Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix C9K-230327 #3191

Closed
dune73 opened this issue Apr 5, 2023 · 5 comments
Closed

Fix C9K-230327 #3191

dune73 opened this issue Apr 5, 2023 · 5 comments
Assignees
@theMiddleBlue
Labels
➖ False Negative - Evasion

Comments

@dune73
Copy link
Member

dune73 commented Apr 5, 2023

The security finding is documented in private repository as https://github.com/coreruleset/security-tracker-private/issues/7

The decision to fix this was taken in the last CRS chat: #3159 (comment)

It would be a good first rule if it was not for a confidential security finding. :)
@EkiXu
Copy link

EkiXu commented Apr 9, 2023

Hi there,I'm the reporter of issue, could I join this security-tracker-private? Or how can I dissucss with you.

@dune73
Copy link
Member Author

dune73 commented Apr 10, 2023

Hello @EkiXu. Thanks for writing in. Nothing important in the tracker. But you can reach us via security // coreruleset.org

@dune73
Copy link
Member Author

dune73 commented Jun 5, 2023

@theMiddleBlue volunteered to provide a PR ASAP.

@fzipi
Copy link
Member

fzipi commented Jul 17, 2023

@theMiddleBlue we are still pending the fix for this one.

@RedXanadu
Copy link
Member

@fzipi I think this was resolved in #3237.

Can we close this issue? I don't think anything is outstanding.

@fzipi fzipi closed this as completed Jul 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@theMiddleBlue theMiddleBlue

Labels
➖ False Negative - Evasion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@dune73 @fzipi @theMiddleBlue @RedXanadu @EkiXu