-
Notifications
You must be signed in to change notification settings - Fork 8.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update OWASP CRS to 4.4.0 #11510
Comments
This issue is currently awaiting triage. If Ingress contributors determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
It may also be worth noting that 4.x introduces the concept of plugins to the CRS:
Perhaps in a future PR, it makes sense to take the plugin configs as Getting the CRS updated to |
oh, this plugin thing is not 100% info. As in the impact on controller and managing expectations related to it. cc @tao12345666333 seek comments because there is a PR now to bump OWASP which introduces previsously non0-existing feature of plugins for rulesets |
I'd like to see the bundled
OWASP_CRS/3.3.5
be updated to4.4.0
. You can view the changes to the major version in the release notes for4.0.0
.Currently, in the logs, while using the helm chart (version
4.10.1
), I see:Which tracks with:
ingress-nginx/images/nginx/rootfs/build.sh
Line 66 in f228895
3.3.5
is from July last year.4.4.0
would put us at June of this year.Semi related to #10744 but that one is about updating ModSecurity itself, not the core rule set.
If all that's needed is submitting a PR to update that one line in
images/nginx/rootfs/build.sh
, I can submit that PR.Thanks!
The text was updated successfully, but these errors were encountered: