskego]

What is the mod_security_crs rules to cause this issue?
And,how to fix it?

I find that error messages at logs.It fills the log fast indeed.