Author Topic: Rules Updates: Changelog  (Read 33199 times)

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Rules Updates: Changelog
« on: January 28, 2014, 07:55:55 AM »
New rules released
Version 0.35 - 2014.01.28
  - CVE-2013-7187
  - False positives fixed:
      Joomla
      WHMCS
      Silverstripe CMS
      Wordpress
      IP Board
      and others
« Last Edit: January 28, 2014, 08:04:29 AM by TDmitry »

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14623
    • Video Blog
Re: Rules Updates: Changelog
« Reply #1 on: January 29, 2014, 04:35:51 PM »
good job guys!

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #2 on: February 04, 2014, 07:51:10 AM »
New rules released
Version 0.36 - 2014.02.04
  - CVE-2013-7002
  - categories support
  - small fixes

Offline designcentre

  • Comodo Member
  • **
  • Posts: 48
Re: Rules Updates: Changelog
« Reply #3 on: February 04, 2014, 02:54:37 PM »
With the new rules update I've seen the PCRE error appear again :(

Rule 7f0a958 [id "220020"][file "/var/cpanel/cwaf/rules/cwaf_05.conf"][line "56"] - Execution error - PCRE limits exceeded (-8): (null).

Reverting the rules back to previous version stops the PCRE errors

Offline designcentre

  • Comodo Member
  • **
  • Posts: 48
Re: Rules Updates: Changelog
« Reply #4 on: February 04, 2014, 03:09:51 PM »
Note on reverting back to previous rules and restarting httpd cause apache to fail to start no matter what was tried. Uninstalling CWAF resolved the problem and apache restarted. Going to reload & see what happens with new version & rules...

***edit***

Reinstalled complete new version, and now the PCRE errors have disappeared again
« Last Edit: February 04, 2014, 03:47:56 PM by designcentre »

Offline chuvadenovembro

  • Newbie
  • *
  • Posts: 16
Re: Rules Updates: Changelog
« Reply #5 on: February 04, 2014, 07:59:30 PM »
Quote
Reinstalled complete new version, and now the PCRE errors have disappeared again

Me too :D

EDIT: I had not updated the rules, the problem still persists: (
« Last Edit: February 04, 2014, 08:08:08 PM by chuvadenovembro »

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #6 on: February 11, 2014, 07:35:41 AM »
New rules released
Version 0.37 - 2014.02.11
  - CVE-2012-6621
  - CVE-2014-1206
  - CVE-2014-1683
  - CVE-2014-1610

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #7 on: February 18, 2014, 05:34:22 AM »
New rules released
Version 0.38 - 2014.02.18
  - CVE-2014-1619
  - CVE-2014-0793
  - CVE-2014-0794

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #8 on: February 25, 2014, 11:42:37 AM »
New rules released
Version 0.39 - 2014.02.25
  - CVE-2014-0010
  - CVE-2013-1852
  - CVE-2012-6628

Version 0.40 - 2014.02.26
  - CVE-2012-6628 hotfix

Version 0.41 - 2014.03.04
  - CVE-2013-1466
  - CVE-2013-3933
  - CVE-2013-3639

Version 0.42 - 2014.03.11
  - CVE-2014-1914
  - CVE-2013-7319
  - CVE-2013-7326

Version 0.43 - 2014.03.12
  - CVE-2012-6628 hotfix

Version 0.44 - 2014.03.18
  - CVE-2013-5983
  - CVE-2014-1403

Version 0.45 - 2014.03.25
  - CVE-2014-1401
  - CVE-2014-1459
  - CVE-2012-6625
  - CVE-2012-6622
  - CVE-2012-6623

Version 0.46 - 2014.04.01
  - CVE-2012-6624
  - CVE-2014-1879

Version 0.47 - 2014.04.08
  - CVE-2014-1915

Version 0.48 - 2014.04.15
  - CVE-2014-1907
  - CVE-2013-1759
  - CVE-2013-3478
  - CVE-2013-5953

Version 1.00-1.03 - 2014-04-29
  - Completely new rules set

Version 1.04-1.08 - 2014-05-06
  - False positives fixed

Version 1.09 - 2014-05-12
  - CVE-2013-7334
  - CVE-2014-1945
  - False positives fixed

Version 1.10 - 2014-05-20
  - CVE-2014-2088
  - CVE-2014-2089
  - CVE-2014-2090
  - False positives fixed

Version 1.11 - 2014.05.27
  - CVE-2013-1409
  - CVE-2013-5952
  - CVE-2014-2219
  - CVE-2014-2091
  - False positives fixed

Version 1.12 - 2014.06.03
 - CVE-2014-1944
 - CVE-2013-3961
 - CVE-2014-0334
 - False positives fixed

Version 1.13 - 2014.06.12
 - CVE-2014-2316
 - CVE-2014-2092
 - CVE-2014-3246
 - Bruteforce protection (disabled by default)
 - User defined white list of User-Agents
 - False positives fixed

Version 1.14 - 2014.07.02
 - CVE-2014-3246
 - CVE-2014-3247
 - CVE-2014-2040
 - CVE-2014-1906
 - CVE-2013-1758
 - CVE-2014-2317
 - CVE-2014-2315
 - CVE-2013-2754
 - Bruteforce protection
 - Userdata whitelists

Version 1.15 - 2014.07.23
 - CVE-2013-5955
 - CVE-2014-2280
 - CVE-2014-1840
 - CVE-2014-2211
 - CVE-2014-2024
 - CVE-2014-1877
 - CVE-2012-1563
 - CVE-2014-2245

Version 1.16 - 2014.07.29
 - Bruteforce protection update
 - CVE-2013-0734

Version 1.17 - 2014.08.19
 - CVE-2013-5640
 - CVE-2013-5639
 - CVE-2013-2695
 - CVE-2013-2694
 - CVE-2013-2559
 - CVE-2014-1401 updated
 - XML quadratic blowup attack
 - userdata_bl_agents
« Last Edit: September 10, 2014, 12:24:33 PM by TDmitry »

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #9 on: September 10, 2014, 12:24:57 PM »
Version 1.18 - 2014.09.10
 - Removed few XSS FPs
 - Performance optimization
 - Slowloris HTTP protection
 - CVE-2014-5266
 - CVE-2013-7346
 - CVE-2013-4430
 - CVE-2014-3123
 - CVE-2014-3783
 - CVE-2012-6644
 - CVE-2012-6642
 - CVE-2012-6643
 - userdata_login_pages
 - Joomla extra rule

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #10 on: October 03, 2014, 07:31:08 AM »
Version 1.19 - 2014.10.01
 - CVE-2014-2708
 - CVE-2014-2579
 - CVE-2014-2340
 - CVE-2014-3845
 - CVE-2013-2107
 - CVE-2013-2705
 - CVE-2013-2700
 - CVE-2014-3870
 - CVE-2013-7375
 - CVE-2014-1613

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #11 on: October 21, 2014, 11:26:15 AM »
Version 1.20 - 2014.10.21
 - CVE-2014-3843
 - CVE-2014-3210
 - CVE-2014-4513
 - CVE-2014-4515
 - CVE-2014-4518
Shellshock:
 - CVE-2014-6271
 - CVE-2014-6277
 - CVE-2014-6278
 - CVE-2014-7169
 - CVE-2014-7186
 - СVE-2014-7187

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #12 on: November 12, 2014, 07:39:38 AM »
Version 1.21 - 2014.11.12
 - CVE-2013-4380
 - CVE-2014-3453
 - CVE-2013-1803
 - CVE-2014-4194
 - CVE-2014-4195
 - CVE-2014-4520
 - CVE-2014-5108
 - Extra Joomla protection rule
 - Extra Wordpress protection rule

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 23807
Re: Rules Updates: Changelog
« Reply #13 on: December 29, 2014, 10:51:23 AM »
Version 1.23 - 2014.12.29

This version contains new improved structure of categories and rules groups.

All current excludes will be automatically migrated to the new structure during update.

This rule set required client version 2.1.1 and higher.

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 365
Re: Rules Updates: Changelog
« Reply #14 on: January 08, 2015, 06:49:12 AM »
Version 1.22 - 2014.12.29
 - CVE-2014-4853
 - CVE-2014-3992
 - CVE-2014-3991
 - CVE-2014-4528
 - CVE-2013-1407
 - CVE-2014-2558
 - CVE-2012-4915
 - CVE-2014-3921
 - CVE-2014-4846
 - CVE-2014-4847
 - CVE-2014-4848
 - CVE-2014-4938
 - CVE-2014-4541
 - CVE-2014-3777
 - CVE-2014-3920
 - CVE-2014-4955
 - CVE-2014-4531
 - CVE-2014-4532
 - CVE-2014-4854
 - CVE-2014-4845
 - CVE-2014-4937
 - CVE-2014-4850
 - CVE-2014-3544
 - CVE-2014-3549
 - CVE-2014-4568
 - CVE-2014-4589
 - CVE-2014-4960
 - Fixed WHMCS falses
 - some performance modifications

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek