OWASP CRS 4.12.0 has been released, introducing new features and detections, such as the prevention of V1 cookie format usage and the inclusion of restricted files for OpenStack and Docker Compose. Additional modifications encompass ensuring consistency in multipart header tags, preventing matches of invalid commands with five characters or fewer, incorporating warnings regarding modifications to default charsets, establishing response splitting rules and tests, employing improved regex, and refining log messages.

Coreruleset Release v4.12.0

What's Changed

New features and detections

• feat: prevent V1 cookie format use by  @fzipi in  #4006
• feat: added new restricted files for openstack and docker compose by  @azurit in  #4021

Other Changes

• fix: multipart header tag consistency by  @Xhoenix in  #3992
• fix: prevent invalid commands matches on 5 characters or less (932220 PL-2, 932230 PL-1, 932232 PL-3, 932235 PL-1, 932236 PL-2, 932237 PL-3, 932238 PL-3, 932239 PL-2, 932250 PL-1, 932260 PL-1) by  @EsadCetiner in  #3735
• docs: add warning about default charsets modification by  @fzipi in  #4003
• fix: response splitting rules and tests by  @theseion in  #4009
• fix(933160): use better regex by  @fzipi in  #4010
• fix: move fopen to 933160 to resolve fp with RootAndLeafOpenCamera.jpg (933150 PL-1, 933160 PL-1) by  @EsadCetiner in  #4016
• fix(941210): update log message to reflect rule javascript word detection by  @fzipi in  #4023
• fix: remove .env from lfi-os-files.data by  @theseion in  #4024

New Contributors

• @renovate made their first contribution in  #4000

Full Changelog:  v4.11.0...v4.12.0

Release v4.12.0 · coreruleset/coreruleset