search

solo-io / gloo

The Feature-rich, Kubernetes-native, Next-Generation API Gateway Built on Envoy
https://docs.solo.io/
Apache License 2.0
4.07k stars 434 forks source link

Upgrade modsecurity from 3.0.4 (Core Rule Set 3.2.0) to 3.0.6 (3.3.4) Core Rule Set #7779

Open bdecoste opened 1 year ago

bdecoste commented 1 year ago

Version

None

Is your feature request related to a problem? Please describe.

Gloo currently runs an older version of modsecurity and the corresponding Core Rule Set.

Describe the solution you'd like

Upgrade modsecurity from 3.0.4 (Core Rule Set 3.2.0) to 3.0.6 (3.3.4) Core Rule Set

Describe alternatives you've considered

None

Additional Context

No response

SantoDE commented 1 year ago

That's probably a dupe

bdecoste commented 1 year ago

3.0.8 has also been requested

nfuden commented 1 year ago

We have upgraded our CSR to 3.2.1 for https://github.com/solo-io/solo-projects/issues/4676

DuncanDoyle commented 2 months ago

CRS is currently at 4.3.0, so when we pick this up, we might want to move to latest (if possible): https://coreruleset.org/